Aide
bonsoir, voila mon probleme j'ai un antivirus avira depuis 1an il ma demandé le renouvelllement , mais celui ci ma installé sur la barre d'outils avira toolbar ask ;depuis le parapluie de avira est toujours fermé je n'arrive plus a ouvrir internet explorer,plus a ouvrir le centre de securité, plus messenger jarrive seulement a ouvrir mozila firefox, je suis donc aller deésinstaller le avira dans le panneau de confuguration est rien il ne veut pas partir il me dit impossible, voila si quelqun peut m'aider ?merci
Avira Search Free Toolbar Plus Web protection
Noter :
#2
Apollo 
- Devil Member !
-
- Groupe : Equipe Sécurité
- Messages : 14909
- Inscrit(e) : 21-novembre 04
Posté 15 septembre 2011 - 02:57
Bonjour,
Ne me dis pas qu'ils installent cette merde d'Ask Toolbar sur un logiciel payé?!?
Essaie de le désinstaller en mode sans échec. Comment démarrer Windows en mode sans échec : Astuces pour Dépanner Windows XP
Sinon, va demander chez eux comment procéder; ils ne sont même pas foutus de proposer un remover comme tous les autres antivirus. AntiVir Personal für Windows - Avira Support Forum
Il n'y a pas qu'antivir en gratuit:
Antivirus Gratuit | Logiciel Antivirus Recommandé | AVG France AVG Free Antivirus en français : Antivirus - Anti-malwares
Et si tu dois payer pour une licence, il y a bien meilleur qu'Antivir. (ESET, Kaspersky, DrWeb, Trend).
@++
Ne me dis pas qu'ils installent cette merde d'Ask Toolbar sur un logiciel payé?!?
Essaie de le désinstaller en mode sans échec. Comment démarrer Windows en mode sans échec : Astuces pour Dépanner Windows XP
Sinon, va demander chez eux comment procéder; ils ne sont même pas foutus de proposer un remover comme tous les autres antivirus. AntiVir Personal für Windows - Avira Support Forum
Il n'y a pas qu'antivir en gratuit:
Antivirus Gratuit | Logiciel Antivirus Recommandé | AVG France AVG Free Antivirus en français : Antivirus - Anti-malwares
Et si tu dois payer pour une licence, il y a bien meilleur qu'Antivir. (ESET, Kaspersky, DrWeb, Trend).
@++
- Ne pas utiliser ComboFix ou The Avenger sauf demande expresse d'un membre du groupe sécurité de Zébulon! Trouver le rapport d'Antivir.- Je ne réponds pas aux demandes d'aide par MP-Antispam 32/64 Bits. Créez votre propre sujet avec le bouton "Commencer un sujet".
- Vista-XP.fr- Ne postez pas sur plus d'un forum pour traiter le même sujet! Respectez les helpers svp. Restaurer le Hosts - Kaspersky Virus Removal Tool - Microsoft FixIt Center - Failles de niveau critique - Kaspersky Password Manager - Je ne recommande plus Antivir Free qui installe Ask Toolbar.- Stocker mots de passe - A tenir à jour! - HEBERGEZ VOS LONGS RAPPORTS, NOM D'UNE PIPE! - ROGUES!
#3
lou37
- Junior Member
-
- Groupe : Membres
- Messages : 20
- Inscrit(e) : 25-octobre 09
Posté 15 septembre 2011 - 08:12
toujours impossible de le désinLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:18:39, on 15/09/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: °¢[«œxYªœvXªœuX©štW©˜sW©˜rW¨—qV§–pU¦•oU¦”mT¥“kTj4C„n9DŸŽdQ‹aO—…XM|d,@}e-A}e-A}e-A}e-A}e-A}e-A}e-A}e-A}e-Af-A‰n/F›~
£†BSªŽOZž@dŽo-f†f
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1085031214-583907252-1606980848-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1085031214-583907252-1606980848-1004 Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User '?')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.tous...fig_4_6_0_1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: olMntrService - Unknown owner - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Windows Search (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
O24 - Desktop Component 0: (no name) - http://fr.ask.com/target=
--
End of file - 7726 bytes
staller que faire ?je post un rapport si quelqun peut m'aider
Scan saved at 21:18:39, on 15/09/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: °¢[«œxYªœvXªœuX©štW©˜sW©˜rW¨—qV§–pU¦•oU¦”mT¥“kTj4C„n9DŸŽdQ‹aO—…XM|d,@}e-A}e-A}e-A}e-A}e-A}e-A}e-A}e-A}e-Af-A‰n/F›~
£†BSªŽOZž@dŽo-f†fO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1085031214-583907252-1606980848-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1085031214-583907252-1606980848-1004 Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User '?')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.tous...fig_4_6_0_1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: olMntrService - Unknown owner - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Windows Search (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
O24 - Desktop Component 0: (no name) - http://fr.ask.com/target=
--
End of file - 7726 bytes
staller que faire ?je post un rapport si quelqun peut m'aider
#4
Apollo
- Devil Member !
-
- Groupe : Equipe Sécurité
- Messages : 14909
- Inscrit(e) : 21-novembre 04
Posté 15 septembre 2011 - 08:29
Bonsoir,
Tu n'as pas demandé sur le forum Avira?
Ton pc est infecté.
:arrow: Télécharge HostsXpert de funkytoad et enregistre le sur ton bureau.
C'est un utilitaire qui va réinitialiser ton fichier Hosts.
Réactive ton antivirus.
--------------------------
ensuite:
Télécharge AdwCleaner par Xplode: Téléchargements de logiciels - Outils de Xplode - AdwCleaner
Enregistre-le sur le bureau (et pas ailleurs).
Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.
Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.
Clique sur Recherche et laisse travailler l'outil.
Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.
Le rapport est en outre sauvegardé sous C:\AdwCleaner[R1]
++
Tu n'as pas demandé sur le forum Avira?
Ton pc est infecté.
:arrow: Télécharge HostsXpert de funkytoad et enregistre le sur ton bureau.
C'est un utilitaire qui va réinitialiser ton fichier Hosts.
- Décompresse-le (Clic droit sur le fichier téléchargé puis Extraire tout)
- Désactive l'antivirus, le temps de la manipulation.
- Si tu es sous Vista/Seven Clique droit sur HostsXpert.exe et choisis Exécuter en tant qu'administrateur
Si tu es sous XP, Double-clique sur HostsXpert.exe
- Vérifie que le cadenas en haut à gauche de la fenêtre est bien ouvert:
- Si c'est le cas, clique sur le bouton Restore MS Hosts File. Un message te demandant confirmation va s'afficher. Confirme la restauration du fichier Hosts par défaut de Microsoft en cliquant sur OK puis ferme le programme.
Réactive ton antivirus.
--------------------------
ensuite:
Télécharge AdwCleaner par Xplode: Téléchargements de logiciels - Outils de Xplode - AdwCleaner
Enregistre-le sur le bureau (et pas ailleurs).
Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.
Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.
Clique sur Recherche et laisse travailler l'outil.
Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.
Le rapport est en outre sauvegardé sous C:\AdwCleaner[R1]
++
- Ne pas utiliser ComboFix ou The Avenger sauf demande expresse d'un membre du groupe sécurité de Zébulon! Trouver le rapport d'Antivir.- Je ne réponds pas aux demandes d'aide par MP-Antispam 32/64 Bits. Créez votre propre sujet avec le bouton "Commencer un sujet".
- Vista-XP.fr- Ne postez pas sur plus d'un forum pour traiter le même sujet! Respectez les helpers svp. Restaurer le Hosts - Kaspersky Virus Removal Tool - Microsoft FixIt Center - Failles de niveau critique - Kaspersky Password Manager - Je ne recommande plus Antivir Free qui installe Ask Toolbar.- Stocker mots de passe - A tenir à jour! - HEBERGEZ VOS LONGS RAPPORTS, NOM D'UNE PIPE! - ROGUES!
#5
lou37
- Junior Member
-
- Groupe : Membres
- Messages : 20
- Inscrit(e) : 25-octobre 09
Posté 16 septembre 2011 - 01:44
bonjour, je te remercie de m'aider , donc jai téléchargé leHostsXpert.exe puis le ADWCLEANER et quand je lannce la recherche jai un message d'erreur(line 1974(file"C:doculents and settings poste bureau adwcleaner.exe)error:error in expression je comprend pas cequil se passe 
a plus jai essayé ça je ne sais pas si jai bien fait, oh faites je suis allé alleé sur le forum d'avira mais il dise seulement les baes pour désinstaller avira mais comme je narrive pas a le viré de mon pc ; donc jai essayé OTL je t'envoie le rapport il est long
OTL logfile created on: 16/09/2011 14:57:38 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free
866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS
Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ)
SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
========== Driver Services (SafeList) ==========
DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M]
[2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions
[2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions
[2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com
[2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com
[2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml
[2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France)
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.tous...fig_4_6_0_1.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://fr.ask.com/target=
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent
[2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
[2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe
[2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat
[2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll
[2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe
[2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll
[2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe
[2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll
[2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll
[2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll
[2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll
[2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe
[2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll
[2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll
[2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll
[2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll
[2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll
[2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll
[2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll
[2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll
[2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll
[2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe
[2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll
[2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll
[2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll
[2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll
[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll
[2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll
[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll
[2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll
[2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll
[2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll
[2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll
[2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll
[2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll
[2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll
[2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll
[2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll
[2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll
[2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll
[2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll
[2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll
[2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll
[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll
[2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll
[2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll
[2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll
[2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll
[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll
[2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll
[2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll
[2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll
[2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll
[2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll
[2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys
[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll
[2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll
[2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
< End of report >
OTL logfile created on: 16/09/2011 14:57:38 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free
866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS
Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ)
SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
========== Driver Services (SafeList) ==========
DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M]
[2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions
[2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions
[2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com
[2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com
[2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml
[2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France)
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.tous...fig_4_6_0_1.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://fr.ask.com/target=
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent
[2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
[2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe
[2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat
[2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll
[2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe
[2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll
[2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe
[2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll
[2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll
[2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll
[2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll
[2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe
[2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll
[2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll
[2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll
[2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll
[2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll
[2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll
[2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll
[2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll
[2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll
[2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe
[2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll
[2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll
[2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll
[2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll
[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll
[2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll
[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll
[2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll
[2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll
[2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll
[2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll
[2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll
[2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll
[2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll
[2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll
[2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll
[2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll
[2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll
[2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll
[2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll
[2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll
[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll
[2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll
[2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll
[2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll
[2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll
[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll
[2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll
[2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll
[2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll
[2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll
[2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll
[2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys
[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll
[2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll
[2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
< End of report >
OTL logfile created on: 16/09/2011 14:57:38 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free
866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS
Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ)
SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
========== Driver Services (SafeList) ==========
DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M]
[2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions
[2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions
[2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com
[2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com
[2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml
[2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France)
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.tous...fig_4_6_0_1.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://fr.ask.com/target=
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent
[2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
[2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe
[2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat
[2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll
[2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe
[2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll
[2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe
[2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll
[2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll
[2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll
[2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll
[2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe
[2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll
[2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll
[2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll
[2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll
[2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll
[2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll
[2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll
[2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll
[2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll
[2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe
[2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll
[2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll
[2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll
[2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll
[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll
[2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll
[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll
[2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll
[2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll
[2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll
[2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll
[2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll
[2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll
[2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll
[2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll
[2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll
[2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll
[2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll
[2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll
[2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll
[2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll
[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll
[2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll
[2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll
[2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll
[2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll
[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll
[2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll
[2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll
[2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll
[2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll
[2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll
[2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys
[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll
[2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll
[2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
< End of report >
a plus jai essayé ça je ne sais pas si jai bien fait, oh faites je suis allé alleé sur le forum d'avira mais il dise seulement les baes pour désinstaller avira mais comme je narrive pas a le viré de mon pc ; donc jai essayé OTL je t'envoie le rapport il est longOTL logfile created on: 16/09/2011 14:57:38 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free
866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS
Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ)
SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
========== Driver Services (SafeList) ==========
DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M]
[2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions
[2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions
[2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com
[2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com
[2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml
[2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France)
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.tous...fig_4_6_0_1.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://fr.ask.com/target=
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent
[2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
[2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe
[2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat
[2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll
[2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe
[2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll
[2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe
[2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll
[2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll
[2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll
[2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll
[2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe
[2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll
[2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll
[2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll
[2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll
[2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll
[2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll
[2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll
[2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll
[2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll
[2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe
[2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll
[2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll
[2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll
[2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll
[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll
[2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll
[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll
[2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll
[2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll
[2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll
[2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll
[2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll
[2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll
[2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll
[2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll
[2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll
[2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll
[2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll
[2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll
[2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll
[2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll
[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll
[2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll
[2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll
[2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll
[2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll
[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll
[2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll
[2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll
[2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll
[2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll
[2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll
[2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys
[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll
[2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll
[2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
< End of report >
OTL logfile created on: 16/09/2011 14:57:38 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free
866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS
Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ)
SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
========== Driver Services (SafeList) ==========
DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M]
[2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions
[2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions
[2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com
[2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com
[2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml
[2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France)
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.tous...fig_4_6_0_1.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://fr.ask.com/target=
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent
[2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
[2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe
[2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat
[2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll
[2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe
[2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll
[2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe
[2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll
[2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll
[2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll
[2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll
[2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe
[2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll
[2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll
[2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll
[2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll
[2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll
[2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll
[2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll
[2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll
[2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll
[2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe
[2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll
[2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll
[2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll
[2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll
[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll
[2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll
[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll
[2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll
[2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll
[2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll
[2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll
[2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll
[2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll
[2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll
[2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll
[2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll
[2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll
[2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll
[2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll
[2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll
[2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll
[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll
[2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll
[2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll
[2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll
[2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll
[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll
[2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll
[2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll
[2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll
[2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll
[2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll
[2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys
[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll
[2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll
[2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
< End of report >
OTL logfile created on: 16/09/2011 14:57:38 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free
866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS
Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ)
SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
========== Driver Services (SafeList) ==========
DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M]
[2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions
[2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions
[2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com
[2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com
[2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml
[2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France)
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.tous...fig_4_6_0_1.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://fr.ask.com/target=
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent
[2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
[2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe
[2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe
[2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe
[2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe
[2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip
[2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk
[2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk
[2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat
[2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll
[2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe
[2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll
[2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe
[2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll
[2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll
[2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll
[2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll
[2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe
[2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll
[2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll
[2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll
[2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll
[2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll
[2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll
[2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll
[2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll
[2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll
[2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe
[2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll
[2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll
[2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll
[2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll
[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll
[2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll
[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll
[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll
[2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll
[2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll
[2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll
[2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll
[2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll
[2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll
[2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll
[2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll
[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll
[2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll
[2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll
[2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll
[2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll
[2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll
[2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll
[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll
[2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll
[2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll
[2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll
[2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll
[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll
[2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll
[2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll
[2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll
[2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll
[2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll
[2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys
[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll
[2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll
[2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
< End of report >
Ce message a été modifié par lou37 - 16 septembre 2011 - 02:01 .
#6
lou37
- Junior Member
-
- Groupe : Membres
- Messages : 20
- Inscrit(e) : 25-octobre 09
Posté 16 septembre 2011 - 02:02
OTL Extras logfile created on: 16/09/2011 14:57:38 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free
866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS
Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}" = Kit de Connexion Alice ADSL
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{7882C030-705A-45FF-A705-DC6089DC51BF}" = SIMPLE_WAY
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}" = Ma-Config.com
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar
"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Français
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AliceSAV" = Alice Auto-diagnostic
"aTube Catcher" = aTube Catcher
"CCleaner" = CCleaner
"Creative PC-CAM Center" =
"Creative PD1110" = Creative WebCam NX Driver (1.02.01.0827)
"Creative WebCam Monitor" = Creative WebCam Monitor
"DivX Setup.divx.com" = Configuration DivX
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Mozilla Firefox 6.0.2 (x86 fr)" = Mozilla Firefox 6.0.2 (x86 fr)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"uTorrent" = µTorrent
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GP Vs Superbike" = GP Vs Superbike
"PhotoFiltre" = PhotoFiltre
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15/09/2011 14:23:14 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008
Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST
n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de
restriction logicielle. La confiance en l'objet ne peut pas être établie.
Error - 15/09/2011 14:24:42 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008
Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST
n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de
restriction logicielle. La confiance en l'objet ne peut pas être établie.
Error - 15/09/2011 14:31:13 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008
Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST
n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de
restriction logicielle. La confiance en l'objet ne peut pas être établie.
Error - 15/09/2011 14:32:01 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008
Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST
n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de
restriction logicielle. La confiance en l'objet ne peut pas être établie.
Error - 15/09/2011 14:34:28 | Computer Name = ARAUJO | Source = Application Error | ID = 1000
Description = Application défaillante explorer.exe, version 6.0.2900.5512, module
défaillant user32.dll, version 5.1.2600.5512, adresse de défaillance 0x00009de9.
Error - 15/09/2011 14:34:41 | Computer Name = ARAUJO | Source = Application Error | ID = 1000
Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant
dbghelp.dll, version 5.1.2600.5512, adresse de défaillance 0x0001295d.
Error - 15/09/2011 14:46:11 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 10005
Description = Produit : Adobe Reader X (10.1.1) - Français -- Erreur 2331. Erreur
lors du chargement de la bibliothèque MSPATCHA ou de la recherche du point d'entrée
ApplyPatchToFileByHandlesEx.
Error - 15/09/2011 14:46:15 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1024
Description = Produit : Adobe Reader X (10.1.1) - Français - La mise à jour 'Adobe
Reader X (10.1.1)' n'a pas pu être installée. Code d'erreur 1603. Windows Installer
peut créer des journaux pour faciliter la résolution des éventuelles erreurs d'installation
des packages logiciels. Utilisez le lien suivant pour afficher des instructions
concernant l'activation des journaux : http://go.microsoft....k/?LinkId=23127
Error - 16/09/2011 08:19:01 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 10005
Description = Produit : Adobe Reader X (10.1.1) - Français -- Erreur 2331. Erreur
lors du chargement de la bibliothèque MSPATCHA ou de la recherche du point d'entrée
ApplyPatchToFileByHandlesEx.
Error - 16/09/2011 08:19:14 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1024
Description = Produit : Adobe Reader X (10.1.1) - Français - La mise à jour 'Adobe
Reader X (10.1.1)' n'a pas pu être installée. Code d'erreur 1603. Windows Installer
peut créer des journaux pour faciliter la résolution des éventuelles erreurs d'installation
des packages logiciels. Utilisez le lien suivant pour afficher des instructions
concernant l'activation des journaux : http://go.microsoft....k/?LinkId=23127
[ System Events ]
Error - 16/09/2011 08:36:45 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:40:47 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:42:15 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:42:47 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:43:19 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:43:50 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:44:20 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:44:50 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:45:20 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:54:02 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
< End of report >
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free
866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS
Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}" = Kit de Connexion Alice ADSL
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{7882C030-705A-45FF-A705-DC6089DC51BF}" = SIMPLE_WAY
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}" = Ma-Config.com
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar
"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Français
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AliceSAV" = Alice Auto-diagnostic
"aTube Catcher" = aTube Catcher
"CCleaner" = CCleaner
"Creative PC-CAM Center" =
"Creative PD1110" = Creative WebCam NX Driver (1.02.01.0827)
"Creative WebCam Monitor" = Creative WebCam Monitor
"DivX Setup.divx.com" = Configuration DivX
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Mozilla Firefox 6.0.2 (x86 fr)" = Mozilla Firefox 6.0.2 (x86 fr)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"uTorrent" = µTorrent
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GP Vs Superbike" = GP Vs Superbike
"PhotoFiltre" = PhotoFiltre
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15/09/2011 14:23:14 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008
Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST
n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de
restriction logicielle. La confiance en l'objet ne peut pas être établie.
Error - 15/09/2011 14:24:42 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008
Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST
n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de
restriction logicielle. La confiance en l'objet ne peut pas être établie.
Error - 15/09/2011 14:31:13 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008
Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST
n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de
restriction logicielle. La confiance en l'objet ne peut pas être établie.
Error - 15/09/2011 14:32:01 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1008
Description = L'installation de C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1036.MST
n'est pas autorisée en raison d'une erreur lors du traitement de la stratégie de
restriction logicielle. La confiance en l'objet ne peut pas être établie.
Error - 15/09/2011 14:34:28 | Computer Name = ARAUJO | Source = Application Error | ID = 1000
Description = Application défaillante explorer.exe, version 6.0.2900.5512, module
défaillant user32.dll, version 5.1.2600.5512, adresse de défaillance 0x00009de9.
Error - 15/09/2011 14:34:41 | Computer Name = ARAUJO | Source = Application Error | ID = 1000
Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant
dbghelp.dll, version 5.1.2600.5512, adresse de défaillance 0x0001295d.
Error - 15/09/2011 14:46:11 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 10005
Description = Produit : Adobe Reader X (10.1.1) - Français -- Erreur 2331. Erreur
lors du chargement de la bibliothèque MSPATCHA ou de la recherche du point d'entrée
ApplyPatchToFileByHandlesEx.
Error - 15/09/2011 14:46:15 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1024
Description = Produit : Adobe Reader X (10.1.1) - Français - La mise à jour 'Adobe
Reader X (10.1.1)' n'a pas pu être installée. Code d'erreur 1603. Windows Installer
peut créer des journaux pour faciliter la résolution des éventuelles erreurs d'installation
des packages logiciels. Utilisez le lien suivant pour afficher des instructions
concernant l'activation des journaux : http://go.microsoft....k/?LinkId=23127
Error - 16/09/2011 08:19:01 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 10005
Description = Produit : Adobe Reader X (10.1.1) - Français -- Erreur 2331. Erreur
lors du chargement de la bibliothèque MSPATCHA ou de la recherche du point d'entrée
ApplyPatchToFileByHandlesEx.
Error - 16/09/2011 08:19:14 | Computer Name = ARAUJO | Source = MsiInstaller | ID = 1024
Description = Produit : Adobe Reader X (10.1.1) - Français - La mise à jour 'Adobe
Reader X (10.1.1)' n'a pas pu être installée. Code d'erreur 1603. Windows Installer
peut créer des journaux pour faciliter la résolution des éventuelles erreurs d'installation
des packages logiciels. Utilisez le lien suivant pour afficher des instructions
concernant l'activation des journaux : http://go.microsoft....k/?LinkId=23127
[ System Events ]
Error - 16/09/2011 08:36:45 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:40:47 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:42:15 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:42:47 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:43:19 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:43:50 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:44:20 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:44:50 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:45:20 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
Error - 16/09/2011 08:54:02 | Computer Name = ARAUJO | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.
< End of report >
#7
lou37
- Junior Member
-
- Groupe : Membres
- Messages : 20
- Inscrit(e) : 25-octobre 09
Posté 21 septembre 2011 - 01:39
tu ma laissé tomber? je te donne des nouvelles , jai reussi a viré ask toolbar de avira de mon pc , mais depuis je n'ai plus la possibilité de restaurer mon systeme , ni acces au centre de securité jai plus d'antivirus enfin , jessaye en mode sans echec la restauration mais rien jai un message qui s'affiche restauration systeme ne peut pas proteger votre ordinateur, faites redemarrer votre ordinateur, puis relancez restauration systeme. je sais plus quoi faites aider moi ?
#8
Apollo
- Devil Member !
-
- Groupe : Equipe Sécurité
- Messages : 14909
- Inscrit(e) : 21-novembre 04
Posté 21 septembre 2011 - 02:51
Bonjour,
Je ne laisse jamais tomber personne, mais tu lances des analyses avec des outils que je n'ai même pas demandés. (OTL par exemple)
Pense aussi que je suis un humain, bénévole et qui a parfois autre-chose à faire dans la vie que m'occuper d'un ordinateur.
J'ai une famille, des amis, comme toi et ça compte pour moi.
Ou tu fais ce que je demande ou tu trouves un autre conseiller. Où sont les rapports d'adwcleaner?
On a de plus en plus tendance à nous prendre pour des robots et ça je ne l'accepte pas.
Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.
Ne pas utiliser en dehors de ce cas de figure.
Désactive ton antivirus, firewall et antispyware le temps de l'analyse.
Si vous ne savez pas comment faire, reportez-vous à cet article.
Connecter les supports amovibles (clé usb et autres) avant de procéder.
Tutoriel officiel
Télécharge ComboFix sur ton bureau (et pas ailleurs).
Si tu perds la connexion après le passage de ComboFix, voici comment la réparer ICI.
NB: Si malgré tout, tu ne parviens pas à réparer la connexion, lis ce sujet stp.
Si le message: "Tentative d'opération non autorisée sur une clé du Registre marquée pour suppression".
apparaissait, redémarrer le pc.
Je ne laisse jamais tomber personne, mais tu lances des analyses avec des outils que je n'ai même pas demandés. (OTL par exemple)
Pense aussi que je suis un humain, bénévole et qui a parfois autre-chose à faire dans la vie que m'occuper d'un ordinateur.
J'ai une famille, des amis, comme toi et ça compte pour moi.
Ou tu fais ce que je demande ou tu trouves un autre conseiller. Où sont les rapports d'adwcleaner?
On a de plus en plus tendance à nous prendre pour des robots et ça je ne l'accepte pas.
Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.
Ne pas utiliser en dehors de ce cas de figure.
Désactive ton antivirus, firewall et antispyware le temps de l'analyse.
Si vous ne savez pas comment faire, reportez-vous à cet article.
Connecter les supports amovibles (clé usb et autres) avant de procéder.
Tutoriel officiel
Télécharge ComboFix sur ton bureau (et pas ailleurs).
Si la console de récupération n'est pas installée sur un XP, ComboFix va proposer de l'installer: Accepter!
- Assure toi que tous les programmes soient fermés avant de commencer.
- Double-clique ComboFix.exe afin de l'exécuter.
- Clique sur "Oui" au message de Limitation de Garantie qui s'affiche.
- Il est possible que ton pare-feu (firewall) te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
- Ne ferme pas la fenêtre qui vient de s'ouvrir, tu te retrouverais avec un bureau vide.
- Lorsque l'analyse sera terminée, un rapport apparaîtra.
- Copie-colle ce rapport dans ta prochaine réponse.
Le rapport se trouve dans : C:\Combofix.txt (si jamais).
Si tu perds la connexion après le passage de ComboFix, voici comment la réparer ICI.
NB: Si malgré tout, tu ne parviens pas à réparer la connexion, lis ce sujet stp.
Si le message: "Tentative d'opération non autorisée sur une clé du Registre marquée pour suppression".
apparaissait, redémarrer le pc.
- Ne pas utiliser ComboFix ou The Avenger sauf demande expresse d'un membre du groupe sécurité de Zébulon! Trouver le rapport d'Antivir.- Je ne réponds pas aux demandes d'aide par MP-Antispam 32/64 Bits. Créez votre propre sujet avec le bouton "Commencer un sujet".
- Vista-XP.fr- Ne postez pas sur plus d'un forum pour traiter le même sujet! Respectez les helpers svp. Restaurer le Hosts - Kaspersky Virus Removal Tool - Microsoft FixIt Center - Failles de niveau critique - Kaspersky Password Manager - Je ne recommande plus Antivir Free qui installe Ask Toolbar.- Stocker mots de passe - A tenir à jour! - HEBERGEZ VOS LONGS RAPPORTS, NOM D'UNE PIPE! - ROGUES!
#9
lou37
- Junior Member
-
- Groupe : Membres
- Messages : 20
- Inscrit(e) : 25-octobre 09
Posté 23 septembre 2011 - 09:21
bonjour , jai fais ce que tu ma dit jai fias l'analyse avec combofix je poste ce que ça a donnée
ComboFix 11-09-22.02 - Poste 22/09/2011 21:51:02.1.1 - x86
Lancé depuis: c:\documents and settings\Poste\Bureau\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Poste\Application Data\Local
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\(2).ddr
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\.ddr
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\0.ddi
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\1.ddi
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\settings.ddi
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2)
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\documents and settings\Poste\Local Settings\Application Data\ApplicationHistory
c:\documents and settings\Poste\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini
c:\windows\system32\Thumbs.db
.
Une copie infectée de c:\windows\system32\wuauclt.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\system32\dllcache\wuauclt.exe
.
c:\windows\system32\cryptsvc.dll . . . est infecté!!
.
c:\windows\system32\es.dll . . . est infecté!!
.
c:\windows\system32\ntmssvc.dll . . . est infecté!!
.
c:\windows\system32\termsrv.dll . . . est infecté!!
.
c:\windows\system32\srsvc.dll . . . est infecté!!
.
c:\windows\system32\wiaservc.dll . . . est infecté!!
.
c:\windows\pchealth\helpctr\binaries\pchsvc.dll . . . est infecté!!
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-08-22 au 2011-09-22 ))))))))))))))))))))))))))))))))))))
.
.
2011-09-22 13:08 . 2011-09-22 13:08 -------- d-----w- c:\documents and settings\Poste\Local Settings\Application Data\Help
2011-09-22 09:46 . 2011-09-22 09:46 -------- d-----w- c:\documents and settings\Poste\Application Data\RegistryKeys
2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\documents and settings\Poste\Application Data\Malwarebytes
2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-19 14:48 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-16 13:20 . 2011-09-16 13:20 -------- d-----w- c:\program files\Ad-Remover
2011-09-16 13:12 . 2011-09-16 13:14 -------- d-----w- C:\Kill'em
2011-09-16 13:11 . 2011-09-16 13:11 -------- d--h--w- c:\windows\PIF
2011-09-14 18:45 . 2011-09-14 18:45 -------- d-----w- c:\program files\Trend Micro
2011-09-14 13:24 . 2011-09-15 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2011-09-14 12:25 . 2011-09-14 12:25 -------- d-----w- c:\documents and settings\Administrateur
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-21 12:18 . 2011-05-13 08:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-03 10:17 . 2008-04-14 12:00 606208 ----a-w- c:\windows\system32\crypt32.dll
2011-09-01 09:42 . 2008-04-14 12:00 113170 ----a-w- c:\windows\system32\perfc00C.dat
2011-07-15 13:29 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-04-14 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-09 12:54 . 2011-03-23 14:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Erreur des Services de cryptographie !!
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"OlStatusMon"="c:\program files\Olivetti\ANY_WAY\olDvcStatus.exe" [2006-07-26 106496]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Poste\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2003-06-26 02:02 0 ----a-w- c:\program files\Creative\Shared Files\CamTray.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 136176]
R2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-07-24 86016]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 136176]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-09-12 251248]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
.
.
Contenu du dossier 'Tâches planifiées'
.
2011-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 08:58]
.
2011-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 08:58]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
FF - ProfilePath - c:\documents and settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-09-22 22:52
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'explorer.exe'(1384)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SOUNDMAN.EXE
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Heure de fin: 2011-09-22 22:59:58 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-09-22 20:59
.
Avant-CF: 58 524 811 264 octets libres
Après-CF: 58 677 051 392 octets libres
.
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
.
- - End Of File - - 34074C56B0A0D63E69DCC12082729DC7
ComboFix 11-09-22.02 - Poste 22/09/2011 21:51:02.1.1 - x86
Lancé depuis: c:\documents and settings\Poste\Bureau\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Poste\Application Data\Local
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\(2).ddr
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\.ddr
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\0.ddi
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\1.ddi
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\settings.ddi
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2)
c:\documents and settings\Poste\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\documents and settings\Poste\Local Settings\Application Data\ApplicationHistory
c:\documents and settings\Poste\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini
c:\windows\system32\Thumbs.db
.
Une copie infectée de c:\windows\system32\wuauclt.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\system32\dllcache\wuauclt.exe
.
c:\windows\system32\cryptsvc.dll . . . est infecté!!
.
c:\windows\system32\es.dll . . . est infecté!!
.
c:\windows\system32\ntmssvc.dll . . . est infecté!!
.
c:\windows\system32\termsrv.dll . . . est infecté!!
.
c:\windows\system32\srsvc.dll . . . est infecté!!
.
c:\windows\system32\wiaservc.dll . . . est infecté!!
.
c:\windows\pchealth\helpctr\binaries\pchsvc.dll . . . est infecté!!
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-08-22 au 2011-09-22 ))))))))))))))))))))))))))))))))))))
.
.
2011-09-22 13:08 . 2011-09-22 13:08 -------- d-----w- c:\documents and settings\Poste\Local Settings\Application Data\Help
2011-09-22 09:46 . 2011-09-22 09:46 -------- d-----w- c:\documents and settings\Poste\Application Data\RegistryKeys
2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\documents and settings\Poste\Application Data\Malwarebytes
2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-09-19 14:48 . 2011-09-19 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-19 14:48 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-16 13:20 . 2011-09-16 13:20 -------- d-----w- c:\program files\Ad-Remover
2011-09-16 13:12 . 2011-09-16 13:14 -------- d-----w- C:\Kill'em
2011-09-16 13:11 . 2011-09-16 13:11 -------- d--h--w- c:\windows\PIF
2011-09-14 18:45 . 2011-09-14 18:45 -------- d-----w- c:\program files\Trend Micro
2011-09-14 13:24 . 2011-09-15 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2011-09-14 12:25 . 2011-09-14 12:25 -------- d-----w- c:\documents and settings\Administrateur
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-21 12:18 . 2011-05-13 08:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-03 10:17 . 2008-04-14 12:00 606208 ----a-w- c:\windows\system32\crypt32.dll
2011-09-01 09:42 . 2008-04-14 12:00 113170 ----a-w- c:\windows\system32\perfc00C.dat
2011-07-15 13:29 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-04-14 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-09 12:54 . 2011-03-23 14:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Erreur des Services de cryptographie !!
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"OlStatusMon"="c:\program files\Olivetti\ANY_WAY\olDvcStatus.exe" [2006-07-26 106496]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Poste\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2003-06-26 02:02 0 ----a-w- c:\program files\Creative\Shared Files\CamTray.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 136176]
R2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-07-24 86016]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 136176]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-09-12 251248]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
.
.
Contenu du dossier 'Tâches planifiées'
.
2011-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 08:58]
.
2011-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-02 08:58]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
FF - ProfilePath - c:\documents and settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-09-22 22:52
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'explorer.exe'(1384)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SOUNDMAN.EXE
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Heure de fin: 2011-09-22 22:59:58 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-09-22 20:59
.
Avant-CF: 58 524 811 264 octets libres
Après-CF: 58 677 051 392 octets libres
.
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
.
- - End Of File - - 34074C56B0A0D63E69DCC12082729DC7
#10
Apollo
- Devil Member !
-
- Groupe : Equipe Sécurité
- Messages : 14909
- Inscrit(e) : 21-novembre 04
Posté 23 septembre 2011 - 12:05
Bonjour,
Ce script a été rédigé spécialement pour cet utilisateur; ne pas l'utiliser sur une autre machine: dangereux!
1. Ferme tous les navigateurs ouverts.
2. Désactive provisoirement l'antivirus.
--> connecte les supports amovibles!
2. Ferme/désactive tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.
3. Ouvre le Bloc-notes et fais un copier/coller du texte situé dans la boîte Code ci-dessous dans le Bloc-notes:
Enregistre le fichier sous le nom CFScript.txt, au même endroit que ComboFix.exe
Comme sur l'image ci-dessus, fais glisser CFScript puis dépose-le sur ComboFix.exe
Lorsque l'outil aura terminé, il t'affichera un rapport nommé C:\ComboFix.txt que tu devras m'envoyer dans ton prochain message.
@++
Ce script a été rédigé spécialement pour cet utilisateur; ne pas l'utiliser sur une autre machine: dangereux!
1. Ferme tous les navigateurs ouverts.
2. Désactive provisoirement l'antivirus.
--> connecte les supports amovibles!
2. Ferme/désactive tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.
3. Ouvre le Bloc-notes et fais un copier/coller du texte situé dans la boîte Code ci-dessous dans le Bloc-notes:
FCopy:: C:\WINDOWS\ServicePackFiles\i386\pchsvc.dll | C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll | C:\WINDOWS\system32\cryptsvc.dll C:\WINDOWS\ServicePackFiles\i386\es.dll | C:\WINDOWS\system32\es.dll C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll | c:\windows\system32\ntmssvc.dll C:\WINDOWS\ServicePackFiles\i386\termsvc.dll | c:\windows\system32\termsrv.dll C:\WINDOWS\ServicePackFiles\i386\srsvc.dll | c:\windows\system32\srsvc.dll C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll | c:\windows\system32\wiaservc.dll
Enregistre le fichier sous le nom CFScript.txt, au même endroit que ComboFix.exe
Comme sur l'image ci-dessus, fais glisser CFScript puis dépose-le sur ComboFix.exe
Lorsque l'outil aura terminé, il t'affichera un rapport nommé C:\ComboFix.txt que tu devras m'envoyer dans ton prochain message.
@++
- Ne pas utiliser ComboFix ou The Avenger sauf demande expresse d'un membre du groupe sécurité de Zébulon! Trouver le rapport d'Antivir.- Je ne réponds pas aux demandes d'aide par MP-Antispam 32/64 Bits. Créez votre propre sujet avec le bouton "Commencer un sujet".
- Vista-XP.fr- Ne postez pas sur plus d'un forum pour traiter le même sujet! Respectez les helpers svp. Restaurer le Hosts - Kaspersky Virus Removal Tool - Microsoft FixIt Center - Failles de niveau critique - Kaspersky Password Manager - Je ne recommande plus Antivir Free qui installe Ask Toolbar.- Stocker mots de passe - A tenir à jour! - HEBERGEZ VOS LONGS RAPPORTS, NOM D'UNE PIPE! - ROGUES!
