produit nuisible non effaçable

leredge · le 2 septembre 2008

Salut, je n'arrive pas à supprimer des éléments qui me ralentissent non système.

J'ai effectué un rapport hjt et en voici son contenu ci-dessous. Pourriez-vous m'aider ?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:44:41, on 02/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\WINDOWS\system32\acs.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe

C:\WINDOWS\system32\oodag.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\System32\TPHDEXLG.exe

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe

C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE

c:\program files\lenovo\system update\suservice.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe

C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\WINDOWS\system32\TpShocks.exe

C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE

C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe

C:\Program Files\ThinkVantage\AMSG\Amsg.exe

C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

C:\Program Files\Lenovo\Zoom\TpScrex.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe

C:\WINDOWS\system32\oodtray.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\igfxpers.exe

C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe

C:\Program Files\Free Download Manager\fdm.exe

C:\Program Files\Free Download Manager\fum\fum.exe

C:\Program Files\Free Download Manager\FUM\fumoei.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\Creative\Shared Files\CamTray.exe

C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\Thin k Pad\UTILIT~1\BatLogEx.DLL,S tartBattLog

O4 - H K LM\..\Run: [s ynTPLpr] C:\Program File s \S ynaptic s \S ynTP\S ynTPLpr.exe

O4 - H K LM\..\Run: [s ynTPEnh] C:\Program File s \S ynaptic s \S ynTP\S ynTPEnh.exe

O4 - H K LM\..\Run: [EZEJMNAP] C:\PROGRA~1\Thin k Pad\UTILIT~1\EzEjMnAp.Exe

O4 - H K LM\..\Run: [TP K MAPHELPER] C:\Program File s \Thin k Pad\Utilitie s \Tp K mapAp.exe -helper

O4 - H K LM\..\Run: [Tp S hoc k s ] Tp S hoc k s .exe

O4 - H K LM\..\Run: [TPHOT K EY] C:\Program File s \Lenovo\HOT K EY\TPO S D S VC.exe

O4 - H K LM\..\Run: [TP4EX] tp4ex.exe

O4 - H K LM\..\Run: [s oundMAX] "C:\Program File s \Analog Device s \S oundMAX\S max4.exe" /tray

O4 - H K LM\..\Run: [LPManager] C:\PROGRA~1\THIN K V~2\PrdCtr\LPMGR.exe

O4 - H K LM\..\Run: [AM S G] C:\Program File s \Thin k Vantage\AM S G\Am s g.exe

O4 - H K LM\..\Run: [ACTray] C:\Program File s \Thin k Pad\ConnectUtilitie s \ACTray.exe

O4 - H K LM\..\Run: [ACWLIcon] C:\Program File s \Thin k Pad\ConnectUtilitie s \ACWLIcon.exe

O4 - H K LM\..\Run: [PD S ervice.exe] "C:\Program File s \Lenovo\S afeGuard PrivateDi s k \pd s ervice.exe"

O4 - H K LM\..\Run: [OODefragTray] C:\WINDOW S \s y s tem32\oodtray.exe

O4 - H K LM\..\Run: [s oundMAXPnP] C:\Program File s \Analog Device s \Core\s max4pnp.exe

O4 - H K LM\..\Run: [TVT S cheduler Proxy] C:\Program File s \Fichier s commun s \Lenovo\S cheduler\s cheduler_proxy.exe

O4 - H K LM\..\Run: [c s s auth] "C:\Program File s \Lenovo\Client S ecurity S olution\c s s auth.exe" s ilent

O4 - H K LM\..\Run: [Away S ch] C:\Program File s \Lenovo\AwayTa s k \Away S ch.EXE

O4 - H K LM\..\Run: [LPMailChec k er] C:\PROGRA~1\THIN K V~2\PrdCtr\LPMLCH K .exe

O4 - H K LM\..\Run: [igfxTray] C:\WINDOW S \s y s tem32\igfxtray.exe

O4 - H K LM\..\Run: [Hot K ey s Cmd s ] C:\WINDOW S \s y s tem32\h k cmd.exe

O4 - H K LM\..\Run: [Per s i s tence] C:\WINDOW S \s y s tem32\igfxper s .exe

O4 - H K LM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7 S P.exe /r

O4 - H K LM\..\Run: [Quic k Time Ta s k ] "C:\Program File s \Quic k Time\qtta s k .exe" -atboottime

O4 - H K LM\..\Run: [avgnt] "C:\Program File s \Avira\AntiVir Per s onalEdition Cla s s ic\avgnt.exe" /min

O4 - H K CU\..\Run: [ctfmon.exe] C:\WINDOW S \s y s tem32\ctfmon.exe

O4 - H K CU\..\Run: [Free Download Manager] "C:\Program File s \Free Download Manager\fdm.exe" -autorun

O4 - H K CU\..\Run: [Free Upload Manager] "C:\Program File s \Free Download Manager\fum\fum.exe" -autorun

O4 - H K CU\..\Run: [Free Uploader Oe Integration] C:\Program File s \Free Download Manager\FUM\fumoei.exe

O4 - H K CU\..\Run: [H/PC Connection Agent] "C:\Program File s \Micro s oft Active S ync\wce s comm.exe"

O4 - H K CU\..\Run: [Creative WebCam Tray] "C:\Program File s \Creative\S hared File s \CamTray.exe"

O4 - H K CU\..\Run: [TuneUp MemOptimizer] "C:\Program File s \TuneUp Utilitie s 2008\MemOptimizer.exe" auto s tart

O4 - H K CU\..\Run: [Pica s a Media Detector] C:\Program File s \Pica s a2\Pica s aMediaDetector.exe

O4 - H K U S \S -1-5-19\..\Run: [CTFMON.EXE] C:\WINDOW S \s y s tem32\CTFMON.EXE (U s er 'S ERVICE LOCAL')

O4 - H K U S \S -1-5-20\..\Run: [CTFMON.EXE] C:\WINDOW S \s y s tem32\CTFMON.EXE (U s er 'S ERVICE R É S EAU')

O4 - H K U S \S -1-5-18\..\Run: [CTFMON.EXE] C:\WINDOW S \s y s tem32\CTFMON.EXE (U s er 'S Y S TEM')

O4 - H K U S \.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOW S \s y s tem32\CTFMON.EXE (U s er 'Default u s er')

O4 - Global S tartup: BTTray.ln k = ?

O4 - Global S tartup: Digital Line Detect.ln k = C:\Program File s \Digital Line Detect\DLG.exe

O8 - Extra context menu item: &Window s Live S earch - re s ://C:\Program File s \Window s Live Toolbar\m s ntb.dll/s earch.htm

O8 - Extra context menu item: E&xporter ver s Micro s oft Excel - re s ://C:\PROGRA~1\MICRO S ~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer au p é riph é rique &Bluetooth... - C:\Program File s \Thin k Pad\Bluetooth S oftware\bt s endto_ie_ctx.htm

O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program File s \Thin k Pad\Bluetooth S oftware\bt s endto_ie.htm

O8 - Extra context menu item: Tout t é l é charger avec Free Download Manager - file://C:\Program File s \Free Download Manager\dlall.htm

O8 - Extra context menu item: T é l é charger avec Free Download Manager - file://C:\Program File s \Free Download Manager\dllin k .htm

O8 - Extra context menu item: T é l é charger la s é lection avec Free Download Manager - file://C:\Program File s \Free Download Manager\dl s elected.htm

O8 - Extra context menu item: T é l é charger la vid é o avec Free Download Manager - file://C:\Program File s \Free Download Manager\dlfvideo.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program File s \Lenovo\Client S ecurity S olution\tvtpwm_ie_com.dll

O9 - Extra 'Tool s ' menuitem: Thin k Vantage Pa s s word Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program File s \Lenovo\Client S ecurity S olution\tvtpwm_ie_com.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\jre1.6.0_07\bin\s s v.dll

O9 - Extra 'Tool s ' menuitem: Con s ole Java (S un) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\jre1.6.0_07\bin\s s v.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tool s ' menuitem: Cr é er un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOW S \bdo s candel.exe

O9 - Extra 'Tool s ' menuitem: Unin s tall BitDefender Online S canner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOW S \bdo s candel.exe

O9 - Extra button: Re s earch - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICRO S ~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program File s \Thin k Pad\Bluetooth S oftware\bt s endto_ie.htm

O9 - Extra 'Tool s ' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program File s \Thin k Pad\Bluetooth S oftware\bt s endto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOW S \Networ k Diagno s tic\xpnetdiag.exe

O9 - Extra 'Tool s ' menuitem: @xp s p3re s .dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOW S \Networ k Diagno s tic\xpnetdiag.exe

O9 - Extra button: Me s s enger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program File s \Me s s enger\m s m s g s .exe

O9 - Extra 'Tool s ' menuitem: Window s Me s s enger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program File s \Me s s enger\m s m s g s .exe

O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program File s \Free Download Manager\FUM\fumiebtn.dll

O10 - Un k nown file in Win s oc k L S P: c:\window s \s y s tem32\nwprovau.dll

O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IA S Runner Cla s s ) - http://www-307.ibm.com/pc/s upport/acpir.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (M S N Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/re s ource s /M S NPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BD S CANONLINE Control) - http://www.zebulon.fr/s can8/o s can8.cab

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Window s Live Photo Upload Control) - http://redgetrebe s .s pace s .live.com/PhotoUpload/M s nPUpld.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (Ad S ignerLCContrl Cla s s ) - http s ://s tatic.impot s .gouv.fr/tdir/s tatic/a...gnerADP-1.1.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Cla s s ) - http://www.adobe.com/product s /acrobat/no s /gp.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Fla s h Game Ho s t) - http://jeuxmultijoueur s .orange.fr/Game s hel...ronGameHo s t.cab

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file mi s s ing)

O20 - Winlogon Notify: AwayNotify - C:\Program File s \Lenovo\AwayTa s k \AwayNotify.dll

O23 - S ervice: Ac Profile Manager S ervice (AcPrfMgr S vc) - Lenovo - C:\Program File s \Thin k Pad\ConnectUtilitie s \AcPrfMgr S vc.exe

O23 - S ervice: Athero s Configuration S ervice (ac s ) - Athero s - C:\WINDOW S \s y s tem32\ac s .exe

O23 - S ervice: Acce s s Connection s Main S ervice (Ac S vc) - Lenovo - C:\Program File s \Thin k Pad\ConnectUtilitie s \Ac S vc.exe

O23 - S ervice: Avira AntiVir Per s onal – Free Antiviru s S cheduler (AntiVir S cheduler) - Avira GmbH - C:\Program File s \Avira\AntiVir Per s onalEdition Cla s s ic\s ched.exe

O23 - S ervice: Avira AntiVir Per s onal – Free Antiviru s Guard (AntiVir S ervice) - Avira GmbH - C:\Program File s \Avira\AntiVir Per s onalEdition Cla s s ic\avguard.exe

O23 - S ervice: Bluetooth S ervice (btwdin s ) - Broadcom Corporation. - C:\Program File s \Thin k Pad\Bluetooth S oftware\bin\btwdin s .exe

O23 - S ervice: Google Updater S ervice (gu s vc) - Google - C:\Program File s \Google\Common\Google Updater\GoogleUpdater S ervice.exe

O23 - S ervice: Thin k Pad PM S ervice (IBMPM S VC) - Lenovo - C:\WINDOW S \s y s tem32\ibmpm s vc.exe

O23 - S ervice: In s tallDriver Table Manager (IDriverT) - Macrovi s ion Corporation - C:\Program File s \Fichier s commun s \In s tall S hield\Driver\1050\Intel 32\IDriverT.exe

O23 - S ervice: S ervice de ba s e IP S (IP S S VC) - Lenovo Group Limited - C:\WINDOW S \s y s tem32\IP S S VC.EXE

O23 - S ervice: IviRegMgr - InterVideo - C:\Program File s \Fichier s commun s \InterVideo\RegMgr\iviRegMgr.exe

O23 - S ervice: O&O Defrag - O&O S oftware GmbH - C:\WINDOW S \s y s tem32\oodag.exe

O23 - S ervice: Power Manager DBC S ervice - Un k nown owner - C:\Program File s \Thin k Pad\Utilitie s \PWMDB S VC.EXE

O23 - S ervice: IBM P S A Acce s s Driver Control (P s a S rv) - Un k nown owner - C:\WINDOW S \s y s tem32\P s a S rv.exe (file mi s s ing)

O23 - S ervice: S y s tem Update (S U S ervice) - Lenovo Group Limited - c:\program file s \lenovo\s y s tem update\s u s ervice.exe

O23 - S ervice: Thin k Vantage Regi s try Monitor S ervice - Lenovo Group Limited - C:\Program File s \Fichier s commun s \Lenovo\tvt_reg_monitor_s vc.exe

O23 - S ervice: Thin k Pad HDD AP S Logging S ervice (TPHDEXLG S VC) - Lenovo. - C:\WINDOW S \S y s tem32\TPHDEXLG.exe

O23 - S ervice: IBM K CU S ervice (Tp K mp S VC) - Un k nown owner - C:\WINDOW S \s y s tem32\Tp K mp S VC.exe

O23 - S ervice: T S S Core S ervice (T S S Core S ervice) - IBM - C:\Program File s \Lenovo\Client S ecurity S olution\tvttc s d.exe

O23 - S ervice: TuneUp Drive Defrag S ervice (TuneUp.Defrag) - TuneUp S oftware GmbH - C:\WINDOW S \S y s tem32\TuneUpDefrag S ervice.exe

O23 - S ervice: TVT Bac k up S ervice - Lenovo Group Limited - C:\Program File s \Lenovo\Re s cue and Recovery\rr s ervice.exe

O23 - S ervice: TVT S cheduler - Lenovo Group Limited - C:\Program File s \Fichier s commun s \Lenovo\S cheduler\tvt s ched.exe

O23 - S ervice: tvtnetw k - Un k nown owner - C:\Program File s \Lenovo\Re s cue and Recovery\ADM\IU S ervice.exe

--

End of file - 15815 byte s

Merci à vou s !

leredge

leredge · le 3 septembre 2008

Bonjour, comment ce fait-il que je n'est pas de réponse ?

Merci de me répondre,

leredge

chrifleur · le 3 septembre 2008

bonjour

si c'est de l'optimisation que tu souhaites, je pense que tu n'es pas dans le bon forum

il faut poster ici

http://forum.zebulon.fr/optimisation-secur...ention-f52.html

leredge · le 3 septembre 2008

Salut, merci pour ta réponse. En fait, j'ai attrapé un truc l'antivirus "Antivir" n'arrive pas à l'éliminer et non plus Malwarebytes Anti-Malware. Que faire ? Car mon ordi "tourne" entre 6 et 56 % en permanence. Cela ne se produisait pas auparavant...

@+,

leredge

Julian84 · le 3 septembre 2008

Salut, merci pour ta réponse. En fait, j'ai attrapé un truc l'antivirus "Antivir" n'arrive pas à l'éliminer et non plus Malwarebytes Anti-Malware. Que faire ? Car mon ordi "tourne" entre 6 et 56 % en permanence. Cela ne se produisait pas auparavant...

@+,

leredge

Un coup de Ccleaner?

Falkra · le 3 septembre 2008

Bonjour, désinfection déjà prise en charge par Chrifleur, pleinement formée à ce type d'interventions.

Meci de ne pas intervenir. Rappels : CCleaner n'est pas un outil de désinfection. Liens de ma signature. Merci.

chrifleur · le 3 septembre 2008

quel est ce fichier qu'antivir ne parvient pas à éliminer?

fais ceci stp

Téléchargez OTViewIt sur votre Bureau.

Fermez toutes les fenêtres de programme, puis lancez-le
Cliquez sur le bouton Run Scan et laissez le programme tourner sans l'interrompre
Il va produire deux rapports (logs), l'un d'eux nommé OTViewIt.txt va s'ouvrir dans le Bloc-notes, l'autre nommé Extras sera enregistré sur le Bureau. Envoyez ces deux logs en réponse.
Il faudra peut-être que vous utilisiez deux messages pour envoyer ces deux logs sur le forum

leredge · le 4 septembre 2008

Salut chrifleur,

Merci pour ta réponse.

L'antivirus ne trouve pas mais il signale 2 dangers sans préciser lesquels.

voici les deux rapports Otviewit :

OTViewIt Extras logfile created on: 04/09/2008 09:53:30 - Run 3

OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Régis Granger\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1014,36 Mb Total Physical Memory | 472,55 Mb Available Physical Memory | 46,59% Memory free

2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,57% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 106,73 Gb Total Space | 26,44 Gb Free Space | 24,77% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 18,63 Gb Total Space | 1,31 Gb Free Space | 7,03% Space Free | Partition Type: NTFS

Drive F: | 55,88 Gb Total Space | 3,38 Gb Free Space | 6,05% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 1

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[04/14/2008 04:34 AM | 00,142,848 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

[11/13/2006 03:06 PM | 00,199,464 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

[11/13/2006 03:07 PM | 01,289,000 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

[11/13/2006 03:07 PM | 04,291,368 | ---- | M] (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[04/13/2008 08:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[10/18/2007 12:34 PM | 05,724,184 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[10/02/2007 06:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[04/14/2008 04:34 AM | 00,142,848 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook

[05/21/2008 04:37 AM | 12,844,576 | ---- | M] (Microsoft Corporation)

"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application

[04/14/2008 04:34 AM | 00,033,792 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

[11/13/2006 03:06 PM | 00,199,464 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

[11/13/2006 03:07 PM | 01,289,000 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

[11/13/2006 03:07 PM | 04,291,368 | ---- | M] (Microsoft Corporation)

"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server

[04/14/2008 04:34 AM | 00,018,432 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox

[07/03/2008 04:56 AM | 00,307,712 | ---- | M] (Mozilla Corporation)

"C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever

[04/14/2008 01:03 AM | 11,976,704 | ---- | M] ()

"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp

[07/09/2008 11:34 PM | 01,343,840 | ---- | M] (Nullsoft)

"D:\Livebox\RGWRepair.exe" = D:\Livebox\RGWRepair.exe:*:Enabled:RGWRepair

File not found

"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:LocalSubNet:Enabled:eMule

[08/01/2008 07:41 PM | 05,480,448 | ---- | M] (http://www.emule-project.net)

"C:\Program Files\eMule\dserver.exe" = C:\Program Files\eMule\dserver.exe:*:Enabled:dserver

[11/30/2001 11:07 AM | 00,221,184 | ---- | M] ()

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[04/13/2008 08:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[10/18/2007 12:34 PM | 05,724,184 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[10/02/2007 06:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation)

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.bat [@ = batfile] - "%1" %*

.cmd [@ = cmdfile] - "%1" %*

.com [@ = comfile] - "%1" %*

.exe [@ = exefile] - "%1" %*

.html [@ = FirefoxHTML] - [07/03/2008 04:56 AM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe

.pif [@ = piffile] - "%1" %*

.scr [@ = scrfile] - "%1" %*

========== Winsock2 Catalogs ==========

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

========== HKEY_CURRENT_USER Protocol Defaults ==========

========== HKEY_USERS Protocol Defaults ==========

========== Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

msdaipp: [HKLM - No CLSID value]

========== Protocol Filters ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data

"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime

"{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}" = Windows Live Toolbar

"{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}" = Security Update for CAPICOM (KB931906)

"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message

"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = Utilitaire ThinkPad EasyEject

"{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888

"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter

"{1787603C-E6E3-42D4-8034-55F358486F1D}" = MSXML 6.0 Parser (KB933579)

"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Utilitaire ThinkPad UltraNav

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Utilitaire de personnalisation du clavier ThinkPad

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0

"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = Système de protection active ThinkVantage

"{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

"{48227AEB-DC8E-4A90-A274-0B4A39D699B1}" = Client Security Solution

"{483CFBDB-5870-41ED-82DC-992D1A2CBA87}" = Adobe Flash Player 9 ActiveX

"{48CF6549-B45D-4313-9927-EFCCC8A3493F}" = TIPCI

"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies

"{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition

"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008

"{65706020-7B6F-41F2-8047-FC69579E386A}" = Gestionnaire de présentation

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP1

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = XP Themes

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Integrated camera

"{75FF1600-6330-43FA-9022-E0835BF20778}" = Microsoft SQL Server VSS Writer

"{7726CF62-7B45-4E6D-9266-615346816BCA}" = Rescue and Recovery

"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections

"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3

"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = Assistant UltraNav ThinkPad

"{83E5061B-A69A-46AD-A780-1DA6569FF283}" = Rescue and Recovery Critical Patch for Windows Update (KB917422)

"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software

"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update

"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1AFF2298-CC00-4A3B-866A-C62B8373794E}" = Security Update for 2007 Microsoft Office System (KB951596)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{4AD3A076-427C-491F-A5B7-7D1DE788A756}" = Update for Microsoft Office Outlook 2007 (KB952142)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{558B709B-821B-4FC5-90FC-9A8890641E77}" = Security Update for Microsoft Office PowerPoint 2007 (KB951338)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6BAD036C-261F-4BEF-96CF-C20678D07A41}" = Security Update for Visio 2007 (KB947590)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}" = Security Update for Microsoft Office Excel 2007 (KB951546)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A420F522-7395-4872-9882-C591B4B92278}" = Update for Office 2007 (KB946691)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD72BABE-C733-4FCF-9674-4314466191B9}" = Security Update for Microsoft Office Word 2007 (KB950113)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D9806966-6AA1-4B55-9528-6748E37CEE86}" = Update for Outlook 2007 Junk Email Filter (kb955433)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}" = Security Update for Microsoft Office Publisher 2007 (KB950114)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)

"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)

"{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components

"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{1AFF2298-CC00-4A3B-866A-C62B8373794E}" = Security Update for 2007 Microsoft Office System (KB951596)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{4AD3A076-427C-491F-A5B7-7D1DE788A756}" = Update for Microsoft Office Outlook 2007 (KB952142)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{558B709B-821B-4FC5-90FC-9A8890641E77}" = Security Update for Microsoft Office PowerPoint 2007 (KB951338)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6BAD036C-261F-4BEF-96CF-C20678D07A41}" = Security Update for Visio 2007 (KB947590)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}" = Security Update for Microsoft Office Excel 2007 (KB951546)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A420F522-7395-4872-9882-C591B4B92278}" = Update for Office 2007 (KB946691)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{AD72BABE-C733-4FCF-9674-4314466191B9}" = Security Update for Microsoft Office Word 2007 (KB950113)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{D9806966-6AA1-4B55-9528-6748E37CEE86}" = Update for Outlook 2007 Junk Email Filter (kb955433)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}" = Security Update for Microsoft Office Publisher 2007 (KB950114)

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD

"{975C1D10-BA0E-4D58-AE01-8FD03A373E06}" = ServerMaker 2001

"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center

"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync

"{9C7E944F-4502-40B8-A0AB-66B2FA9EE829}" = Microsoft SQL Server Native Client

"{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g)

"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = Gestionnaire d'alimentation ThinkPad

"{A2289997-10A3-48F2-AA03-99180D761661}" = ThinkVantage Fingerprint Software 5.6

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio

"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistant de connexion Windows Live

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy

"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1

"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger

"{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181)

"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access - Aide

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center

"{D728E945-256D-4477-B377-6BBA693714AC}" = Supplément à Productivity Center pour ThinkPad

"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center

"{EA664480-3844-11D5-8C25-444553540000}" = Fonctions d'accessibilité TrackPoint

"{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}" = Montpellier Business Plan Classic

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager

"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA

"{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers

"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant

"{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = Configuration du ThinkPad

"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player Plugin

"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)

"AwayTask" = Maintenance Manager

"Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP1

"CCleaner" = CCleaner (remove only)

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem

"Creative PD1120" = Creative WebCam NX Ultra Driver (1.01.03.0112)

"Creative WebCam Center" = Creative WebCam Center

"eMule" = eMule

"ffdshow_is1" = ffdshow [rev 1977] [2008-05-28]

"Free Download Manager_is1" = Free Download Manager 2.5

"Free Easy Burner_is1" = Free Easy Burner V 3.8

"getPlus®_ocx" = getPlus®_ocx

"G-Force" = G-Force

"HDMI" = Intel® Graphics Media Accelerator Driver

"HijackThis" = HijackThis 2.0.2

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"InfraRecorder" = InfraRecorder

"InstallShield_{48CF6549-B45D-4313-9927-EFCCC8A3493F}" = Texas Instruments PCIxx21/x515/xx12 drivers.

"InstallShield_{A5EC243A-AAB4-4AF0-85A5-07F9F4618353}" = FTP Utility

"KB894476" = Windows Media Player 10 Hotfix - KB894476

"KB923723" = Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)

"KB931906" = Security Update for CAPICOM (KB931906)

"KB936782_WMP10" = Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)

"KB938127-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)

"KB941569" = Mise à jour de sécurité pour Windows XP (KB941569)

"KB942615-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)

"KB944533-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)

"KB946648" = Mise à jour de sécurité pour Windows XP (KB946648)

"KB947864-IE7" = Correctif pour Windows Internet Explorer 7 (KB947864)

"KB948109_SQL9" = GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)

"KB950759-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)

"KB950760" = Mise à jour de sécurité pour Windows XP (KB950760)

"KB950762" = Mise à jour de sécurité pour Windows XP (KB950762)

"KB950974" = Mise à jour de sécurité pour Windows XP (KB950974)

"KB951066" = Mise à jour de sécurité pour Windows XP (KB951066)

"KB951072-v2" = Mise à jour pour Windows XP (KB951072-v2)

"KB951376" = Mise à jour de sécurité pour Windows XP (KB951376)

"KB951376-v2" = Mise à jour de sécurité pour Windows XP (KB951376-v2)

"KB951698" = Mise à jour de sécurité pour Windows XP (KB951698)

"KB951748" = Mise à jour de sécurité pour Windows XP (KB951748)

"KB951978" = Mise à jour pour Windows XP (KB951978)

"KB952287" = Correctif pour Windows XP (KB952287)

"KB952954" = Mise à jour de sécurité pour Windows XP (KB952954)

"KB953838-IE7" = Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)

"KB953839" = Mise à jour de sécurité pour Windows XP (KB953839)

"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15

"M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Media Player Classic" = Media Player Classic fr

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA

"Microsoft SQL Server 2005" = Microsoft SQL Server 2005

"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"OnScreenDisplay" = Incrustation

"PC-Doctor 5 for Windows" = PC-Doctor 5 pour Windows

"PCMCIAPW" = ThinkPad PC Card Power Policy

"Picasa2" = Picasa 2

"Power Management Driver" = ThinkPad Power Management Driver

"PROHYBRIDR" = 2007 Microsoft Office system

"PROPLUS" = Microsoft Office Professional Plus 2007

"Remove Multimedia Center" = Remove Multimedia Center

"ShockwaveFlash" = Macromedia Flash Player 8

"SumatraPDF" = Sumatra PDF reader

"SynTPDeinstKey" = ThinkPad UltraNav Driver

"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier

"Totalcmd" = Total Commander (Remove or Repair)

"VLC media player" = VideoLAN VLC media player 0.8.6f

"VST Bridge_is1" = VST Bridge 1.1

"Winamp" = Winamp

"Windows Live Toolbar" = Windows Live Toolbar

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows Media Player" = Lecteur Windows Media 10

"Windows XP Service" = Windows XP Service Pack 3

"WinGimp-2.0_is1" = GIMP 2.4.4

"WinRAR archiver" = Archiveur WinRAR

"WMCSetup" = Windows Media Connect

========== HKEY_CURRENT_USER Uninstall List ==========

========== HKEY_USERS Uninstall List ==========

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 30/08/2008 20:13:50 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang

Description = Détecteur d'erreurs 854786114.

Error - 01/09/2008 05:22:38 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error

Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant

audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc.

Error - 01/09/2008 19:43:07 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang

Description = Application bloquée iexplore.exe, version 7.0.6000.16705, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 01/09/2008 19:43:16 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Hang

Description = Détecteur d'erreurs 854786114.

Error - 02/09/2008 14:37:05 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error

Description = Application défaillante sumatrapdf.exe, version 0.0.0.0, module défaillant

sumatrapdf.exe, version 0.0.0.0, adresse de défaillance 0x000686cd.

Error - 02/09/2008 14:37:09 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error

Description = Détecteur d'erreurs 898464924.

Error - 03/09/2008 07:38:20 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error

Description = Application défaillante QuickTimePlayer.exe, version 7.50.61.0, module

défaillant QuickTimePlayer.exe, version 7.50.61.0, adresse de défaillance 0x0000130d.

Error - 03/09/2008 09:07:27 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error

Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant

audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc.

Error - 03/09/2008 09:07:29 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error

Description = Détecteur d'erreurs 570669371.

Error - 03/09/2008 09:52:25 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Application Error

Description = Application défaillante audacity.exe, version 1.3.4.0, module défaillant

audacity.exe, version 1.3.4.0, adresse de défaillance 0x000b18dc.

[ Internet Explorer Events ]

[ ODiag Events ]

[ OSession Events ]

[ Security Events ]

[ System Events ]

Error - 02/09/2008 08:24:18 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk

Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 02/09/2008 08:24:22 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk

Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 02/09/2008 08:24:26 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk

Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 02/09/2008 08:24:30 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk

Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 02/09/2008 08:24:34 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk

Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 02/09/2008 08:24:38 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk

Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 02/09/2008 08:24:42 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Disk

Description = Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Error - 02/09/2008 15:47:02 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = NetBT

Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses

initiales.

Error - 02/09/2008 22:49:41 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = Service Control Manager

Description = Délai (30000 millisecondes) d'attente pour une réponse du service

Dnscache à une transaction.

Error - 03/09/2008 08:38:01 - Computer Name = LENOVO-6BD91387 - User Name = User SID not found - Source = irevents

Description = Le service de transfert de fichiers par infrarouge a rencontré une

erreur en envoyant le fichier "C:\Documents and Settings\Régis Granger\Mes documents\Ma

musique\Funkadelic\Funkadelic - Maggot Brain.mp3. L'erreur renvoyée est L'opération

d'entrée/sortie a été abandonnée en raison de l'arrêt d'une thread ou à la demande

d'une application. .

< End of report >

et voici le deuxième :

OTViewIt logfile created on: 04/09/2008 09:53:30 - Run 3

OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Régis Granger\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1014,36 Mb Total Physical Memory | 472,55 Mb Available Physical Memory | 46,59% Memory free

2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,57% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 106,73 Gb Total Space | 26,44 Gb Free Space | 24,77% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 18,63 Gb Total Space | 1,31 Gb Free Space | 7,03% Space Free | Partition Type: NTFS

Drive F: | 55,88 Gb Total Space | 3,38 Gb Free Space | 6,05% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: LENOVO-6BD91387

Current User Name: Régis Granger

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

===== Processes - Non-Microsoft Only =====

[11/02/2007 04:51 PM | 00,036,136 | ---- | M] (Lenovo) - C:\WINDOWS\system32\ibmpmsvc.exe

[01/30/2007 01:05 PM | 00,108,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\IPSSVC.EXE

[07/05/2008 01:06 AM | 00,090,112 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

[03/21/2007 02:42 PM | 00,364,629 | ---- | M] (Atheros) - C:\WINDOWS\system32\acs.exe

[01/04/2007 08:48 PM | 00,112,152 | R--- | M] (InterVideo) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe

[06/29/2007 12:02 AM | 01,049,856 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodag.exe

[09/26/2007 06:34 PM | 00,644,408 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe

[05/14/2008 04:21 PM | 00,037,416 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TPHDEXLG.exe

[06/29/2006 10:57 PM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe

[07/14/2006 06:42 PM | 00,723,712 | ---- | M] (IBM) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe

[07/14/2006 07:01 PM | 01,974,272 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

[03/04/2008 10:34 AM | 01,122,304 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe

[07/14/2006 04:52 PM | 00,045,056 | ---- | M] () - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

[07/05/2008 01:05 AM | 00,212,992 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

[06/10/2008 01:40 AM | 00,094,208 | ---- | M] () - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe

[04/29/2008 03:43 PM | 00,032,768 | ---- | M] (Lenovo Group Limited) - c:\Program Files\Lenovo\System Update\SUService.exe

[07/14/2006 06:36 PM | 00,022,016 | ---- | M] () - C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe

[07/05/2008 01:06 AM | 00,126,976 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

[07/14/2006 07:13 PM | 02,341,632 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

[07/03/2008 04:10 PM | 01,323,008 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[06/05/2008 02:36 AM | 00,242,976 | ---- | M] (Lenovo Group Ltd.) - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE

[07/03/2008 04:17 PM | 00,118,784 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

[06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TpShocks.exe

[03/24/2008 10:15 AM | 00,068,464 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

[03/24/2008 02:41 PM | 00,067,432 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

[04/25/2008 04:38 PM | 00,128,368 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\ZOOM\TpScrex.exe

[06/09/2008 03:00 AM | 00,165,208 | ---- | M] (Lenovo Group Limited) - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE

[11/14/2005 08:23 AM | 00,487,424 | ---- | M] (LENOVO) - C:\Program Files\ThinkVantage\AMSG\Amsg.exe

[07/05/2008 01:00 AM | 00,425,984 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

[07/05/2008 12:56 AM | 00,143,360 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

[03/13/2006 05:38 PM | 00,041,472 | R--- | M] (Utimaco Safeware AG) - C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe

[06/29/2007 12:01 AM | 02,512,128 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodtray.exe

[07/14/2006 07:20 PM | 00,817,920 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe

[03/04/2008 10:34 AM | 00,487,424 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe

[11/07/2006 08:51 PM | 00,091,688 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

[06/09/2008 03:00 AM | 00,124,248 | ---- | M] (Lenovo Group Limited) - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE

[06/09/2008 04:00 AM | 00,060,192 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe

[02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG) - C:\Program Files\Free Download Manager\fdm.exe

[12/30/2007 11:14 PM | 00,253,952 | ---- | M] () - C:\Program Files\Free Download Manager\FUM\fum.exe

[06/10/2007 07:02 PM | 00,040,960 | ---- | M] () - C:\Program Files\Free Download Manager\FUM\fumoei.exe

[06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH) - C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe

[11/03/2006 07:02 PM | 00,050,688 | ---- | M] (Avanquest Software ) - C:\Program Files\Digital Line Detect\DLG.exe

===== Win32 Services - Non-Microsoft Only =====

(AcPrfMgrSvc) Ac Profile Manager Service [Auto | Running]

[07/05/2008 01:06 AM | 00,090,112 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

(acs) Atheros Configuration Service [Auto | Running]

[03/21/2007 02:42 PM | 00,364,629 | ---- | M] (Atheros) - C:\WINDOWS\system32\acs.exe

(AcSvc) Access Connections Main Service [Auto | Running]

[07/05/2008 01:05 AM | 00,212,992 | ---- | M] (Lenovo ) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

(IBMPMSVC) ThinkPad PM Service [Auto | Running]

[11/02/2007 04:51 PM | 00,036,136 | ---- | M] (Lenovo) - C:\WINDOWS\system32\ibmpmsvc.exe

(IPSSVC) Service de base IPS [Auto | Running]

[01/30/2007 01:05 PM | 00,108,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\IPSSVC.EXE

(IviRegMgr) IviRegMgr [Auto | Running]

[01/04/2007 08:48 PM | 00,112,152 | R--- | M] (InterVideo) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe

(O&O Defrag) O&O Defrag [Auto | Running]

[06/29/2007 12:02 AM | 01,049,856 | ---- | M] (O&O Software GmbH) - C:\WINDOWS\system32\oodag.exe

(Power Manager DBC Service) Power Manager DBC Service [Auto | Running]

[06/10/2008 01:40 AM | 00,094,208 | ---- | M] () - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe

(PsaSrv) IBM PSA Access Driver Control [On_Demand | Stopped]

File not found - C:\WINDOWS\system32\PsaSrv.exe

(SUService) System Update [Auto | Running]

[04/29/2008 03:43 PM | 00,032,768 | ---- | M] (Lenovo Group Limited) - c:\Program Files\Lenovo\System Update\SUService.exe

(ThinkVantage Registry Monitor Service) ThinkVantage Registry Monitor Service [Auto | Running]

[09/26/2007 06:34 PM | 00,644,408 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe

(TPHDEXLGSVC) ThinkPad HDD APS Logging Service [Auto | Running]

[05/14/2008 04:21 PM | 00,037,416 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\TPHDEXLG.exe

(TpKmpSVC) IBM KCU Service [Auto | Running]

[06/29/2006 10:57 PM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe

(TSSCoreService) TSS Core Service [Auto | Running]

[07/14/2006 06:42 PM | 00,723,712 | ---- | M] (IBM) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe

(TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped]

[07/23/2008 01:20 PM | 00,355,584 | ---- | M] (TuneUp Software GmbH) - C:\WINDOWS\system32\TuneUpDefragService.exe

(TVT Backup Service) TVT Backup Service [Auto | Running]

[07/14/2006 07:01 PM | 01,974,272 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

(TVT Scheduler) TVT Scheduler [Auto | Running]

[03/04/2008 10:34 AM | 01,122,304 | ---- | M] (Lenovo Group Limited) - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe

(tvtnetwk) tvtnetwk [Auto | Running]

[07/14/2006 04:52 PM | 00,045,056 | ---- | M] () - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

===== Driver Services - Non-Microsoft Only =====

(AR5211) Atheros Wireless Network Adapter Service [On_Demand | Running]

[10/26/2007 02:20 AM | 00,549,184 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\ar5211.sys

(atmeltpm) atmeltpm [On_Demand | Running]

[05/17/2005 11:20 AM | 00,015,872 | ---- | M] (Atmel, Inc.) - C:\WINDOWS\system32\drivers\atmeltpm.sys

(IBMPMDRV) IBMPMDRV [On_Demand | Running]

[11/02/2007 04:50 PM | 00,021,808 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ibmpmdrv.sys

(IBMTPCHK) IBMTPCHK [system | Running]

[07/02/2008 12:22 AM | 00,004,224 | ---- | M] () - C:\WINDOWS\system32\drivers\IBMBLDID.sys

(Iviaspi) IVI ASPI Shell [On_Demand | Running]

[09/11/2003 12:36 AM | 00,021,060 | ---- | M] (InterVideo, Inc.) - C:\WINDOWS\system32\drivers\iviaspi.sys

(mraid35x) mraid35x [Disabled | Stopped]

[08/18/2001 07:52 AM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\system32\drivers\mraid35x.sys

(PcdrNdisuio) PCDRNDISUIO Usermode I/O Protocol [On_Demand | Stopped]

File not found - C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys

(PrivateDisk) PrivateDisk [Auto | Running]

[03/13/2006 05:05 PM | 00,058,368 | R--- | M] (Utimaco Safeware AG) - C:\Program Files\Lenovo\SafeGuard PrivateDisk\privatediskm.sys

(PROCDD) Pilote de support IPS [Auto | Running]

[11/06/2006 06:24 PM | 00,012,080 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\PROCDD.SYS

(psadd) Lenovo Parties Service Access Device Driver [On_Demand | Running]

[02/19/2007 07:56 AM | 00,021,376 | ---- | M] (Lenovo (United States) Inc.) - C:\WINDOWS\system32\drivers\psadd.sys

(Shockprf) Shockprf [boot | Running]

[05/14/2008 04:21 PM | 00,114,728 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ApsX86.sys

(smihlp2) SMI Helper Driver (smihlp2) [Auto | Running]

[08/14/2007 04:46 PM | 00,010,896 | ---- | M] (UPEK Inc.) - C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys

(Sparrow) Sparrow [Disabled | Stopped]

[08/18/2001 08:07 AM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\system32\drivers\sparrow.sys

(SynTP) Synaptics TouchPad Driver [On_Demand | Running]

[07/03/2008 03:53 PM | 00,225,664 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\system32\drivers\SynTP.sys

(TcUsb) TC USB Kernel Driver [On_Demand | Running]

[08/14/2007 04:25 PM | 00,047,376 | ---- | M] (UPEK Inc.) - C:\WINDOWS\system32\drivers\tcusb.sys

(TDSMAPI) TDSMAPI [system | Running]

[10/02/2006 02:55 AM | 00,009,343 | ---- | M] () - C:\WINDOWS\system32\drivers\TDSMAPI.SYS

(tifm21) tifm21 [On_Demand | Running]

[11/30/2005 03:12 AM | 00,162,560 | ---- | M] (Texas Instruments) - C:\WINDOWS\system32\drivers\tifm21.sys

(TPDIGIMN) TPDIGIMN [boot | Running]

[05/14/2008 04:21 PM | 00,019,496 | ---- | M] (Lenovo.) - C:\WINDOWS\system32\drivers\ApsHM86.sys

(TPHKDRV) TPHKDRV [system | Running]

[05/12/2008 10:14 PM | 00,017,844 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\TPHKDRV.sys

(TPPWRIF) TPPWRIF [system | Running]

[06/10/2008 01:40 AM | 00,004,442 | ---- | M] () - C:\WINDOWS\system32\drivers\TPPWRIF.SYS

(TSMAPIP) TSMAPIP [system | Running]

[06/09/2008 04:00 AM | 00,004,608 | ---- | M] () - C:\WINDOWS\system32\drivers\TSMAPIP.SYS

(tvtfilter) tvtfilter [Auto | Running]

[07/14/2006 06:27 PM | 00,012,544 | ---- | M] (Lenovo) - C:\WINDOWS\system32\drivers\tvtfilter.sys

(TVTPktFilter) TVT Packet Filter Service [On_Demand | Running]

[07/14/2006 06:03 PM | 00,017,664 | ---- | M] (Lenovo Group Limited) - C:\WINDOWS\system32\drivers\tvtpktfilter.sys

(WSIMD) wsimd Service [On_Demand | Running]

[07/03/2007 07:46 PM | 00,057,344 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\wsimd.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ACTray" = C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [07/05/2008 01:00 AM | 00,425,984 | ---- | M] (Lenovo )

"ACWLIcon" = C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [07/05/2008 12:56 AM | 00,143,360 | ---- | M] (Lenovo )

"AMSG" = C:\Program Files\ThinkVantage\AMSG\Amsg.exe [11/14/2005 08:23 AM | 00,487,424 | ---- | M] (LENOVO)

"avgnt" = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min [08/22/2008 07:43 AM | 00,266,497 | ---- | M] (Avira GmbH)

"AwaySch" = C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [11/07/2006 08:51 PM | 00,091,688 | ---- | M] (Lenovo Group Limited)

"BLOG" = rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog [06/10/2008 01:40 AM | 00,208,896 | ---- | M] ()

"cssauth" = "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent [07/14/2006 07:13 PM | 02,341,632 | ---- | M] (Lenovo Group Limited)

"EZEJMNAP" = C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [06/05/2008 02:36 AM | 00,242,976 | ---- | M] (Lenovo Group Ltd.)

"HotKeysCmds" = C:\WINDOWS\system32\hkcmd.exe [03/05/2008 02:48 PM | 00,166,424 | ---- | M] (Intel Corporation)

"IgfxTray" = C:\WINDOWS\system32\igfxtray.exe [03/05/2008 02:48 PM | 00,141,848 | ---- | M] (Intel Corporation)

"LPMailChecker" = C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [06/09/2008 03:00 AM | 00,124,248 | ---- | M] (Lenovo Group Limited)

"LPManager" = C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [06/09/2008 03:00 AM | 00,165,208 | ---- | M] (Lenovo Group Limited)

"OODefragTray" = C:\WINDOWS\system32\oodtray.exe [06/29/2007 12:01 AM | 02,512,128 | ---- | M] (O&O Software GmbH)

"PDService.exe" = "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" [03/13/2006 05:38 PM | 00,041,472 | R--- | M] (Utimaco Safeware AG)

"Persistence" = C:\WINDOWS\system32\igfxpers.exe [03/05/2008 02:48 PM | 00,137,752 | ---- | M] (Intel Corporation)

"PWRMGRTR" = rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor [06/10/2008 01:40 AM | 00,311,296 | ---- | M] (Lenovo Group Limited)

"QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.)

"SoundMAX" = "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray [05/06/2005 04:06 PM | 00,716,800 | ---- | M] (Analog Devices, Inc.)

"SoundMAXPnP" = C:\Program Files\Analog Devices\Core\smax4pnp.exe [05/20/2005 10:11 AM | 00,925,696 | ---- | M] (Analog Devices, Inc.)

"SynTPEnh" = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [07/03/2008 04:10 PM | 01,323,008 | ---- | M] (Synaptics, Inc.)

"SynTPLpr" = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [07/03/2008 04:17 PM | 00,118,784 | ---- | M] (Synaptics, Inc.)

"TP4EX" = tp4ex.exe [10/17/2005 02:11 AM | 00,065,536 | ---- | M] (Lenovo Group Limited)

"TPFNF7" = C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r [06/09/2008 04:00 AM | 00,060,192 | ---- | M] (Lenovo Group Limited)

"TPHOTKEY" = C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [03/24/2008 10:15 AM | 00,068,464 | ---- | M] (Lenovo Group Limited)

"TPKMAPHELPER" = C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper [01/09/2007 05:28 PM | 00,868,352 | ---- | M] (Lenovo)

"TpShocks" = TpShocks.exe [06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.)

"TVT Scheduler Proxy" = C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe [03/04/2008 10:34 AM | 00,487,424 | ---- | M] (Lenovo Group Limited)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"load" = Reg Error: Value load does not exist or could not be read.

"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Creative WebCam Tray" = "C:\Program Files\Creative\Shared Files\CamTray.exe" [10/27/2005 06:00 PM | 00,299,008 | ---- | M] (Creative Technology Ltd)

"Free Download Manager" = "C:\Program Files\Free Download Manager\fdm.exe" -autorun [02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG)

"Free Upload Manager" = "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun [12/30/2007 11:14 PM | 00,253,952 | ---- | M] ()

"Free Uploader Oe Integration" = C:\Program Files\Free Download Manager\FUM\fumoei.exe [06/10/2007 07:02 PM | 00,040,960 | ---- | M] ()

"Picasa Media Detector" = C:\Program Files\Picasa2\PicasaMediaDetector.exe [02/26/2008 03:23 AM | 00,443,968 | ---- | M] (Google Inc.)

"TuneUp MemOptimizer" = "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart [06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"load" =

"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"load" =

"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"load" =

"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"load" =

"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"load" =

"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Creative WebCam Tray" = "C:\Program Files\Creative\Shared Files\CamTray.exe" [10/27/2005 06:00 PM | 00,299,008 | ---- | M] (Creative Technology Ltd)

"Free Download Manager" = "C:\Program Files\Free Download Manager\fdm.exe" -autorun [02/13/2008 06:02 PM | 02,453,551 | ---- | M] (FreeDownloadManager.ORG)

"Free Upload Manager" = "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun [12/30/2007 11:14 PM | 00,253,952 | ---- | M] ()

"Free Uploader Oe Integration" = C:\Program Files\Free Download Manager\FUM\fumoei.exe [06/10/2007 07:02 PM | 00,040,960 | ---- | M] ()

"Picasa Media Detector" = C:\Program Files\Picasa2\PicasaMediaDetector.exe [02/26/2008 03:23 AM | 00,443,968 | ---- | M] (Google Inc.)

"TuneUp MemOptimizer" = "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart [06/20/2008 09:23 AM | 00,154,368 | ---- | M] (TuneUp Software GmbH)

[HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"load" =

"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[Administrateur Startup Folder - C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage]

[All Users Startup Folder - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]

[11/26/2007 04:58 PM | 00,576,104 | ---- | M] (Broadcom Corporation.) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

[11/03/2006 07:02 PM | 00,050,688 | ---- | M] (Avanquest Software ) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

[Default User Startup Folder - C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage]

[Régis Granger Startup Folder - C:\Documents and Settings\Régis Granger\Menu Démarrer\Programmes\Démarrage]

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

HKLM CLSID: (SSVHelper Class) - [06/10/2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]

HKLM CLSID: (FDMIECookiesBHO Class) - [11/26/2007 03:35 PM | 00,094,208 | ---- | M] () C:\Program Files\Free Download Manager\iefdm2.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}]

HKLM CLSID: (CPwmIEBrowserHelper Object) - [07/14/2006 07:20 PM | 00,719,616 | ---- | M] (Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

========== Toolbars ==========

========== AppInit_Dlls ==========

========== HKLM Security Providers ==========

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]

= Explorer.exe

>Explorer.exe - [04/14/2008 04:34 AM | 01,037,824 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]

= C:\WINDOWS\system32\userinit.exe,

>C:\WINDOWS\system32\userinit.exe - [04/14/2008 04:34 AM | 00,026,624 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL]

= tvt_gina.dll

>tvt_gina.dll - [07/02/2008 12:22 AM | 00,582,968 | ---- | M] (Lenovo) C:\WINDOWS\system32\tvt_gina.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]

= logonui.exe

>logonui.exe - [04/14/2008 04:34 AM | 00,515,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]

= rundll32 shell32,Control_RunDLL "sysdm.cpl"

>rundll32 shell32 - [04/14/2008 04:33 AM | 08,517,632 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

>Control_RunDLL "sysdm.cpl" - [04/14/2008 04:34 AM | 00,307,200 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify]

"DllName" = C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [07/05/2008 12:57 AM | 00,032,768 | ---- | M] (Lenovo )

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify]

"DllName" = C:\Program Files\Lenovo\AwayTask\AwayNotify.dll [08/16/2006 07:07 PM | 00,049,152 | ---- | M] (Lenovo Group Limited)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

"DllName" = C:\WINDOWS\system32\igfxdev.dll [02/15/2008 12:45 PM | 00,208,896 | ---- | M] (Intel Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

"DllName" = File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]

"DllName" = C:\WINDOWS\system32\psqlpwd.dll [08/14/2007 04:54 PM | 00,089,600 | ---- | M] (UPEK Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]

"DllName" = C:\Program Files\Lenovo\HOTKEY\notifyf2.dll [09/06/2006 04:37 PM | 00,034,344 | ---- | M] ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]

"DllName" = C:\Program Files\Lenovo\HOTKEY\tphklock.dll [03/17/2008 04:02 PM | 00,034,080 | ---- | M] (Lenovo Group Limited)

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

Unable to open key or key not present!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername" = 0

"legalnoticecaption" =

"legalnoticetext" =

"shutdownwithoutlogon" = 1

"undockwithoutlogon" = 1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

Unable to open key or key not present!

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun" = 145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

Unable to open key or key not present!

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

Unable to open key or key not present!

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

Unable to open key or key not present!

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

Unable to open key or key not present!

[HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-21-1902654263-2307695710-1140962926-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

Unable to open key or key not present!

========== Lsa Authentication Packages ==========

========== Lsa Security Packages ==========

========== Desktop Components ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

"FriendlyName" = "Ma page d'accueil"

"Source" = "About:Home"

"SubscribedURL" = "About:Home"

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]

"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^FTP Utility.lnk]

"path" = C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\FTP Utility.lnk File not found

"backup" = C:\WINDOWS\pss\FTP Utility.lnk File not found

"location" = Common Startup

"command" = C:\Program Files\KONICA MINOLTA\FTP Utility\KMFtp.exe File not found

"item" = C:\WINDOWS\system32\ftp.exe [04/14/2008 04:34 AM | 00,046,080 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Régis Granger^Menu Démarrer^Programmes^Démarrage^Adobe Media Player.lnk]

"path" = C:\Documents and Settings\Régis Granger\Menu Démarrer\Programmes\Démarrage\Adobe Media Player.lnk File not found

"backup" = C:\WINDOWS\pss\Adobe Media Player.lnk File not found

"location" = Startup

"command" = C:\PROGRA~1\ADOBEM~1\ADOBEM~1.EXE File not found

"item" = Adobe Media Player

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]

"system.ini" = 0

"win.ini" = 0

"bootini" = 0

"services" = 0

"startup" = 2

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0aad0508-e146-11dc-af45-8000600fe800}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16d68960-3092-11dd-b007-00197eed6594}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{484815bf-54bd-11dd-b03f-8000600fe800}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59b1ff7a-f9cf-11dc-af7e-00197eed6594}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7441dac2-2d78-11dd-afff-00197eed6594}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86b166d5-e613-11dc-af54-00197eed6594}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9aadca16-6704-11dd-b06e-00197eed6594}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c76eeade-fb14-11dc-af81-8000600fe800}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d11fd207-04b8-11dd-af9f-00197eed6594}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc09f78c-e4e1-11dc-af4f-00197eed6594}\Shell]

"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ffc8e24d-8e70-11da-9887-806d6172696f}\Shell]

"" = None

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{3F254497-3FB2-4C13-B2EB-D8F1EBE314A9}]

Servers: | Description: Windows Mobile-based Device

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{57C9E86A-DB58-4B94-AF19-5FB4BA8D2F9F}]

Servers: | Description: 11a/b/g Wireless LAN Mini PCI Express Adapter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{B1D52F6C-4FFB-4AE5-9B2B-266C20F69D46}]

Servers: | Description:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{B930A187-59DC-47A0-9C71-325BA8913484}]

Servers: | Description: Broadcom NetXtreme Gigabit Ethernet

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{C450C8EE-1586-4CD5-927B-9255BB6C9D11}]

Servers: | Description:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{ECCC14E1-B4A7-41CC-A6F1-F5D1F880B879}]

Servers: | Description: Carte réseau 1394

========== Hosts File ==========

HOSTS File = (257789 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.1001-search.info

127.0.0.1 1001-search.info

127.0.0.1 www.100888290cs.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100sexlinks.com

127.0.0.1 100sexlinks.com

127.0.0.1 www.10sek.com

127.0.0.1 10sek.com

127.0.0.1 www.123topsearch.com

127.0.0.1 123topsearch.com

127.0.0.1 www.132.com

127.0.0.1 132.com

127.0.0.1 www.136136.net

127.0.0.1 136136.net

========== Files/Folders - Created Within 90 days ==========

[08/02/2008 06:39 PM | ---D | C] - C:\Deckard

[08/28/2008 07:39 AM | 00,064,352 | ---- | C] () - C:\WINDOWS\System32\drivers\ativmc20.cod

[08/28/2008 07:41 AM | 00,129,045 | ---- | C] () - C:\WINDOWS\System32\drivers\cxthsfs2.cty

[08/28/2008 07:42 AM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\drivers\netwlan5.img

[1 C:\WINDOWS\System32\*.tmp files]

[06/06/2008 06:20 PM | 00,218,400 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.cpl

[06/06/2008 06:21 PM | 00,128,288 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShEvUI.exe

[06/06/2008 06:21 PM | 00,181,536 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShocks.exe

[06/06/2008 06:21 PM | 00,492,832 | ---- | C] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.dll

[06/08/2008 09:13 PM | 00,057,344 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfbmp13n.dll

[06/08/2008 09:13 PM | 00,069,632 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfgif13n.dll

[06/08/2008 09:13 PM | 00,163,840 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltfil13n.dll

[06/08/2008 09:13 PM | 00,206,336 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltefx13n.dll

[06/08/2008 09:13 PM | 00,299,008 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltdis13n.dll

[06/08/2008 09:13 PM | 00,401,408 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\lfcmp13n.dll

[06/08/2008 09:13 PM | 00,450,560 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltimg13n.dll

[06/08/2008 09:13 PM | 00,462,848 | ---- | C] (LEAD Technologies, Inc.) - C:\WINDOWS\System32\ltkrn13n.dll

[06/24/2008 10:35 AM | ---D | C] - C:\WINDOWS\System32\Adobe

[07/23/2008 01:20 PM | 00,028,416 | ---- | C] (TuneUp Software GmbH) - C:\WINDOWS\System32\uxtuneup.dll

[07/23/2008 01:20 PM | 00,355,584 | ---- | C] (TuneUp Software GmbH) - C:\WINDOWS\System32\TuneUpDefragService.exe

[08/22/2008 08:44 AM | 00,183,808 | ---- | C] () - C:\WINDOWS\System32\BDEADMIN.CPL

[08/22/2008 08:44 AM | 00,210,032 | ---- | C] () - C:\WINDOWS\System32\DBCLIENT.DLL

[08/22/2008 08:48 AM | 00,000,664 | ---- | C] () - C:\WINDOWS\System32\d3d9caps.dat

[08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\System32\bits

[08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\System32\fr

[08/31/2008 12:12 PM | 00,110,592 | ---- | C] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPCo4.dll

[09/02/2008 12:29 PM | 00,051,100 | -H-- | C] () - C:\WINDOWS\System32\mlfcache.dat

[1 C:\WINDOWS\*.tmp files]

[07/23/2008 08:02 PM | ---D | C] - C:\WINDOWS\SQL9_KB948109_ENU

[08/02/2008 06:40 PM | ---D | C] - C:\WINDOWS\ERDNT

[08/18/2008 12:02 PM | 00,002,675 | ---- | C] () - C:\WINDOWS\imsins.BAK

[08/28/2008 07:58 AM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstall$

[08/28/2008 08:01 AM | ---D | C] - C:\WINDOWS\network diagnostic

[08/28/2008 08:03 AM | ---D | C] - C:\WINDOWS\ServicePackFiles

[08/28/2008 08:07 AM | ---D | C] - C:\WINDOWS\l2schemas

[08/28/2008 08:16 AM | ---D | C] - C:\WINDOWS\Prefetch

[08/31/2008 12:11 PM | 00,000,051 | ---- | C] () - C:\WINDOWS\npornap.INI

[08/22/2008 10:05 AM | 00,000,284 | ---- | C] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[06/09/2008 12:09 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\FileOpen

[06/13/2008 09:53 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Apple Computer

[08/03/2008 08:48 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\AVS4YOU

[08/05/2008 11:40 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Avira

[08/05/2008 11:52 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes

[08/22/2008 10:05 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Apple

[06/09/2008 12:09 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\FileOpen

[07/04/2008 06:00 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\DiVision Studios XAvenger

[08/03/2008 08:48 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\AVS4YOU

[08/05/2008 11:52 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\Malwarebytes

[08/28/2008 07:21 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Application Data\SumatraPDF

[08/05/2008 09:53 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\IsolatedStorage

[06/06/2008 08:20 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\Mes radios

[06/16/2008 11:18 AM | 00,000,000 | -H-- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Default.rdp

[06/16/2008 11:45 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\WM-RG Mes documents

[07/18/2008 01:27 PM | 04,987,098 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Marionnette vivante.wmv

[07/18/2008 01:32 PM | 00,176,740 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\Vélib.gif

[07/18/2008 01:32 PM | 01,492,992 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\metro-agression-ridicule.mpg

[07/18/2008 01:32 PM | 02,532,679 | ---- | C] () - C:\Documents and Settings\Régis Granger\Mes documents\autostopistas.zip

[08/03/2008 01:04 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\TmForever

[08/20/2008 07:11 PM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\Access Connections

[09/02/2008 10:19 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Mes documents\A trier

[06/13/2008 09:53 AM | 00,001,611 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk

[08/05/2008 11:52 AM | 00,000,703 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[06/16/2008 11:45 AM | 00,001,433 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\WM-RG Mes documents.LNK

[08/05/2008 11:54 AM | 00,001,870 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\Start Avira AntiVir Personal.lnk

[08/06/2008 08:06 AM | ---D | C] - C:\Documents and Settings\Régis Granger\Bureau\HJT

[08/06/2008 09:41 AM | 00,001,741 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\HijackThis.lnk

[08/06/2008 12:37 PM | 00,059,632 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.zip

[08/30/2008 08:12 PM | 00,208,384 | ---- | C] (Paul McLain and Fred de Vries) - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.exe

[09/03/2008 11:51 AM | 00,000,736 | ---- | C] () - C:\Documents and Settings\Régis Granger\Bureau\Audacity 1.3 Beta (Unicode).lnk

[06/24/2008 10:51 AM | ---D | C] - C:\Program Files\Fichiers communs\Adobe AIR

[07/04/2008 05:59 AM | ---D | C] - C:\Program Files\Fichiers communs\Oberon Media

[08/03/2008 08:47 AM | ---D | C] - C:\Program Files\Fichiers communs\AVSMedia

[06/13/2008 09:53 AM | ---D | C] - C:\Program Files\QuickTime

[08/03/2008 08:49 AM | ---D | C] - C:\Program Files\Foxit Software

[08/05/2008 11:40 AM | ---D | C] - C:\Program Files\Avira

[08/05/2008 11:52 AM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware

[08/06/2008 09:41 AM | ---D | C] - C:\Program Files\Trend Micro

[08/14/2008 01:52 PM | ---D | C] - C:\Program Files\Sun

[08/22/2008 10:05 AM | ---D | C] - C:\Program Files\Apple Software Update

[08/28/2008 07:21 PM | ---D | C] - C:\Program Files\SumatraPDF

[09/03/2008 11:51 AM | ---D | C] - C:\Program Files\Audacity 1.3 Beta (Unicode)

========== Files - Modified Within 90 days ==========

[08/22/2008 08:42 AM | 00,000,226 | RHS- | M] () - C:\boot.ini

[08/28/2008 08:01 AM | 00,252,240 | RHS- | M] () - C:\NTLDR

[09/04/2008 08:09 AM | 10,637,02528 | -HS- | M] () - C:\hiberfil.sys

[06/13/2008 09:54 AM | 00,245,715 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080613-095557.backup

[06/13/2008 09:55 AM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080616-073532.backup

[06/16/2008 07:35 AM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080619-163407.backup

[06/19/2008 04:34 PM | 00,250,955 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080619-163453.backup

[06/19/2008 04:34 PM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080624-121506.backup

[06/24/2008 12:15 PM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080628-083031.backup

[06/28/2008 08:30 AM | 00,251,509 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080628-083116.backup

[06/28/2008 08:31 AM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080630-194103.backup

[06/30/2008 07:41 PM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080704-053717.backup

[07/04/2008 05:37 AM | 00,251,843 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080704-053812.backup

[07/04/2008 05:38 AM | 00,252,291 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080718-140930.backup

[07/18/2008 02:09 PM | 00,252,291 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080718-141532.backup

[07/18/2008 02:15 PM | 00,254,111 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080723-123952.backup

[07/23/2008 12:39 PM | 00,254,111 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080723-124104.backup

[07/23/2008 12:41 PM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080724-065340.backup

[07/24/2008 06:53 AM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-114925.backup

[08/02/2008 03:50 PM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-155554.backup

[08/02/2008 03:55 PM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080803-114333.backup

[08/02/2008 11:49 AM | 00,256,833 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-115054.backup

[08/02/2008 11:50 AM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts.20080802-155011.backup

[08/03/2008 11:43 AM | 00,257,789 | R--- | M] () - C:\WINDOWS\System32\drivers\etc\hosts

[06/09/2008 04:00 AM | 00,004,608 | ---- | M] () - C:\WINDOWS\System32\drivers\TSMAPIP.SYS

[06/10/2008 01:40 AM | 00,004,442 | ---- | M] () - C:\WINDOWS\System32\drivers\TPPWRIF.SYS

[07/02/2008 12:22 AM | 00,004,224 | ---- | M] () - C:\WINDOWS\System32\drivers\IBMBLDID.sys

[07/03/2008 03:53 PM | 00,225,664 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\drivers\SynTP.sys

[1 C:\WINDOWS\System32\*.tmp files]

[06/06/2008 06:20 PM | 00,218,400 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.cpl

[06/06/2008 06:21 PM | 00,128,288 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShEvUI.exe

[06/06/2008 06:21 PM | 00,181,536 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShocks.exe

[06/06/2008 06:21 PM | 00,492,832 | ---- | M] (Lenovo.) - C:\WINDOWS\System32\TpShCPL.dll

[07/02/2008 12:22 AM | 00,292,152 | ---- | M] (Lenovo) - C:\WINDOWS\System32\tvt_gina_api.dll

[07/02/2008 12:22 AM | 00,582,968 | ---- | M] (Lenovo) - C:\WINDOWS\System32\tvt_gina.dll

[07/03/2008 03:55 PM | 00,163,840 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynCOM.dll

[07/03/2008 03:56 PM | 00,200,704 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynCtrl.dll

[07/03/2008 04:09 PM | 00,147,456 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPAPI.dll

[07/03/2008 04:29 PM | 00,110,592 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\System32\SynTPCo4.dll

[07/23/2008 01:20 PM | 00,355,584 | ---- | M] (TuneUp Software GmbH) - C:\WINDOWS\System32\TuneUpDefragService.exe

[08/05/2008 11:32 AM | 00,003,072 | ---- | M] () - C:\WINDOWS\System32\CONFIG.NT

[08/22/2008 08:48 AM | 00,000,664 | ---- | M] () - C:\WINDOWS\System32\d3d9caps.dat

[08/28/2008 08:15 AM | 00,264,616 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT

[08/28/2008 08:19 AM | 00,002,278 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl

[08/29/2008 10:41 AM | 00,082,228 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat

[08/29/2008 10:41 AM | 00,101,196 | ---- | M] () - C:\WINDOWS\System32\perfc00C.dat

[08/29/2008 10:41 AM | 00,456,274 | ---- | M] () - C:\WINDOWS\System32\perfh009.dat

[08/29/2008 10:41 AM | 00,532,214 | ---- | M] () - C:\WINDOWS\System32\perfh00C.dat

[08/29/2008 10:41 AM | 01,185,482 | ---- | M] () - C:\WINDOWS\System32\PerfStringBackup.INI

[09/02/2008 12:29 PM | 00,051,100 | -H-- | M] () - C:\WINDOWS\System32\mlfcache.dat

[09/04/2008 08:09 AM | 00,000,380 | ---- | M] () - C:\WINDOWS\System32\IPSCtrl.INI

[09/04/2008 08:09 AM | 00,025,355 | ---- | M] () - C:\WINDOWS\System32\PROCDB.INI

[09/04/2008 08:09 AM | 00,561,880 | ---- | M] () - C:\WINDOWS\System32\oodbs.lor

[1 C:\WINDOWS\*.tmp files]

[06/10/2008 01:40 AM | 00,016,384 | ---- | M] () - C:\WINDOWS\PWMBTHLP.EXE

[06/24/2008 10:35 AM | 00,001,479 | ---- | M] () - C:\WINDOWS\mozver.dat

[08/06/2008 07:36 AM | 00,000,246 | ---- | M] () - C:\WINDOWS\system.ini

[08/06/2008 07:36 AM | 00,000,610 | ---- | M] () - C:\WINDOWS\win.ini

[08/22/2008 08:13 AM | 00,000,188 | ---- | M] () - C:\WINDOWS\x

[08/28/2008 08:12 AM | 00,002,675 | ---- | M] () - C:\WINDOWS\imsins.BAK

[08/28/2008 08:16 AM | 00,316,640 | ---- | M] () - C:\WINDOWS\WMSysPr9.prx

[08/31/2008 12:21 PM | 00,000,051 | ---- | M] () - C:\WINDOWS\npornap.INI

[09/04/2008 08:09 AM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat

[08/28/2008 11:57 AM | 00,000,284 | ---- | M] () - C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[09/04/2008 08:09 AM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT

[09/04/2008 08:10 AM | 00,000,316 | ---- | M] () - C:\WINDOWS\tasks\PMTask.job

[09/04/2008 09:00 AM | 00,000,520 | ---- | M] () - C:\WINDOWS\tasks\Maintenance en 1 clic.job

[09/04/2008 09:11 AM | 00,000,256 | ---- | M] () - C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

[08/28/2008 07:02 PM | 03,707,858 | -H-- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\IconCache.db

[08/28/2008 08:20 AM | 00,069,240 | ---- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[09/03/2008 05:57 PM | 00,136,704 | ---- | M] () - C:\Documents and Settings\Régis Granger\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[06/16/2008 11:18 AM | 00,000,000 | -H-- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Default.rdp

[07/18/2008 01:27 PM | 04,987,098 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Marionnette vivante.wmv

[07/18/2008 01:32 PM | 00,176,740 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Vélib.gif

[07/18/2008 01:32 PM | 01,492,992 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\metro-agression-ridicule.mpg

[07/18/2008 01:32 PM | 02,532,679 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\autostopistas.zip

[09/04/2008 08:46 AM | 00,000,592 | ---- | M] () - C:\Documents and Settings\Régis Granger\Mes documents\Mes dossiers de partage.lnk

[06/13/2008 09:53 AM | 00,001,611 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk

[07/23/2008 01:16 PM | 00,000,671 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Winamp.lnk

[08/05/2008 11:47 AM | 00,001,609 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk

[08/05/2008 11:52 AM | 00,000,703 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[08/22/2008 08:17 AM | 00,001,648 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\ThinkVantage Productivity Center.lnk

[06/16/2008 11:45 AM | 00,001,433 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\WM-RG Mes documents.LNK

[08/01/2008 10:49 PM | 00,208,384 | ---- | M] (Paul McLain and Fred de Vries) - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.exe

[08/05/2008 11:54 AM | 00,001,870 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Start Avira AntiVir Personal.lnk

[08/06/2008 09:41 AM | 00,001,741 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\HijackThis.lnk

[08/06/2008 12:37 PM | 00,059,632 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\JavaRa.zip

[08/28/2008 07:13 PM | 00,001,555 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\CCleaner.lnk

[09/03/2008 11:51 AM | 00,000,736 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Audacity 1.3 Beta (Unicode).lnk

[09/03/2008 12:22 PM | 00,001,514 | ---- | M] () - C:\Documents and Settings\Régis Granger\Bureau\Bloc-notes.lnk

< End of report >

@+,

leredge.

chrifleur · le 4 septembre 2008

Télécharge MSNFix.zip (de !aur3n7 et Regis59) sur le Bureau :

http://sosvirus.changelog.fr/MSNFix.zip

un tutoriel pour l'utiliser

http://sosvirus.changelog.fr/

Conseil : il faut toujours télécharger avant utilisation pour profiter des dernières mises à jour.

Remarque 1: Il est possible que l'antivirus détecte un virus au téléchargement, il s'agit de Process.exe.

Process.exe est un programme légitime mais potentiellement dangereux, et il est normal qu'un antivirus/antispyware digne de ce nom le détecte.

Remarque 2: MSNFix peut parfois rencontrer des problèmes avec les sessions comportant des caractères spéciaux. Si un message d'erreur s'affiche il conviendra donc de déplacer le dossier complet à la racine du disque dur (généralement c:\)

Décompresse-le (clic droit : Extraire ici).

Ouvre MSNFix et double clique sur le fichier MSNFix.bat (MSNFix)

Choisis l'option R

valide avec Entrée

L'analyse démarre, pendant ce temps, ne lancer aucune application afin de ne pas perturber son fonctionnement.

Si l'infection est détectée, il te suffit d'appuyer sur une touche du clavier. Un redémarrage du PC peut être demandé.

Le rapport est enregistré par défaut dans le dossier MSNFix et se présente sous la forme date_heure.txt.

Recommande à tes contacts d'appliquer la même procédure MSNFix, pour freiner la propagation et indique si l'éradication est réussie. S'ils ont le moindre souci, ils viennent sur le forum et postent leur rapport pour lecture et conseils...

A l'échelle mondiale, chaque jour, des milliers de personnes sont infectées. Pour apporter des solutions rapides contre ce fléau, veuillez s'il vous plaît faire parvenir l'adresse contenue dans le message MSN que vous avez reçu.

Pour cela, cliquez ici:

http://secubox.gateweb.org/notify/

Saisissez le lien contenu dans les messages MSN puis cliquez sur [Notifier]. Merci.

leredge · le 4 septembre 2008

Salut chrifleur,

j'ai effectué la procédure avec MSNfix et il a trouvé des erreurs. Le rapport (que je te joins ci-dessous) indique : " ces fichiers nécessitent un avis expérimenté avant toute intervention". C'est ce que j'ai fais en suivant l'indication : http://upload.changelog.fr

MSNFix 1.742

C:\Documents and Settings\R‚gis Granger\Bureau\MSNFix

Fix exécuté le 04/09/2008 - 11:21:47,92 By R‚gis Granger

mode normal

************************ Recherche les fichiers présents

... C:\log.txt

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

.. OK ... C:\log.txt

************************ Nettoyage du registre

************************ Hostsclean

Cleanhosts v 0.1.0.7 By Laurent

-- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20080904112258

-- original size 251.75 Kb / 9005 lines

-- Start cleaning Hosts file ....

/!\... antivirus.com ..... Found and removed

/!\... avast.com ..... Found and removed

/!\... ca.com ..... Found and removed

/!\... mcafee.com ..... Found and removed

/!\... spybot.info ..... Found and removed

-- final size 250.39 Kb / 8963 lines

-- entry Found : 5 / Entry check : 310

End .............................. 23.4 Secondes

Les fichiers encore présents seront supprimés au prochain redémarrage

************************ Suppression des fichiers

.. OK ... C:\log.txt

************************ Hostsclean

Cleanhosts v 0.1.0.7 By Laurent

-- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20080904112558

-- original size 250.39 Kb / 8963 lines

-- Start cleaning Hosts file ....

-- final size 250.39 Kb / 8963 lines

-- entry Found : 0 / Entry check : 310

End .............................. 27.11 Secondes

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\system32\IPSSVC.EXE] 00D8E9DAEBE72A5DF3986FD418A995EB

==> SVP merci d'envoyer le fichier C:\DOCUME~1\RGISGR~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04092008_11262629.zip

************************ HKLM\...\Winlogon\Userinit

Userinit = C:\WINDOWS\system32\userinit.exe,

Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte

------------------------------------------------------------------------

Auteur : !aur3n7 Contact: http://changelog.fr

------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

@+,

leredge.

Connexion

Pas encore inscrit ?

produit nuisible non effaçable

Messages recommandés

leredge

leredge

chrifleur

leredge

Julian84

Falkra

chrifleur

leredge

chrifleur

leredge

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer