Infections : pub, lenteur... [Résolu]

Biessaten · le 29 juin 2010

Bonsoir,

Depuis un moment j'ai quelques soucis avec mon PC qui sont liés ou non... Premièrement au démarrage, le pc est assez lent à la détente... Ensuite une fenêtre internet explorer s'ouvre pour une pub pour le site "www.enviedeplus.com". Et aussi j'ai mon volume "son wave" qui descend au minimum sans mon intervention. Je crois que ça le fait quand je ferme la fenêtre de la pub. Je ne souhaite pas passer à antivir que j'ai déjà essayé pour l'instant.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:54:17, on 30/06/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe

C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

C:\WINDOWS\FixCamera.exe

C:\WINDOWS\tsnpstd3.exe

C:\WINDOWS\vsnpstd3.exe

C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

D:\Microsoft ActiveSync\wcescomm.exe

D:\MICROS~1\rapimgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\lxdxcoms.exe

C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

D:\TeamScripT4\mirc.exe

C:\WINDOWS\system32\WISPTIS.EXE

D:\Mumble\mumble.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

D:\League of Legends\lol.launcher.exe

D:\League of Legends\Air\LOLClient.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\SALIGNAC\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nixud.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = nixud.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"

O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"

O4 - HKLM\..\Run: [apocalyps32] C:\WINDOWS\apocalyps32.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe

O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [b2C_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"

O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Microsoft ActiveSync\wcescomm.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: MaxTV Recorder Manager.lnk = D:\MaxTV4\task_scheduler.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Recherche avec cherche.us - C:\Documents and Settings\SALIGNAC\scriptjava.html

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\MICROS~1\INetRepl.dll

O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.chat-land.org

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://me s s enger.zone.m s n.com/binary/m s grch k r.cab56986.cab

O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetwor k s .com/TVUAx.cab

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://me s s enger.zone.m s n.com/Me s s engerGame s Content/GameContent/fr/mj s s /MJ S S .cab109791.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://me s s enger.zone.m s n.com/binary/S olitaire S howdown.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://me s s enger.zone.m s n.com/Me s s engerGame s Content/GameContent/fr/uno1/GAME_UNO1.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micro s oft.com/window s update/v6/V5Control s /en/x86/client/wuweb_s ite.cab?1249396417968

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.faceboo k .com/control s /2009.07.28_v5.5.8.1/Faceboo k PhotoUploader55.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichier s .tou s le s driver s .com/maconfig/MaConfig_4_1_0_2.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://me s s enger.zone.m s n.com/binary/Me s s enger S tat s PAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://me s s enger.zone.m s n.com/binary/Mine S weeper.cab56986.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bandoo Coordinator - Unknown owner - C:\PROGRA~1\Bandoo\Bandoo.exe (file missing)

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe

O23 - Service: lxdx_device - - C:\WINDOWS\system32\lxdxcoms.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--

End of file - 10618 bytes

no.ppp · le 29 juin 2010

Salut,

Je suis no.ppp et je vais t'aider dans la résolution de ton problème.

Avant de commencer, quelques "règles" s'imposent :

Tu ne dois suivre les procédures que d'un seul membre. Des procédures différentes pourraient endommager ta machine. Si tu te fais aider ailleurs, préviens-moi !
Même si tu constates une nette amélioration, attends que je te dise que tout est fini.
Tout au long de mes messages, tu verras "" qui indique le début de chaque nouvelle procédure à exécuter.
Exécute-les toutes dans l'ordre indiqué sans en oublier.
N'utilise pas d'autres outils que ceux que je t'indique : d'une part car cela peut s'avérer dangereux et d'autre part pour que je sache où nous en sommes des éléments supprimés.
Tu peux, si tu le souhaites, imprimer les démarches à effectuer au cas où tu n'aurais pas accès au net.
N'hésite pas à poser des questions si certains éléments te paraissent obscurs.

------------------------------------------------------------------------

Afin d'avoir une analyse plus approfondie, fais ceci :super:

Télécharge OTL sur ton Bureau

Double-clique sur OTL.exe pour le lancer.
Coche la case Tous les utilisateurs
Fais de même avec Recherche Lop et Recherche Purity.
Clique ensuite sur Analyse puis patiente pendant qu'il scanne le registre et les fichiers.
Quand l'analyse est terminée, deux fenêtres du Bloc-notes vont s'ouvrir. OTL.Txt et Extras.Txt. Ces fichiers sont sauvegardés au même endroit que OTL.
Copie-colle les dans ta prochaine réponse.

Biessaten · le 29 juin 2010

OTL logfile created on: 30/06/2010 01:24:21 - Run 1

OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\SALIGNAC\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

895,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 15,00% Memory free

2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free

Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 78,13 Gb Total Space | 32,26 Gb Free Space | 41,29% Space Free | Partition Type: NTFS

Drive D: | 108,18 Gb Total Space | 77,29 Gb Free Space | 71,44% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: SALON

Current User Name: SALIGNAC

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe

PRC - [2010/06/03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/05/22 13:25:13 | 000,081,408 | ---- | M] () -- D:\League of Legends\Air\LolClient.exe

PRC - [2010/05/21 12:22:44 | 000,421,888 | ---- | M] (Solid State Networks) -- D:\League of Legends\lol.launcher.exe

PRC - [2010/05/12 07:59:12 | 000,317,376 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/02/09 18:38:56 | 003,465,384 | ---- | M] (Thorvald Natvig) -- D:\Mumble\mumble.exe

PRC - [2010/01/11 16:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

PRC - [2009/11/25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe

PRC - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe

PRC - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

PRC - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

PRC - [2009/07/31 01:41:08 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe

PRC - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/03/20 08:25:43 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmsdmon.exe

PRC - [2008/03/20 08:25:42 | 000,668,328 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe

PRC - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdxcoms.exe

PRC - [2007/07/13 11:05:48 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe

PRC - [2007/07/11 17:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe

PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

PRC - [2006/09/19 10:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe

PRC - [2006/06/26 21:45:18 | 001,211,176 | ---- | M] (Microsoft Corporation) -- D:\Microsoft ActiveSync\wcescomm.exe

PRC - [2006/06/26 21:45:02 | 000,187,176 | ---- | M] (Microsoft Corporation) -- D:\Microsoft ActiveSync\rapimgr.exe

PRC - [2006/02/14 14:09:00 | 000,069,632 | ---- | M] (ASUSTeK) -- C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

PRC - [2005/03/18 05:49:20 | 001,949,696 | ---- | M] (mIRC Co. Ltd.) -- D:\TeamScripT4\mirc.exe

PRC - [2002/08/29 03:41:28 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wisptis.exe

========== Modules (SafeList) ==========

MOD - [2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe

MOD - [2010/02/09 18:38:56 | 000,133,800 | ---- | M] () -- D:\Mumble\mumble_ol.dll

MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Bandoo Coordinator)

SRV - [2010/05/11 11:34:36 | 000,271,728 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)

SRV - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)

SRV - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)

SRV - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)

SRV - [2009/08/31 01:32:00 | 003,264,636 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)

SRV - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

SRV - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdxcoms.exe -- (lxdx_device)

SRV - [2008/02/28 02:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)

SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/02/26 10:55:09 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010/02/11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2010/01/21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)

DRV - [2010/01/21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)

DRV - [2010/01/21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)

DRV - [2009/11/25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2009/11/25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)

DRV - [2009/11/25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009/11/25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2009/11/25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2009/11/25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2009/03/25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2008/10/08 07:15:12 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)

DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)

DRV - [2007/03/27 19:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)

DRV - [2006/07/01 22:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2006/04/11 20:36:56 | 002,829,696 | ---- | M] (ASUSTek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)

DRV - [2004/08/04 07:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = nixud.com

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video

IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us

IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = Recherche Web

IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = nixud.com

IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"

FF - prefs.js..browser.search.order.1: "Web Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.startup.homepage: "http://www.google.fr"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1

FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2

FF - prefs.js..extensions.enabledItems: 5

FF - prefs.js..extensions.enabledItems: 2

FF - prefs.js..keyword.URL: "http://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q="

FF - prefs.js..network.proxy.autoconfig_url: "http://188.40.74.148/"

FF - prefs.js..network.proxy.http: "122.107.86.7"

FF - prefs.js..network.proxy.http_port: 8085

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/05 16:12:08 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/05 16:12:07 | 000,000,000 | ---D | M]

[2010/06/18 13:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Extensions

[2010/06/18 13:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Extensions\maxtv4@labs.max-tv.be

[2010/05/18 00:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions

[2009/09/02 21:48:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009/08/04 21:36:08 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010/04/30 01:36:13 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}

[2009/08/05 13:06:39 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2010/03/01 18:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\firefox@tvunetworks.com

[2010/01/02 23:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\extensions\illimitux@illimitux.net

[2009/12/30 21:52:57 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\Mozilla\Firefox\Profiles\fn7bfl60.default\searchplugins\cherche.xml

[2010/05/18 00:04:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2009/07/31 00:44:21 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2009/07/31 00:44:21 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2009/07/31 00:44:21 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2009/07/23 04:00:42 | 000,000,832 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml

[2009/07/31 00:44:21 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2009/07/31 00:44:21 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2002/08/30 17:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.

O4 - HKLM..\Run: [apocalyps32] C:\WINDOWS\apocalyps32.exe ()

O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [b2C_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()

O4 - HKLM..\Run: [lxdxamon] C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe ()

O4 - HKLM..\Run: [lxdxmon.exe] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe ()

O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe (ASUSTeK)

O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()

O4 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe File not found

O4 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005..\Run: [H/PC Connection Agent] D:\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk = D:\MaxTV4\task_scheduler.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Recherche avec cherche.us - C:\Documents and Settings\SALIGNAC\scriptjava.html ()

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005\..Trusted Domains: chat-land.org ([]* in Trusted sites)

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)

O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab ()

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249396417968 (WUWebControl Class)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab ("Ma-Config.com control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)

O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\progra~1\bandoo\bndhook.dll File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/08/04 15:47:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\Shell\AutoRun\command - "" = K:\start.exe -- File not found

O33 - MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\Shell\iledefrance\command - "" = K:\start.exe -- File not found

O33 - MountPoints2\{cbc478ee-8a5c-11de-b0b3-0013d38a0dca}\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/30 01:23:12 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe

[2010/06/29 21:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia

[2010/06/29 21:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe

[2010/06/27 11:58:23 | 000,923,695 | ---- | C] (Mappy SA ) -- C:\Documents and Settings\SALIGNAC\Bureau\MappySynchro_v2.1.exe

[2010/06/27 11:55:44 | 007,187,248 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\SALIGNAC\Bureau\ACTIVS.exe

[2010/06/21 13:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS

[2010/06/21 13:54:19 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan

[2010/06/21 13:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton

[2010/06/21 13:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS\0207030.022

[2010/06/21 13:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec

[2010/06/21 13:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller

[2010/06/21 13:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller

[2010/06/21 10:55:17 | 002,120,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll

[2010/06/21 10:55:17 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll

[2010/06/21 10:55:17 | 000,567,792 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll

[2010/06/21 10:55:17 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll

[2010/06/21 10:55:17 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll

[2010/06/21 10:55:17 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll

[2010/06/21 10:55:17 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe

[2010/06/21 10:55:17 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe

[2010/06/21 10:55:17 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll

[2010/06/21 10:55:17 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe

[2010/06/21 10:55:17 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe

[2010/06/21 10:55:17 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe

[2010/06/21 10:55:17 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys

[2010/06/21 10:55:17 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys

[2010/06/20 23:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\Mumble

[2010/06/18 21:53:16 | 013,004,984 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\SALIGNAC\Bureau\TeamSpeak3-Client-win32-3.0.0-beta22.exe

[2010/06/18 15:01:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\Mumble

[2010/06/18 13:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\MaxTV Technologies

[2010/06/18 13:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\MaxTV Technologies

[2010/06/18 13:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Mes documents\MaxTV

[2010/06/11 13:19:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll

[2010/06/09 14:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\teamspeak2

[2010/06/09 14:51:52 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm

[2010/06/09 11:57:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Application Data\.minecraft

[2010/06/05 16:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2010/06/05 16:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2010/06/05 16:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2010/06/05 16:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2010/06/05 16:04:01 | 097,547,048 | ---- | C] (Apple Inc.) -- C:\Documents and Settings\SALIGNAC\Bureau\iTunesSetup.exe

[2010/06/04 18:24:05 | 000,130,432 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtnicxp.sys

[2010/06/04 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2010/06/04 18:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SALIGNAC\Bureau\PCI_Install_XP_2K_5719_11202009

[2010/03/04 14:55:34 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll

[2010/03/04 14:55:33 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll

[2010/03/04 14:55:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll

[2010/03/04 14:55:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll

[2009/08/04 19:28:52 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDXhcp.dll

[2009/08/04 19:28:51 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxinpa.dll

[2009/08/04 19:28:51 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxiesc.dll

[2009/08/04 19:28:50 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxusb1.dll

[2009/08/04 19:28:49 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxserv.dll

[2009/08/04 19:28:48 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxpmui.dll

[2009/08/04 19:28:48 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxlmpm.dll

[2009/08/04 19:28:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxprox.dll

[2009/08/04 19:28:46 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxhbn3.dll

[2009/08/04 19:28:43 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomc.dll

[2009/08/04 19:28:43 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomm.dll

[55 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

[1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/30 01:23:13 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SALIGNAC\Bureau\OTL.exe

[2010/06/29 21:01:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/06/29 21:00:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/06/29 20:59:45 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\SALIGNAC\ntuser.ini

[2010/06/29 20:59:44 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\ntuser.dat

[2010/06/28 21:40:07 | 000,158,720 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/27 11:58:24 | 000,923,695 | ---- | M] (Mappy SA ) -- C:\Documents and Settings\SALIGNAC\Bureau\MappySynchro_v2.1.exe

[2010/06/27 11:57:54 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\$_hpcst$.hpc

[2010/06/27 11:55:46 | 007,187,248 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\SALIGNAC\Bureau\ACTIVS.exe

[2010/06/27 10:33:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/06/25 14:22:20 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/06/23 09:10:43 | 000,513,498 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2010/06/23 09:10:43 | 000,444,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/06/23 09:10:43 | 000,085,644 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2010/06/23 09:10:42 | 001,085,204 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/06/23 09:10:42 | 000,072,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/06/22 15:29:53 | 735,447,040 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Love Actually DVDRiP .Eminem' Mini-Tyson.avi

[2010/06/21 13:54:30 | 000,000,480 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for SALIGNAC.job

[2010/06/21 13:54:26 | 000,000,979 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Norton Security Scan.lnk

[2010/06/21 13:54:19 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini

[2010/06/21 10:55:59 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\DivX Movies.lnk

[2010/06/21 10:55:34 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk

[2010/06/21 10:55:06 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Converter.lnk

[2010/06/18 21:54:19 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\TeamSpeak 3 Client.lnk

[2010/06/18 21:53:38 | 013,004,984 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\SALIGNAC\Bureau\TeamSpeak3-Client-win32-3.0.0-beta22.exe

[2010/06/18 15:22:01 | 000,002,391 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Mes documents\MumbleAutomaticCertificateBackup.p12

[2010/06/18 14:59:53 | 012,842,720 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\mumble_mumble_1.2.2_francais_43179.exe

[2010/06/18 13:21:07 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\default.rss

[2010/06/18 13:21:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/06/18 13:17:22 | 000,000,531 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk

[2010/06/17 23:41:18 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk

[2010/06/17 13:17:20 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Salignac Prisca.doc

[2010/06/14 21:13:22 | 002,249,499 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\Oui oui.mp3

[2010/06/14 13:52:44 | 000,493,589 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\identite2.JPG

[2010/06/14 13:20:25 | 000,520,067 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\identite1.JPG

[2010/06/14 13:19:36 | 002,772,206 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\bulletin de paye.JPG

[2010/06/12 11:05:30 | 000,155,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/06/12 02:38:35 | 000,000,944 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/06/12 02:37:34 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010/06/09 14:51:52 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm

[2010/06/09 14:51:11 | 005,862,994 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\ts2_client_rc2_2032.exe

[2010/06/07 17:08:27 | 000,400,330 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\07-06-2010 17;08;28.JPG

[2010/06/05 16:11:56 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk

[2010/06/05 16:04:03 | 097,547,048 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\SALIGNAC\Bureau\iTunesSetup.exe

[2010/06/04 18:23:27 | 005,159,181 | ---- | M] () -- C:\Documents and Settings\SALIGNAC\Bureau\PCI_Install_XP_2K_5719_11202009.zip

[55 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

[1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/27 11:57:54 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Application Data\$_hpcst$.hpc

[2010/06/22 15:08:23 | 735,447,040 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Love Actually DVDRiP .Eminem' Mini-Tyson.avi

[2010/06/21 13:54:30 | 000,000,480 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for SALIGNAC.job

[2010/06/21 13:54:26 | 000,000,979 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Norton Security Scan.lnk

[2010/06/21 13:54:19 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini

[2010/06/21 10:55:34 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk

[2010/06/21 10:55:06 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Converter.lnk

[2010/06/21 00:14:35 | 735,207,424 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Burn After Reading.avi

[2010/06/18 21:54:19 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\TeamSpeak 3 Client.lnk

[2010/06/18 15:22:01 | 000,002,391 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Mes documents\MumbleAutomaticCertificateBackup.p12

[2010/06/18 14:59:45 | 012,842,720 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\mumble_mumble_1.2.2_francais_43179.exe

[2010/06/18 13:17:22 | 000,000,531 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk

[2010/06/17 13:17:19 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Salignac Prisca.doc

[2010/06/14 21:08:37 | 002,249,499 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\Oui oui.mp3

[2010/06/14 13:21:19 | 000,493,589 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\identite2.JPG

[2010/06/14 13:20:32 | 000,520,067 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\identite1.JPG

[2010/06/14 13:19:46 | 002,772,206 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\bulletin de paye.JPG

[2010/06/09 14:50:54 | 005,862,994 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\ts2_client_rc2_2032.exe

[2010/06/07 17:08:35 | 000,400,330 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\07-06-2010 17;08;28.JPG

[2010/06/05 16:11:56 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk

[2010/06/04 18:24:05 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2010/06/04 18:23:23 | 005,159,181 | ---- | C] () -- C:\Documents and Settings\SALIGNAC\Bureau\PCI_Install_XP_2K_5719_11202009.zip

[2010/05/15 19:29:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll

[2010/05/15 19:29:27 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini

[2010/03/04 14:55:40 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini

[2010/02/26 10:55:08 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009/12/05 20:48:40 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009/08/07 13:40:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009/08/07 13:07:01 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini

[2009/08/06 13:06:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll

[2009/08/06 13:02:40 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll

[2009/08/06 13:02:22 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll

[2009/08/04 20:06:47 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009/08/04 19:34:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdxvs.dll

[2009/08/04 19:34:49 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdxcoin.dll

[2009/08/04 19:33:54 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdxdrs.dll

[2009/08/04 19:33:54 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdxcaps.dll

[2009/08/04 19:33:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdxcnv4.dll

[2009/08/04 19:29:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdxrwrd.ini

[2009/08/04 19:28:52 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDXinst.dll

[2009/08/04 19:28:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdxgrd.dll

[2009/08/04 16:14:32 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2009/08/04 15:52:13 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2003/02/27 10:07:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll

[2002/11/13 15:33:22 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\asus_tv_tune.dll

========== LOP Check ==========

[2010/01/31 10:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bandoo

[2009/11/21 15:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chat Republic Games

[2010/02/26 11:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2009/12/05 20:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software

[2009/09/27 16:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark 3600-4600 Series

[2010/05/15 19:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX

[2010/06/04 17:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com

[2010/02/01 18:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!

[2010/02/20 22:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU

[2010/02/26 11:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive

[2010/06/05 16:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2009/10/29 02:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2010/06/09 11:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\.minecraft

[2009/12/01 19:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Bandoo

[2010/02/26 11:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\DAEMON Tools Pro

[2010/06/16 00:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\FileZilla

[2009/12/05 20:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\id Software

[2009/08/19 11:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Lexmark Productivity Studio

[2010/05/15 19:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LG Electronics

[2010/05/22 13:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LolClient

[2009/09/20 11:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1

[2010/01/29 19:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\ManyCam

[2010/06/18 13:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\MaxTV Technologies

[2010/06/30 01:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Mumble

[2010/01/22 00:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\OpenOffice.org

[2009/10/02 21:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\pokerth

[2010/02/26 11:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Sports Interactive

[2010/05/18 14:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\SystemRequirementsLab

[2010/05/08 22:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\Tams11

[2009/08/04 18:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SALIGNAC\Application Data\TeamViewer

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 30/06/2010 01:24:22 - Run 1

OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\SALIGNAC\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

895,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 15,00% Memory free

2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free

Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 78,13 Gb Total Space | 32,26 Gb Free Space | 41,29% Space Free | Partition Type: NTFS

Drive D: | 108,18 Gb Total Space | 77,29 Gb Free Space | 71,44% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: SALON

Current User Name: SALIGNAC

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher

"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher

"8080:TCP" = 8080:TCP:*:Enabled:freeplayer

"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp

"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

"6892:TCP" = 6892:TCP:*:Enabled:League of Legends Launcher

"6892:UDP" = 6892:UDP:*:Enabled:League of Legends Launcher

"6882:TCP" = 6882:TCP:*:Enabled:League of Legends Launcher

"6882:UDP" = 6882:UDP:*:Enabled:League of Legends Launcher

"6964:TCP" = 6964:TCP:*:Enabled:League of Legends Launcher

"6964:UDP" = 6964:UDP:*:Enabled:League of Legends Launcher

"6993:TCP" = 6993:TCP:*:Enabled:League of Legends Launcher

"6993:UDP" = 6993:UDP:*:Enabled:League of Legends Launcher

"6936:TCP" = 6936:TCP:*:Enabled:League of Legends Launcher

"6936:UDP" = 6936:UDP:*:Enabled:League of Legends Launcher

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"6928:TCP" = 6928:TCP:*:Enabled:League of Legends Launcher

"6928:UDP" = 6928:UDP:*:Enabled:League of Legends Launcher

"8393:TCP" = 8393:TCP:*:Enabled:League of Legends Lobby

"8393:UDP" = 8393:UDP:*:Enabled:League of Legends Lobby

"8390:TCP" = 8390:TCP:*:Enabled:League of Legends Game Client

"8390:UDP" = 8390:UDP:*:Enabled:League of Legends Game Client

"6962:TCP" = 6962:TCP:*:Enabled:League of Legends Launcher

"6962:UDP" = 6962:UDP:*:Enabled:League of Legends Launcher

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found

"D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found

"D:\Microsoft ActiveSync\rapimgr.exe" = D:\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"D:\Microsoft ActiveSync\wcescomm.exe" = D:\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"D:\Microsoft ActiveSync\WCESMgr.exe" = D:\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Documents and Settings\SALIGNAC\temp\TeamViewer\Version4\TeamViewer.exe" = C:\Documents and Settings\SALIGNAC\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)

"C:\WINDOWS\system32\lxdxcoms.exe" = C:\WINDOWS\system32\lxdxcoms.exe:*:Enabled:3600-4600 Series Server -- ( )

"C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" = C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe:*:Enabled:Printer Device Monitor -- ()

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe:*:Enabled:Printer Status Window Interface -- ()

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe:*:Enabled:Job Status Window Interface -- ()

"D:\TeamScripT4\mirc.exe" = D:\TeamScripT4\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Disabled:eMule -- File not found

"C:\Program Files\Lexmark 3600-4600 Series\frun.exe" = C:\Program Files\Lexmark 3600-4600 Series\frun.exe:*:Disabled:Printing Application -- ()

"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)

"D:\League of Legends\Air\LolClient.exe" = D:\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- ()

"D:\League of Legends\Game\League of Legends.exe" = D:\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()

"C:\Program Files\League of Legends\Air\LolClient.exe" = C:\Program Files\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- File not found

"C:\Program Files\League of Legends\Game\League of Legends.exe" = C:\Program Files\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- File not found

"C:\Program Files\Lexmark 3600-4600 Series\Diagnostics\LXDXdiag.exe" = C:\Program Files\Lexmark 3600-4600 Series\Diagnostics\LXDXdiag.exe:*:Enabled: -- ()

"C:\Program Files\Lexmark 3600-4600 Series\lxdxlscn.exe" = C:\Program Files\Lexmark 3600-4600 Series\lxdxlscn.exe:*:Enabled: -- ()

"D:\Tgl0beSCRIPT\mIRC.exe" = D:\Tgl0beSCRIPT\mIRC.exe:*:Enabled:mIRC -- File not found

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)

"D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found

"D:\Combat Arms EU\NMService.exe" = D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- File not found

"D:\adslTV\vlc.exe" = D:\adslTV\vlc.exe:*:Enabled:VLC media player -- File not found

"C:\Documents and Settings\SALIGNAC\Bureau\Freeplayer\vlc\vlc.exe" = C:\Documents and Settings\SALIGNAC\Bureau\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player -- ()

"D:\HomePlayer\HomePlayer.exe" = D:\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer -- ()

"D:\HomePlayer\VLC\vlc.exe" = D:\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer -- ()

"D:\Football Manager 2010\fm.exe" = D:\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010 -- File not found

"D:\Yahoo!\Messenger\YahooMessenger.exe" = D:\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)

"D:\HTTP-Tunnel\HTTP-TunnelClient.exe" = D:\HTTP-Tunnel\HTTP-TunnelClient.exe:*:Enabled:HTTP-Tunnel Client -- File not found

"D:\Wolfenstein - Enemy Territory\ET.exe" = D:\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- File not found

"D:\UrbanTerror\ioUrbanTerror.exe" = D:\UrbanTerror\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror -- File not found

"D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found

"D:\Fathom\fathom.exe" = D:\Fathom\fathom.exe:*:Enabled:fathom -- File not found

"D:\Tams11\Tams11Lobby.exe" = D:\Tams11\Tams11Lobby.exe:*:Enabled:Tams11 Lobby -- File not found

"C:\Program Files\Tams11\Games\Fathom\fathom.exe" = C:\Program Files\Tams11\Games\Fathom\fathom.exe:*:Enabled:fathom -- ()

"D:\VLC\vlc.exe" = D:\VLC\vlc.exe:*:Enabled:adsl TV (VLC) -- ()

"D:\adslTV\adsltv.exe" = D:\adslTV\adsltv.exe:*:Enabled:adsl TV (EXE) -- (adsl TV / FM)

"D:\adslTV\VLC\vlc.exe" = D:\adslTV\VLC\vlc.exe:*:Enabled:adsl TV (VLC) -- ()

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)

"D:\MaxTV4\maxtv.exe" = D:\MaxTV4\maxtv.exe:*:Enabled:MaxTV -- File not found

"D:\MaxTV4\core\maxtv_xul.exe" = D:\MaxTV4\core\maxtv_xul.exe:*:Enabled:MaxTV GUI -- File not found

"D:\MaxTV4\recorder.exe" = D:\MaxTV4\recorder.exe:*:Enabled:MaxTV Recorder -- File not found

"D:\MaxTV4\task_scheduler.exe" = D:\MaxTV4\task_scheduler.exe:*:Enabled:MaxTV Recorder Manager -- File not found

"D:\Microsoft ActiveSync\rapimgr.exe" = D:\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"D:\Microsoft ActiveSync\wcescomm.exe" = D:\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"D:\Microsoft ActiveSync\WCESMgr.exe" = D:\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

"D:\League of Legends\lol.launcher.exe" = D:\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher -- (Solid State Networks)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{00b899b5-1304-4389-b98e-cff6ac96e765}" = Nero 9

"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime

"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish

"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero BurningROM

"{0F0D79F1-F46E-4433-9A16-E683A1D8CC9B}" = LG PC Suite II

"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common

"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II

"{14E3D14B-7852-477D-ACE2-895AF4322804}" = Ma-Config.com

"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help

"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard

"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese

"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 18

"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English

"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation

"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German

"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins

"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French

"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode

"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent

"{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish

"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian

"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Visionneuse Journal Windows Microsoft

"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision

"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean

"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch

"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress

"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision

"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help

"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help

"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek

"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner

"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full

"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger

"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart

"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help

"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights

"{7D73CC6B-33A8-4DE2-9539-2498A59C12C2}" = My Cinema

"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call

"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed

"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New

"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian

"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour

"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding

"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{903B040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support

"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab

"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap

"{A10D9B03-AABB-47D7-8A30-2FEA97E70BC7}" = Quake Live Mozilla Plugin

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1 - Français

"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver

"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help

"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian

"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish

"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles

"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0

"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai

"{B2E581DB-C4DD-432C-AC84-ED761AC056BC}" = OpenOffice.org 3.1

"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center

"{b3be13d7-a900-4f3c-a396-06698edd6d19}" = Nero 9

"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit

"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All

"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter

"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver

"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing

"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help

"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish

"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1

"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari

"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static

"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light

"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live

"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility

"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit

"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed

"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help

"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer

"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = FRONTECH ECAM USB PC CAMERA

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget

"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter

"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights

"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool

"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel

"ATI Display Driver" = ATI Display Driver

"Audacity_is1" = Audacity 1.2.6

"avast!" = avast! Antivirus

"DivX Setup.divx.com" = Configuration DivX

"Fathom_is1" = Fathom 1.0.4.6

"FileZilla Client" = FileZilla Client 3.2.6.1

"Governor of Poker" = Governor of Poker

"HijackThis" = HijackThis 2.0.2

"HomePlayer" = HomePlayer 1.5.9

"ie8" = Windows Internet Explorer 8

"InstallShield_{7D73CC6B-33A8-4DE2-9539-2498A59C12C2}" = My Cinema

"League of Legends_is1" = League of Legends

"Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series

"MappySynchro_is1" = MappySynchro v2.1

"Messenger Plus! Live" = Messenger Plus! Live

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"mIRC" = mIRC

"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Mumble" = Mumble and Murmur

"NSS" = Norton Security Scan

"PokerTH 0.7.1" = PokerTH

"PunkBusterSvc" = PunkBuster Services

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"VLC media player" = VLC media player 1.0.1

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"Yahoo! Messenger" = Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]

Error - 08/11/2009 08:07:09 | Computer Name = SALON | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://spreadsheets.google.com/ar?id=tvW_Lv3lEywk0oH9LGKhe0A.13546136219625226042.183734493114803709&hl=en&gsessionid=k6PfdueDD10

failed, 0000A413.

Error - 14/11/2009 09:16:12 | Computer Name = SALON | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://api.erepublik.com/v1/feeds/regions/198.json failed, 0000A413.

Error - 14/05/2010 10:36:23 | Computer Name = SALON | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

F:\DCIM\101MSDCF\DSC00728.JPG failed, 0000001E.

[ Application Events ]

Error - 18/02/2010 16:49:26 | Computer Name = SALON | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

Error - 19/02/2010 02:38:43 | Computer Name = SALON | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

Error - 20/02/2010 03:27:57 | Computer Name = SALON | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

Error - 22/02/2010 03:42:44 | Computer Name = SALON | Source = PerfNet | ID = 2005

Description = Impossible de lire les données de performance du Service serveur. Aucune

donnée de performance du serveur ne sera renvoyée pour cet extrait. Le code d'erreur

renvoyé est la donnée DWORD 0, IOSB.Status est DWORD 1 et IOSB.Information est DWORD

2.

Error - 22/02/2010 03:42:44 | Computer Name = SALON | Source = PerfNet | ID = 2006

Description = Impossible de lire les données de performance de la file d'attente

serveur du Service serveur. Aucune donnée de performance de la file d'attente serveur

ne

sera renvoyée pour cet extrait. Le code d'erreur renvoyé est la donnée DWORD 0,

IOSB.Status est DWORD 1 et IOSB.Information est DWORD 2.

Error - 22/02/2010 06:01:30 | Computer Name = SALON | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

Error - 22/02/2010 10:01:10 | Computer Name = SALON | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

Error - 23/02/2010 04:37:42 | Computer Name = SALON | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

Error - 23/02/2010 16:43:03 | Computer Name = SALON | Source = Application Error | ID = 1000

Description = Application défaillante firefox.exe, version 1.9.1.3497, module défaillant

npswf32.dll, version 10.0.32.18, adresse de défaillance 0x0002ad8b.

Error - 24/02/2010 03:17:18 | Computer Name = SALON | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

[ System Events ]

Error - 29/06/2010 09:32:25 | Computer Name = SALON | Source = Service Control Manager | ID = 7023

Description = Le service NetCreatr Driver Management Service s'est arrêté avec l'erreur :

%%126

Error - 29/06/2010 09:32:25 | Computer Name = SALON | Source = Service Control Manager | ID = 7000

Description = Le service Bandoo Coordinator n'a pas pu démarrer en raison de l'erreur :

%%3

Error - 29/06/2010 12:41:29 | Computer Name = SALON | Source = Service Control Manager | ID = 7009

Description = Délai (30000 millisecondes) d'attente pour une connexion du service

lxdxCATSCustConnectService.

Error - 29/06/2010 12:41:29 | Computer Name = SALON | Source = Service Control Manager | ID = 7000

Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison

de l'erreur : %%1053

Error - 29/06/2010 12:41:29 | Computer Name = SALON | Source = Service Control Manager | ID = 7023

Description = Le service NetCreatr Driver Management Service s'est arrêté avec l'erreur :

%%126

Error - 29/06/2010 12:41:29 | Computer Name = SALON | Source = Service Control Manager | ID = 7000

Description = Le service Bandoo Coordinator n'a pas pu démarrer en raison de l'erreur :

%%3

Error - 29/06/2010 15:02:55 | Computer Name = SALON | Source = Service Control Manager | ID = 7009

Description = Délai (30000 millisecondes) d'attente pour une connexion du service

lxdxCATSCustConnectService.

Error - 29/06/2010 15:02:55 | Computer Name = SALON | Source = Service Control Manager | ID = 7000

Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison

de l'erreur : %%1053

Error - 29/06/2010 15:02:55 | Computer Name = SALON | Source = Service Control Manager | ID = 7023

Description = Le service NetCreatr Driver Management Service s'est arrêté avec l'erreur :

%%126

Error - 29/06/2010 15:02:55 | Computer Name = SALON | Source = Service Control Manager | ID = 7000

Description = Le service Bandoo Coordinator n'a pas pu démarrer en raison de l'erreur :

%%3

< End of report >

no.ppp · le 30 juin 2010

Salut,

Tu as encore Norton d'installé ?

Sauvegarde ta Base de Registre : Sauvegarde de la base de registre

Relance OTL.exe.

Copie-colle le code suivant dans la fenêtre Personnalisation

:OTL
SRV - File not found [Auto | Stopped] -- -- (Bandoo Coordinator)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O4 - HKLM..\Run: [apocalyps32] C:\WINDOWS\apocalyps32.exe ()
O4 - HKU\S-1-5-21-1275210071-1659004503-725345543-1005..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe File not found
O4 - Startup: C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk = D:\MaxTV4\task_scheduler.exe File not found
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\progra~1\bandoo\bndhook.dll File not found
O33 - MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\Shell\AutoRun\command - "" = K:\start.exe -- File not found
O33 - MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\Shell\iledefrance\command - "" = K:\start.exe -- File not found
[55 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\Documents and Settings\SALIGNAC\*.tmp files -> C:\Documents and Settings\SALIGNAC\*.tmp -> ]
:files
C:\WINDOWS\apocalyps32.exe
:services
:reg
:commands
[EmptyTemp]
[EmptyFlash]
[Purity]
[CREATERESTOREPOINT]
[ResetHosts]
[Reboot]
Clique ensuite sur Correction et patiente pendant que l'outil travaille.
Copie-colle le contenu du rapport qui s'ouvre (C\_OTL\MovedFiles) dans ta prochaine réponse.

Télécharge Malwarebytes' Anti-Malware (MBAM)

Double clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
Sélectionne "Exécuter un examen rapide"
Clique sur "Rechercher"
L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Biessaten · le 30 juin 2010

J'ai désinstallé le truc norton après ta remarque.

All processes killed

========== OTL ==========

Service Bandoo Coordinator stopped successfully!

Service Bandoo Coordinator deleted successfully!

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apocalyps32 deleted successfully.

C:\WINDOWS\apocalyps32.exe moved successfully.

Registry value HKEY_USERS\S-1-5-21-1275210071-1659004503-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent deleted successfully.

C:\Documents and Settings\SALIGNAC\Menu Démarrer\Programmes\Démarrage\MaxTV Recorder Manager.lnk moved successfully.

File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.

Starting removal of ActiveX control DirectAnimation Java Classes

Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.

File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.

Starting removal of ActiveX control Microsoft XML Parser for Java

Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\bandoo\bndhook.dll deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\ not found.

File K:\start.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1603a3e6-87ec-11de-b0a7-0013d38a0dca}\ not found.

File K:\start.exe not found.

C:\WINDOWS\002478_.tmp deleted successfully.

C:\WINDOWS\005444_.tmp deleted successfully.

C:\WINDOWS\SET29.tmp deleted successfully.

C:\WINDOWS\SET2A.tmp deleted successfully.

C:\WINDOWS\SET2B.tmp deleted successfully.

C:\WINDOWS\SET2C.tmp deleted successfully.

C:\WINDOWS\SET2D.tmp deleted successfully.

C:\WINDOWS\SET2E.tmp deleted successfully.

C:\WINDOWS\SET2F.tmp deleted successfully.

C:\WINDOWS\SET3.tmp deleted successfully.

C:\WINDOWS\SET30.tmp deleted successfully.

C:\WINDOWS\SET31.tmp deleted successfully.

C:\WINDOWS\SET32.tmp deleted successfully.

C:\WINDOWS\SET33.tmp deleted successfully.

C:\WINDOWS\SET34.tmp deleted successfully.

C:\WINDOWS\SET35.tmp deleted successfully.

C:\WINDOWS\SET36.tmp deleted successfully.

C:\WINDOWS\SET37.tmp deleted successfully.

C:\WINDOWS\SET38.tmp deleted successfully.

C:\WINDOWS\SET39.tmp deleted successfully.

C:\WINDOWS\SET3A.tmp deleted successfully.

C:\WINDOWS\SET3B.tmp deleted successfully.

C:\WINDOWS\SET3C.tmp deleted successfully.

C:\WINDOWS\SET3D.tmp deleted successfully.

C:\WINDOWS\SET3E.tmp deleted successfully.

C:\WINDOWS\SET3F.tmp deleted successfully.

C:\WINDOWS\SET40.tmp deleted successfully.

C:\WINDOWS\SET41.tmp deleted successfully.

C:\WINDOWS\SET42.tmp deleted successfully.

C:\WINDOWS\SET43.tmp deleted successfully.

C:\WINDOWS\SET44.tmp deleted successfully.

C:\WINDOWS\SET45.tmp deleted successfully.

C:\WINDOWS\SET46.tmp deleted successfully.

C:\WINDOWS\SET47.tmp deleted successfully.

C:\WINDOWS\SET48.tmp deleted successfully.

C:\WINDOWS\SET49.tmp deleted successfully.

C:\WINDOWS\SET4A.tmp deleted successfully.

C:\WINDOWS\SET4B.tmp deleted successfully.

C:\WINDOWS\SET4C.tmp deleted successfully.

C:\WINDOWS\SET4D.tmp deleted successfully.

C:\WINDOWS\SET4E.tmp deleted successfully.

C:\WINDOWS\SET4F.tmp deleted successfully.

C:\WINDOWS\SET50.tmp deleted successfully.

C:\WINDOWS\SET51.tmp deleted successfully.

C:\WINDOWS\SET52.tmp deleted successfully.

C:\WINDOWS\SET53.tmp deleted successfully.

C:\WINDOWS\SET54.tmp deleted successfully.

C:\WINDOWS\SET55.tmp deleted successfully.

C:\WINDOWS\SET56.tmp deleted successfully.

C:\WINDOWS\SET57.tmp deleted successfully.

C:\WINDOWS\SET58.tmp deleted successfully.

C:\WINDOWS\SET59.tmp deleted successfully.

C:\WINDOWS\SET5A.tmp deleted successfully.

C:\WINDOWS\SET5B.tmp deleted successfully.

C:\WINDOWS\SETA.tmp deleted successfully.

C:\WINDOWS\System32\CONFIG.TMP deleted successfully.

C:\WINDOWS\System32\SET148.tmp deleted successfully.

C:\WINDOWS\System32\SET14C.tmp deleted successfully.

C:\WINDOWS\System32\SET14D.tmp deleted successfully.

C:\WINDOWS\System32\SET154.tmp deleted successfully.

C:\Documents and Settings\All Users\SPL2B.tmp deleted successfully.

C:\Documents and Settings\All Users\SPL9.tmp deleted successfully.

C:\Documents and Settings\SALIGNAC\errorlog.tmp deleted successfully.

========== FILES ==========

File\Folder C:\WINDOWS\apocalyps32.exe not found.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 35622 bytes

->Flash cache emptied: 41044 bytes

User: LocalService

->Temp folder emptied: 115616 bytes

->Temporary Internet Files folder emptied: 69356373 bytes

->Flash cache emptied: 682 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 1527140 bytes

User: SALIGNAC

->Temp folder emptied: 2472816804 bytes

->Temporary Internet Files folder emptied: 2151199186 bytes

->Java cache emptied: 87131119 bytes

->FireFox cache emptied: 120963062 bytes

->Apple Safari cache emptied: 74282909 bytes

->Flash cache emptied: 515650 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 61608381 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 64677722 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 61394 bytes

RecycleBin emptied: 1669296730 bytes

Total Files Cleaned = 6 460,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

->Flash cache emptied: 0 bytes

User: LocalService

->Flash cache emptied: 434 bytes

User: NetworkService

User: SALIGNAC

->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point (0)

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.7.0 log created on 06302010_164058

Files\Folders moved on Reboot...

File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7e0.dat not found!

Registry entries deleted on Reboot...

Biessaten · le 30 juin 2010

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 4261

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

30/06/2010 17:52:42

mbam-log-2010-06-30 (17-52-42).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 123308

Temps écoulé: 25 minute(s), 5 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 5

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 2

Dossier(s) infecté(s): 1

Fichier(s) infecté(s): 3

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Apocalypse (Backdoor.IRCBot) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Recherche avec cherche.us (Redir.ChercheUs) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetCreate1 (Worm.Magania) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/'>http://www.nixud.com/) Good: (http://www.google.com'>http://www.google.com) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/) Good: (http://www.google.com) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):

C:\Program Files\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):

C:\Program Files\Bifrost\logg.dat (Backdoor.Bifrose) -> Quarantined and deleted successfully.

C:\Documents and Settings\SALIGNAC\Application Data\addons.dat (Bifrose.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\SALIGNAC\Application Data\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.

no.ppp · le 30 juin 2010

Salut,

Comment va ta machine ?

Nous allons rechercher les restes à l'aide d'un scan en ligne :

*Clique avec le bouton droit de ta souris sur ce lien et ouvre-le dans une nouvelle fenêtre : ESET OnlineScan

~ Cette manipulation doit se faire avec Internet Explorer !

Clique ensuite sur ce bouton pour lancer l'analyse :
Choisis YES pour accepter les termes de la license.
Clique alors sur le bouton
=> Clique dans la barre jaune qui risque d'apparaître et autorise le programme (il est évidemment sans risque)
Coche la case "Scan Archives"
Appuie alors sur "Start"
=> L'outil se met à jour, installe les nouvelles bases de données et commencer l'analyse, cela va prendre beaucoup de temps; sois patient !
Lorsqu'il a terminé, clique sur le bouton "List of found threats"
Clique alors "Export to text file..." et enregistre le fichier sur ton bureau.
Poste son contenu dans ta prochaine réponse.

Biessaten · le 30 juin 2010

Je suis en train de faire ce que tu as dit là mais pour l'instant toujours les problèmes.

edit: Je suis toujours là mais j'ai du mal a trouver 5h pour faire tourner l'analyse...

Modifié le 2 juillet 2010 par Biessaten

Biessaten · le 13 juillet 2010

Ok ok... J'avais fait une analysé où il avait trouvé je crois des virus mais j'ai du stopper avant la fin.

Je l'ai refais a l'instant et aucun virus trouvé et donc aucun rapport à te donner :s

Les problèmes sont toujours là.

Connexion

Pas encore inscrit ?

Infections : pub, lenteur... [Résolu]

Messages recommandés

Biessaten

no.ppp

Biessaten

no.ppp

Biessaten

Biessaten

no.ppp

Biessaten

Biessaten

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer