Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

(résolu) plusieurs fenêtres intempestives

mayie

Par mayie
dans Analyses et éradication malwares

 Partager

Messages recommandés

mayie Mega Power Member

mayie

Posté(e)
Posté(e) (modifié)

Merci de bien vouloir analyser mon rapport hitjackthis ci-dessous, j'ai à n'importe quel moment des fenêtres intempestives qui s'ouvrent, mon antivirus ne détecte aucun virus, pas plus que mal que malwerebytes..

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 06:41:46, on 09/10/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\cisvc.exe

C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe

C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\VIAudioi\SBADeck\ADeck.exe

C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\pointsoft\lanceur.exe

C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe

C:\Program Files\Logitech\QuickCam10\COCIManager.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Voila - Recherche

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Tropal.net

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O2 - BHO: (no name) - {BE8A4424-DC23-4493-A04D-AC20AD8EEBC2} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe (User 'Default user')

O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - Orange : téléphones, forfaits, Internet, actualité, sport, video (file missing) (HKCU)

O15 - Trusted Zone: mail Orange

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - Page introuvable | Facebook

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242959149750

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - Page introuvable | Facebook

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab

O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{54D1FA34-5770-4F7D-A220-56E44C25F9B3}: NameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{FB9F523C-D5F3-45CE-904D-4B248B3B9079}: NameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{FE00D3BE-16CD-4030-AAA3-DBF822E52A31}: NameServer = 192.168.1.1

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe (file missing)

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE

 

--

End of file - 12685 bytes

Modifié par mayie

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonjour,

 

Relancez Hijackthis.

Cochez et Fixez:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Tropal.net

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: (no name) - {BE8A4424-DC23-4493-A04D-AC20AD8EEBC2} - (no file)

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

mayie Mega Power Member

mayie

Posté(e)
  • Auteur
Posté(e)

Merci Pear,

J'ai fait comme tu m'as dit, mais j'ai tout de même encore des fenêtres qui s'ouvrent malgrè moi ; donc, d'après toi, mon rapport hijacthis est ok ?

Si c'est le cas, j'ai peut-être un autre problème .. :chpas:

pear Devil Member !

pear

Posté(e)
Posté(e)

On va voir.

 

Télécharger gmer

 

- Cliquer sur le bouton "Download EXE"

- Sauvegardez sur le Bureau.

- Collez et sauvegardez ces instructions dans un fichier texte ou imprimez-les, car il faudra fermer le navigateur.

Avant toute utilisation de GMER, veuillez désactiver votre antivirus, antispyware sous peine de crash.

 

- Fermez les fenêtres de navigateur ouvertes.

- Lancez le fichier téléchargé par double clic(le nom comporte 8 chiffres/lettres aléatoires) ;

- Si l'outil lance un warning d'activité de rootkit et demande de faire un scan ; cliquez "NO"

- Dans la section de droite de la fenêtre de l'outil, Vérifiez que soient décochées les options suivantes :

Show All

Cochez juste " Sections" et "Files

gmer.jpg

- Cliquez sur le bouton "Scan" et patientez (cela peut prendre 10 minutes ou +)

Il peut arriver que GMER plante sans raison apparente.

Vous pouvez essayer ceci : décocher "Devices" dans un premier temps et repasser l'outil ;

si ça coince toujours, décocher en plus "Files" et ré-essayez un scan.

Lorsque les informations sur le scan s'affichent , les éléments détectés comme rootkit apparaissent en rouge dans chaque section.

 

Le bouton Copy permet de récupérer le résultat pour effectuer un copier/coller.

Le bouton Save permet l'enregistrement du rapport sur votre disque au format texte.

 

 

Télécharger OTL sur le bureau

Double cliquer sur l'icône

otlicon.gif

 

Vérifiez que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.

Cochez]----------------->Tous les utilisateurs

Sous Rapport

Cliquez ----------------------------->Rapport Standard

Sous Régistre Standard cocher Tous

Cochez------------------------------> Lop et Purity

 

Recherche du MD5:

Dans Pesonnalisation copier_coller le contenu ci dessous:

netsvcs

%SYSTEMDRIVE%\*.exe

/md5start

userinit.exe

explorer.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

iaStor.sys

nvstor.sys

atapi.sys

cdrom.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\*. /mp /s

CREATERESTOREPOINT

 

Clic sur Analyse

une fois le scan terminé , les fichiers OTL.txt et Extras.txt vont s'ouvrir

 

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Jointicne2cjoint.png

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

mayie Mega Power Member

mayie

Posté(e)
  • Auteur
Posté(e)

Hello Pear, dlée, j'ai dû m'absenter hier aprem, et ce matin je me remets au boulot !! merci pour tes conseils, mais impossible de faire un scan avec GMER, c'est interrompu par une fenetre intempestive "accueil windows live" et cela s'arrête ; j'ai décoché les cases comme indiquées, mais toujours le même problème ..

voici le résultat OTL

OTL logfile created on: 10/10/2010 07:05:40 - Run 1

OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\martinez\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

447,00 Mb Total Physical Memory | 140,00 Mb Available Physical Memory | 31,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free

Paging file location(s): c:\pagefile.sys 672 1344 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 140,77 Gb Total Space | 28,54 Gb Free Space | 20,27% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: MAYIE-233E48F

Current User Name: martinez

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010/10/10 07:00:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martinez\Bureau\OTL.scr

PRC - [2010/09/21 20:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

PRC - [2009/08/19 04:35:41 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2009/07/14 17:26:32 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/04/13 19:33:54 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\msagent\agentsvr.exe

PRC - [2007/09/25 20:27:50 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe

PRC - [2007/08/07 02:03:18 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

PRC - [2006/06/26 11:34:58 | 000,166,448 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\QuickCam10\COCIManager.exe

PRC - [2006/06/26 11:34:40 | 000,614,960 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

PRC - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe

PRC - [2006/06/26 11:33:32 | 000,243,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe

PRC - [2006/06/26 10:46:04 | 000,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe

PRC - [2005/06/02 16:54:34 | 000,086,606 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe

PRC - [2005/04/08 13:00:00 | 000,512,000 | ---- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIAudioi\SBADeck\ADeck.exe

PRC - [2005/03/11 18:33:00 | 000,147,456 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe

PRC - [2005/03/08 04:33:00 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe

PRC - [2002/09/30 09:29:48 | 008,826,932 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE

PRC - [2002/01/29 14:33:14 | 000,077,824 | ---- | M] () -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSvc.exe

PRC - [2000/11/09 17:09:42 | 000,071,952 | ---- | M] () -- C:\pointsoft\lanceur.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/10/10 07:00:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martinez\Bureau\OTL.scr

MOD - [2008/04/13 19:33:32 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll

MOD - [2008/04/13 19:33:20 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll

MOD - [2008/04/13 19:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

MOD - [2006/06/26 11:33:42 | 000,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2010/05/11 11:34:36 | 000,271,728 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2009/08/19 04:35:41 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2009/07/14 17:26:32 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)

SRV - [2007/09/25 20:27:50 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe -- (FTRTSVC)

SRV - [2006/06/26 11:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)

SRV - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2006/01/16 14:17:25 | 000,065,536 | ---- | M] (Systems Internals) [On_Demand | Stopped] -- C:\WINDOWS\system32\PSSDNSVC.EXE -- (PsShutdownSvc)

SRV - [2005/06/02 16:54:34 | 000,086,606 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

SRV - [2005/05/13 17:11:14 | 000,869,888 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only)

SRV - [2005/05/13 17:11:14 | 000,869,888 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)

SRV - [2002/07/17 03:03:00 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)

SRV - [2002/01/29 14:33:14 | 000,077,824 | ---- | M] () [Auto | Running] -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV302AV.SYS -- (PID_08A0) Labtec WebCam Pro(PID_08A0)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta)

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\FBAPI.sys -- (FBAPI)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\cel90xbe.sys -- (cel90xbe)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender9\bdfdll.sys -- (bdfdll)

DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2009/12/10 18:37:43 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009/07/14 17:26:32 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008/04/13 11:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2007/09/04 21:39:16 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hmvmdm.sys -- (MobileAdapter)

DRV - [2007/01/16 12:56:52 | 000,450,560 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)

DRV - [2006/07/01 22:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2006/06/26 11:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2006/06/26 11:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)

DRV - [2006/06/26 11:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)

DRV - [2006/03/01 20:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)

DRV - [2005/05/13 17:03:52 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)

DRV - [2005/05/13 17:03:30 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)

DRV - [2005/05/13 17:03:25 | 000,028,160 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)

DRV - [2005/04/08 12:48:00 | 000,179,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)

DRV - [2004/09/21 17:39:50 | 000,179,482 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\VVBackd5.sys -- (VVBackd5)

DRV - [2004/09/21 17:39:50 | 000,043,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\RITCPT.SYS -- (RITCPT)

DRV - [2004/05/21 21:15:50 | 000,163,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920) Logitech QuickCam Express(PID_0920)

DRV - [2003/09/23 12:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)

DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

DRV - [2001/08/17 22:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)

 

 

========== Standard Registry (All) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

 

IE - HKU\.DEFAULT\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 0

IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results

IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/28 04:01:59 | 000,000,000 | ---D | M]

 

[2009/05/24 14:21:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2007/04/04 09:30:29 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

 

O1 HOSTS File: ([2004/08/05 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.

O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Liens) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe (VIA Technologies, Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [farstone] File not found

O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()

O4 - HKLM..\Run: [synchronization Manager] C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)

O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)

O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)

O4 - Startup: C:\Documents and Settings\martinez\Menu Démarrer\Programmes\Démarrage\Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O15 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..Trusted Domains: orange.fr ([webmail22] http in Sites de confiance)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242959149750 (WUWebControl Class)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab ("Ma-Config.com control)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class)

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab (AdSignerLCContrl Class)

O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} http://www.crtvg.es/camweb/camera.cab (Cameractl Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-chargeur Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Démon de cache des catégories de composant - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\martinez\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\martinez\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/01/04 14:27:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\Shell - "" = AutoRun

O33 - MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\Shell\AutoRun\command - "" = E:\VFPcAssistant.exe -- File not found

O33 - MountPoints2\{65b0ce8a-1f90-11de-bb10-0013d3a2577b}\Shell - "" = AutoRun

O33 - MountPoints2\{65b0ce8a-1f90-11de-bb10-0013d3a2577b}\Shell\AutoRun\command - "" = E:\VFPcAssistant.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (59967780790730752)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/10/10 06:59:58 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\martinez\Bureau\OTL.scr

[2010/10/09 10:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\backups

[2010/10/09 06:33:55 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe

[2010/10/08 06:42:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\martinez\Recent

[2010/10/02 07:31:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos

[2010/09/26 12:58:44 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2010/09/26 12:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\WMV9_VCM

[2010/09/25 21:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Application Data\PriceGong

[2010/09/25 21:10:20 | 003,094,759 | ---- | C] (Ankama Games) -- C:\Documents and Settings\martinez\Bureau\setupDofus2.exe

[2010/09/16 08:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Mes documents\DivX Movies

[2010/09/16 01:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Application Data\DivX

[2010/09/16 01:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee.com

[2010/09/16 01:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink

[2010/09/16 01:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo

[2010/09/16 01:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU

[2010/09/16 01:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX

[2010/09/16 01:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\vso

[2010/09/16 00:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Mes documents\PcSetup

[2010/09/15 23:17:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX(2)

[2010/09/11 12:56:34 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll

[2010/09/11 12:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU

[2010/07/28 23:46:21 | 004,145,076 | ---- | C] (Ankama Games) -- C:\Program Files\setup.exe

[2009/08/25 19:00:24 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\martinez\Application Data\pcouffin.sys

[2006/02/22 21:23:42 | 000,469,882 | ---- | C] (FC Prod.) -- C:\Program Files\colornick2.exe

[2006/02/22 00:10:04 | 009,393,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Install_MSN_Messenger.EXE

[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/10/10 07:00:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martinez\Bureau\OTL.scr

[2010/10/10 05:38:40 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe

[2010/10/10 05:37:54 | 000,125,952 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\zebulon.doc

[2010/10/10 05:27:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/10/09 23:34:47 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_1

[2010/10/09 23:10:02 | 000,000,197 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\D2Info0

[2010/10/09 23:04:51 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_2

[2010/10/09 13:04:49 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/10/09 13:04:44 | 000,210,944 | ---- | M] () -- C:\Documents and Settings\martinez\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/10/09 07:17:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/10/09 06:41:39 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Raccourci vers HiJackThis.exe.lnk

[2010/10/09 06:34:18 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe

[2010/10/08 09:26:01 | 720,810,898 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Les.Secrets.(dawe7a).Vostfr.DvDrip.Xvid.[2emule.com].avi

[2010/10/06 14:35:19 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_3

[2010/10/05 23:12:55 | 009,437,184 | ---- | M] () -- C:\Documents and Settings\martinez\ntuser.dat

[2010/10/05 03:14:32 | 001,101,364 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/10/05 03:14:32 | 000,497,278 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2010/10/05 03:14:32 | 000,462,908 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/10/05 03:14:32 | 000,093,306 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2010/10/05 03:14:32 | 000,077,626 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/10/04 05:45:32 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\martinez\ntuser.ini

[2010/10/03 03:25:15 | 655,927,296 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Génération 90.FR.Ethan Hawke.Winona Rider.avi

[2010/10/02 02:27:25 | 746,741,760 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Au Nom D'anna - Ben Stiller - Edward Norton (Divx-Fr) By Ekomos - Ng.avi

[2010/10/02 01:05:19 | 733,792,256 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Polly.Et.Moi.FRENCH.DVDrip.XviD..mey40.Vraie.VF.Shared.by.Selauqs.[emule-island.com].avi

[2010/09/26 13:36:21 | 000,000,769 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/09/26 13:10:28 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2010/09/26 13:09:54 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2010/09/26 12:52:06 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2010/09/25 21:10:57 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Dofus 2.lnk

[2010/09/25 21:10:45 | 003,094,759 | ---- | M] (Ankama Games) -- C:\Documents and Settings\martinez\Bureau\setupDofus2.exe

[2010/09/24 21:47:17 | 004,152,635 | ---- | M] (Ankama Games) -- C:\Documents and Settings\martinez\Bureau\setup.exe

[2010/09/23 22:01:46 | 1618,256,690 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\06-E J-Yong - Untold Scandal (Vostfr).avi

[2010/09/22 10:24:44 | 000,016,574 | ---- | M] () -- C:\WINDOWS\EPISMF00.SWB

[2010/09/17 16:25:10 | 000,094,720 | ---- | M] () -- C:\Documents and Settings\martinez\Mes documents\LISTE BEBE KATIA.doc

[2010/09/16 08:51:26 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Player.lnk

[2010/09/16 08:48:00 | 000,001,357 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\DivX Movies.lnk

[2010/09/16 00:16:41 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\vso_ts_preview.xml

[2010/09/11 12:28:23 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\stages mathieu.doc

[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/10/10 05:38:38 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe

[2010/10/10 05:37:53 | 000,125,952 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\zebulon.doc

[2010/10/09 06:41:38 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Raccourci vers HiJackThis.exe.lnk

[2010/10/09 06:34:58 | 000,009,986 | ---- | C] () -- C:\Program Files\hijackthis.log

[2010/09/29 10:31:11 | 733,792,256 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Polly.Et.Moi.FRENCH.DVDrip.XviD..mey40.Vraie.VF.Shared.by.Selauqs.[emule-island.com].avi

[2010/09/29 10:12:08 | 746,741,760 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Au Nom D'anna - Ben Stiller - Edward Norton (Divx-Fr) By Ekomos - Ng.avi

[2010/09/29 10:10:13 | 655,927,296 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Génération 90.FR.Ethan Hawke.Winona Rider.avi

[2010/09/27 04:55:30 | 720,810,898 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Les.Secrets.(dawe7a).Vostfr.DvDrip.Xvid.[2emule.com].avi

[2010/09/26 13:10:27 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2010/09/24 08:32:40 | 1618,256,690 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\06-E J-Yong - Untold Scandal (Vostfr).avi

[2010/09/17 16:25:09 | 000,094,720 | ---- | C] () -- C:\Documents and Settings\martinez\Mes documents\LISTE BEBE KATIA.doc

[2010/09/16 08:51:26 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Player.lnk

[2010/09/16 08:48:00 | 000,001,357 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\DivX Movies.lnk

[2010/09/12 14:11:51 | 009,437,184 | ---- | C] () -- C:\Documents and Settings\martinez\ntuser.dat

[2010/09/11 12:28:22 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\stages mathieu.doc

[2010/07/31 20:34:04 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_3

[2010/06/18 18:07:21 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_1

[2010/06/18 17:49:59 | 000,000,197 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\D2Info0

[2010/06/18 17:49:58 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_2

[2009/08/25 19:02:15 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\vso_ts_preview.xml

[2009/08/25 19:01:02 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\pcouffin.log

[2009/08/25 19:00:24 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\inst.exe

[2009/08/25 19:00:24 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\pcouffin.cat

[2009/08/25 19:00:24 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\pcouffin.inf

[2009/06/06 19:45:16 | 002,953,069 | ---- | C] () -- C:\Program Files\DofusInstaller_v1_27_0.exe

[2009/05/31 18:28:56 | 005,801,592 | ---- | C] () -- C:\Program Files\bitcomet_setup.exe

[2008/12/08 05:22:42 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini

[2008/09/15 16:52:02 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll

[2008/07/23 18:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008/07/23 18:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest

[2008/07/23 18:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest

[2008/07/23 18:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2008/06/01 15:49:00 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\QuickZip45.ini

[2007/09/18 19:12:33 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2007/04/23 20:51:19 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI

[2007/02/04 15:30:53 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat

[2006/11/17 23:07:06 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini

[2006/06/26 11:33:40 | 000,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

[2006/04/08 14:02:44 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI

[2006/03/19 13:36:40 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll

[2006/03/19 13:36:40 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll

[2006/03/19 13:35:00 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll

[2006/03/19 13:35:00 | 000,000,072 | R--- | C] () -- C:\WINDOWS\System32\epDPE.ini

[2006/03/03 19:52:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI

[2006/02/27 22:25:08 | 000,163,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\LV532AV.SYS

[2006/02/17 00:19:06 | 000,210,944 | ---- | C] () -- C:\Documents and Settings\martinez\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/02/15 13:44:23 | 000,179,482 | ---- | C] () -- C:\WINDOWS\System32\drivers\VVBackd5.sys

[2006/02/14 23:22:02 | 000,000,015 | ---- | C] () -- C:\WINDOWS\wgedit.ini

[2006/02/14 23:03:04 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI

[2006/02/14 22:51:51 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EEBAPI.dll

[2006/02/14 22:51:51 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\EEBDSCVR.dll

[2006/02/14 22:51:51 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EBAPI.dll

[2006/02/14 22:32:53 | 000,000,482 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006/02/14 22:22:40 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2006/02/14 20:59:24 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\martinez\Local Settings\Application Data\fusioncache.dat

[2006/01/06 12:05:01 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2006/01/06 10:56:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006/01/05 11:12:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll

[2006/01/04 18:48:54 | 000,000,978 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2006/01/04 14:36:26 | 000,043,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\RITCPT.SYS

[2006/01/04 14:31:53 | 000,000,931 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2000/04/12 16:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.dll

[2000/04/12 16:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll

[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll

[1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[1997/06/13 08:56:08 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

 

========== LOP Check ==========

 

[2010/06/16 06:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com

[2010/02/09 23:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!

[2006/02/14 22:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT

[2006/02/15 13:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2010/05/31 17:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\AdSigner

[2010/06/18 17:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\app

[2010/02/26 12:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\CoSoSys

[2010/10/09 22:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Dofus 2

[2010/06/18 17:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2010/07/31 20:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2010/06/18 18:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2007/04/10 21:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\EPSON

[2006/02/27 22:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\FotoWire

[2009/08/26 17:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\InfraRecorder

[2007/04/23 20:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Micro Application

[2006/02/21 20:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\MSNInstaller

[2010/09/26 11:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\PriceGong

[2010/06/18 17:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2008/06/22 21:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\TaoUSign

[2007/05/22 23:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Uniblue

[2009/06/05 09:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\uTorrent

[2008/08/12 05:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Viewpoint

[2010/09/16 00:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Vso

[2010/07/03 20:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Windows Live Writer

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.exe >

[2010/07/09 23:32:40 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\HiJackThis.exe

[2010/07/08 23:29:54 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\malwarebytes-anti-malware_malwarebytes_anti-malware_1.46_francais_215092.exe

[2009/03/05 01:40:47 | 000,974,336 | ---- | M] (Pierre TORRIS) -- C:\WinfoKeys.exe

 

 

< MD5 for: AGP440.SYS >

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys

[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008/04/13 11:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008/04/13 11:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

 

< MD5 for: ATAPI.SYS >

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys

[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

 

< MD5 for: CDROM.SYS >

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys

[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys

[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys

[2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys

[2008/04/13 11:40:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys

[2008/04/13 11:40:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

 

< MD5 for: EVENTLOG.DLL >

[2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2008/04/13 19:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008/04/13 19:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

 

< MD5 for: EXPLORER.EXE >

[2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

[2007/06/13 15:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

[2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe

[2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

 

< MD5 for: NETLOGON.DLL >

[2008/04/13 19:33:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008/04/13 19:33:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

 

< MD5 for: SCECLI.DLL >

[2008/04/13 19:33:42 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008/04/13 19:33:42 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

[2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

 

< MD5 for: USERINIT.EXE >

[2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

[2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

 

< %systemroot%\*. /mp /s >

< End of report >

Merci à toi !! ;)

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonjour,

 

Relancez Otl:

 

Sous Custom scan Files ou Personnalisation

Copiez Collez

:OTL

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV302AV.SYS -- (PID_08A0) Labtec WebCam Pro(PID_08A0)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta)

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\FBAPI.sys -- (FBAPI)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\cel90xbe.sys -- (cel90xbe)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender9\bdfdll.sys -- (bdfdll)

IE - HKU\.DEFAULT\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found

IE - HKU\S-1-5-18\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.

O4 - HKLM..\Run: [farstone] File not found

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\msdaipp - No CLSID value found

O33 - MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\Shell\AutoRun\command - "" = E:\VFPcAssistant.exe -- File not found

[2010/09/25 21:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Application Data\PriceGong

[2010/10/10 05:38:40 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe

 

:files

 

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]

""=""%1" %*"

[purity]

[emptytemp]

[resethosts]

[Reboot]

-------->Cliquer Runfix ou Correction

 

OTL redémarrera le système automatiquement.

Postez le rapport.

mayie Mega Power Member

mayie

Posté(e)
  • Auteur
Posté(e)

Coucou Pear, je fais de suite la manip, je relance OLT comme indiqué ;

entre-temps j'ai relancé gmer, qui ne s'est pas arrêté cette fois, mais cela ne m'a pas indiqué une fenetre "terminé", alors je ne sais pas si ce que j'ai sauvegardé est analysable , je te le fais passer ; merci beaucoup, et je te fais suivre le nouveau rapport OLt :)

GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover

Rootkit scan 2010-10-10 10:43:35

Windows 5.1.2600 Service Pack 3

Running: c9h7jogz.exe; Driver: C:\DOCUME~1\martinez\LOCALS~1\Temp\pgdoraod.sys

 

 

---- System - GMER 1.0.15 ----

 

SSDT F7A931FE ZwCreateKey

SSDT F7A931F4 ZwCreateThread

SSDT F7A93203 ZwDeleteKey

SSDT F7A9320D ZwDeleteValueKey

SSDT F7A93212 ZwLoadKey

SSDT F7A931E0 ZwOpenProcess

SSDT F7A931E5 ZwOpenThread

SSDT F7A9321C ZwReplaceKey

SSDT F7A93217 ZwRestoreKey

SSDT F7A93208 ZwSetValueKey

SSDT F7A931EF ZwTerminateProcess

 

---- User code sections - GMER 1.0.15 ----

 

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!LoadResource 7C80A055 7 Bytes JMP 2806C580 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!FindResourceExW 7C80AD28 7 Bytes JMP 2806C3E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!FindResourceW 7C80BC6E 7 Bytes JMP 2806C360 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!SizeofResource 7C80BD09 7 Bytes JMP 2806C630 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!FindResourceA 7C80BF29 7 Bytes JMP 2806C460 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!LockResource 7C80CD37 5 Bytes JMP 2806C6A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!CreateEventA 7C8308B5 5 Bytes JMP 2806BFC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!FindResourceExA 7C835FA8 7 Bytes JMP 2806C4F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ADVAPI32.dll!CryptDeriveKey 77DB9FFD 7 Bytes JMP 2806BAD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ADVAPI32.dll!CryptDecrypt 77DBA129 7 Bytes JMP 2806BB30 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!GetWindowLongW 7E3988A6 7 Bytes JMP 28070560 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 2806E560 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!SetWindowPlacement 7E39DE46 5 Bytes JMP 2806FB00 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!CreateDialogParamW 7E39EA3B 5 Bytes JMP 2806FC50 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!LoadImageW 7E3A7B97 5 Bytes JMP 280702B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 2806DB40 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!SetWindowRgn 7E3AE528 7 Bytes JMP 2806FBA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!LoadIconW 7E3AE8BC 5 Bytes JMP 28070430 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 2806FE50 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!TrackPopupMenuEx 7E3ECF62 5 Bytes JMP 2806EBE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!closesocket 719F3E2B 5 Bytes JMP 280748C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!send 719F4C27 5 Bytes JMP 28074580 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 280743D0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!recv 719F676F 5 Bytes JMP 280742A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 280746F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] SHELL32.dll!Shell_NotifyIconW 7CA3A587 5 Bytes JMP 2806D230 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ole32.dll!CoInitializeEx 774BEF7B 5 Bytes JMP 2806C900 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 2806CC80 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ole32.dll!CoRegisterClassObject 774D7E90 5 Bytes JMP 2806CA00 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WININET.dll!InternetReadFile 404B654B 5 Bytes JMP 280734B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WININET.dll!InternetCloseHandle 404B9088 5 Bytes JMP 280735F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WININET.dll!HttpOpenRequestA 404BD508 5 Bytes JMP 28073350 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WININET.dll!HttpSendRequestA 404CEE89 5 Bytes JMP 28073550 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software)

 

---- User IAT/EAT - GMER 1.0.15 ----

 

IAT C:\WINDOWS\Explorer.EXE[1484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [014E2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\Explorer.EXE[1484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [014E2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\Explorer.EXE[1484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [014E2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\Explorer.EXE[1484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [014E2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\QuickCam10\COCIManager.exe[1548] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AF2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\QuickCam10\COCIManager.exe[1548] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AF2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\QuickCam10\COCIManager.exe[1548] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AF2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\QuickCam10\COCIManager.exe[1548] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AF2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\VTtrayp.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003D2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\VTtrayp.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003D2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\VTtrayp.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003D2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\VTtrayp.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003D2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\VTTimer.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00392E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\VTTimer.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00392C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\VTTimer.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00392C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\VTTimer.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00392C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DB2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DB2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DB2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DB2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BF2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BF2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BF2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BF2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2600] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B42E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2600] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B42C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2600] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B42C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2600] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B42C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\VIAudioi\SBADeck\ADeck.exe[2668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B32E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\VIAudioi\SBADeck\ADeck.exe[2668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B32C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\VIAudioi\SBADeck\ADeck.exe[2668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B32C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\VIAudioi\SBADeck\ADeck.exe[2668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B32C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe[2716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C92E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe[2716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C92C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe[2716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C92C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe[2716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C92C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01252E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01252C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01252C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01252C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Messenger\msmsgs.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B52E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Messenger\msmsgs.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B52C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Messenger\msmsgs.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B52C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Messenger\msmsgs.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B52C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\ctfmon.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\ctfmon.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\ctfmon.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009F2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\ctfmon.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\notepad.exe[3264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\notepad.exe[3264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\notepad.exe[3264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\notepad.exe[3264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A92E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A92C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A92C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A92C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\pointsoft\lanceur.exe[3488] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AB2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\pointsoft\lanceur.exe[3488] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AB2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\pointsoft\lanceur.exe[3488] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AB2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\pointsoft\lanceur.exe[3488] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AB2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\msagent\AgentSvr.exe[3568] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\msagent\AgentSvr.exe[3568] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\msagent\AgentSvr.exe[3568] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009C2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\msagent\AgentSvr.exe[3568] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Microsoft Office\Office\WINWORD.EXE[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Microsoft Office\Office\WINWORD.EXE[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Microsoft Office\Office\WINWORD.EXE[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Program Files\Microsoft Office\Office\WINWORD.EXE[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\cidaemon.exe[3640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\cidaemon.exe[3640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\cidaemon.exe[3640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009C2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\WINDOWS\system32\cidaemon.exe[3640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe[5300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A52E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe[5300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A52C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe[5300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A52C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

IAT C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe[5300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A52C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

 

---- Registry - GMER 1.0.15 ----

 

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys@start 1

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys@type 1

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys@group file system

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log

Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@start 1

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@type 1

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@group file system

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log

Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@start 1

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@type 1

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@group file system

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log

Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@start 1

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@type 1

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@group file system

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log

Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys@start 1

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys@type 1

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys@group file system

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log

Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log

 

---- Disk sectors - GMER 1.0.15 ----

 

Disk \Device\Harddisk0\DR0 sector 10: copy of MBR

 

---- EOF - GMER 1.0.15 ----

mayie Mega Power Member

mayie

Posté(e)
  • Auteur
Posté(e)

Coucou Pear, j'ai fait ce que tu m'as indiqué, relancé OLT, mon ordinateur a donc redémarré, et voici le rapport:

All processes killed

Error: Unable to interpret <OTL> in the current context!

Error: Unable to interpret <SRV - File not found [Disabled | Stopped] -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER)> in the current context!

Error: Unable to interpret <SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)> in the current context!

Error: Unable to interpret <SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)> in the current context!

Error: Unable to interpret <SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)> in the current context!

Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)> in the current context!

Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)> in the current context!

Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV302AV.SYS -- (PID_08A0) Labtec WebCam Pro(PID_08A0)> in the current context!

Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta)> in the current context!

Error: Unable to interpret <DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\FBAPI.sys -- (FBAPI)> in the current context!

Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\cel90xbe.sys -- (cel90xbe)> in the current context!

Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\catchme.sys -- (catchme)> in the current context!

Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender9\bdfdll.sys -- (bdfdll)> in the current context!

Error: Unable to interpret <IE - HKU\.DEFAULT\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found> in the current context!

Error: Unable to interpret <IE - HKU\S-1-5-18\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found> in the current context!

Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!

Error: Unable to interpret <O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.> in the current context!

Error: Unable to interpret <O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.> in the current context!

Error: Unable to interpret <O4 - HKLM..\Run: [farstone] File not found> in the current context!

Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)> in the current context!

Error: Unable to interpret <O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)> in the current context!

Error: Unable to interpret <O18 - Protocol\Handler\ipp - No CLSID value found> in the current context!

Error: Unable to interpret <O18 - Protocol\Handler\msdaipp - No CLSID value found> in the current context!

Error: Unable to interpret <O33 - MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\Shell\AutoRun\command - "" = E:\VFPcAssistant.exe -- File not found> in the current context!

Error: Unable to interpret <[2010/09/25 21:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Application Data\PriceGong> in the current context!

Error: Unable to interpret <[2010/10/10 05:38:40 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe> in the current context!

========== FILES ==========

========== REGISTRY ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!

 

OTL by OldTimer - Version 3.2.14.1 log created on 10102010_112414

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

MERCI :P

pear Devil Member !

pear

Posté(e)
Posté(e)

Votre script OTL avait bien comme première ligne:?

:OTL

 

2 points devant OTL

 

Parce que je ne m'en expliquerais pas la réponse autrement.

 

Voulez vous recommencer, svp,

mayie Mega Power Member

mayie

Posté(e)
  • Auteur
Posté(e)

:-? Désolée Pear, j'avais du oublier les 2 points devant ; voici le rapport :

All processes killed

========== OTL ==========

Service OPTENET_FILTER stopped successfully!

Service OPTENET_FILTER deleted successfully!

File C:\Program Files\Controle Parental\bin\optproxy.exe not found.

Service gusvc stopped successfully!

Service gusvc deleted successfully!

File C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe not found.

Service AppMgmt stopped successfully!

Service AppMgmt deleted successfully!

File C:\WINDOWS\System32\appmgmts.dll not found.

Service ACDaemon stopped successfully!

Service ACDaemon deleted successfully!

File C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe not found.

Service USBAAPL stopped successfully!

Service USBAAPL deleted successfully!

File C:\WINDOWS\System32\Drivers\usbaapl.sys not found.

Error: No service named PID_0928) Logitech QuickCam Express(PID_0928 was found to stop!

Service\Driver key PID_0928) Logitech QuickCam Express(PID_0928 not found.

File C:\WINDOWS\System32\DRIVERS\LV561AV.SYS not found.

Error: No service named PID_08A0) Labtec WebCam Pro(PID_08A0 was found to stop!

Service\Driver key PID_08A0) Labtec WebCam Pro(PID_08A0 not found.

File C:\WINDOWS\System32\DRIVERS\LV302AV.SYS not found.

Service LVUSBSta stopped successfully!

Service LVUSBSta deleted successfully!

File C:\WINDOWS\System32\drivers\lvusbsta.sys not found.

Service FBAPI stopped successfully!

Service FBAPI deleted successfully!

File C:\WINDOWS\System32\drivers\FBAPI.sys not found.

Service cel90xbe stopped successfully!

Service cel90xbe deleted successfully!

File C:\DOCUME~1\martinez\LOCALS~1\Temp\cel90xbe.sys not found.

Service catchme stopped successfully!

Service catchme deleted successfully!

File C:\DOCUME~1\martinez\LOCALS~1\Temp\catchme.sys not found.

Service bdfdll stopped successfully!

Service bdfdll deleted successfully!

File C:\Program Files\Softwin\BitDefender9\bdfdll.sys not found.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\ deleted successfully.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\farstone deleted successfully.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}

C:\WINDOWS\Downloaded Program Files\gp.inf not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.

File Protocol\Handler\ipp - No CLSID value found not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.

File Protocol\Handler\msdaipp - No CLSID value found not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\ not found.

File E:\VFPcAssistant.exe not found.

C:\Documents and Settings\martinez\Application Data\PriceGong\Data folder moved successfully.

C:\Documents and Settings\martinez\Application Data\PriceGong folder moved successfully.

C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe moved successfully.

========== FILES ==========

========== REGISTRY ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!

 

OTL by OldTimer - Version 3.2.14.1 log created on 10102010_162644

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

 

Merci , alors qu'est ce que ça veut dire ???

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...