infection ?

resyn46 · le 8 décembre 2010

Bonjour,

voilà mon problème :

sous vista, au choix des utlisateurs ou à l'affichage du bureau, tout se fige indéfiniment : souris et clavier. Rien à faire. j'ai fait une restauration, même problème. Par contre tout fonctionne en mode sans echec reseau.

Est ce un problème systeme ou matériel ? je poste les rapports hijackthis, OTL + extra ,Merci par avance pour votre aide.

je poste rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:56:18, on 08/12/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18975)

Boot mode: Safe mode with network support

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Julien\Desktop\OTL.exe

C:\Windows\notepad.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Julien\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SFR : téléphone portable, forfait téléphone mobile, sfr mobile adsl, opérateur de téléphonie mobile

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6092

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)

O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [uSBDetector] C:\USBStorage\USBDetector.exe

O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [scanSoft OmniPage 15.0-reminder] "C:\Program Files\ScanSoft\OmniPage15.0\Ereg\ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage15.0\Ereg\ereg.ini"

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe

O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [EPSON PX700W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE /FU "C:\Windows\TEMP\E_S4193.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"

O4 - HKCU\..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - Page introuvable | Facebook

O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab

O16 - DPF: {DB28CF23-0083-40B5-BF63-69925D672385} (CNeroSerialChecker Object) - http://www.nero.com/doc/NeroVersionChecker.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--

End of file - 22554 bytes

le rapport OTL :

OTL logfile created on: 08/12/2010 17:34:01 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Julien\Desktop

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18975)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free

3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232,88 Gb Total Space | 3,68 Gb Free Space | 1,58% Space Free | Partition Type: NTFS

Computer Name: PC-DE-PROPRIÉTA | User Name: Julien | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/08 17:24:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Julien\Desktop\OTL.exe

PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/01/19 08:38:32 | 000,319,544 | ---- | M] (Microsoft Corporation) -- c:\program files\windows defender\MpCmdRun.exe

========== Modules (SafeList) ==========

MOD - [2010/12/08 17:24:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Julien\Desktop\OTL.exe

MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/08/23 11:39:52 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2009/07/18 08:51:13 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2007/01/04 13:13:56 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\BLKWGU.sys -- (BELKIN)

DRV - [2009/12/10 19:51:15 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009/10/21 01:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2009/10/05 09:29:46 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009/07/18 08:51:13 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008/03/26 15:56:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)

DRV - [2008/03/26 15:55:00 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)

DRV - [2008/03/26 15:55:00 | 000,012,800 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)

DRV - [2008/03/25 20:15:30 | 004,137,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2007/06/14 14:41:00 | 000,466,048 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)

DRV - [2007/06/13 19:30:20 | 000,013,440 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stkrc.sys -- (Ltn_stkrc)

DRV - [2007/06/04 19:02:34 | 000,015,488 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw95rc.sys -- (hcw95rc)

DRV - [2007/06/04 19:00:06 | 000,467,456 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw95bda.sys -- (hcw95bda)

DRV - [2007/01/05 20:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2006/12/08 04:25:00 | 004,462,152 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2006/12/05 14:39:14 | 001,964,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)

DRV - [2006/11/29 23:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006/11/02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)

DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2005/01/17 13:48:34 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)

DRV - [2005/01/13 14:20:36 | 000,012,500 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)

DRV - [2004/11/05 10:39:08 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)

DRV - [2004/10/19 12:40:56 | 000,028,207 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)

DRV - [2004/10/19 12:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)

DRV - [2004/10/19 10:39:26 | 000,020,096 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)

DRV - [2004/09/21 17:15:34 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BtNetDrv.sys -- (BT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = SFR : téléphone portable, forfait téléphone mobile, sfr mobile adsl, opérateur de téléphonie mobile

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092

O1 HOSTS File: ([2009/01/03 12:03:18 | 000,290,820 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 10017 more lines...

O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Reg Error: Value error. File not found

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - Reg Error: Value error. File not found

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Reg Error: Value error. File not found

O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-620378532-70996183-65556643-1002\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-620378532-70996183-65556643-1002\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-620378532-70996183-65556643-1002\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-620378532-70996183-65556643-1002\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [scanSoft OmniPage 15.0-reminder] C:\Program Files\ScanSoft\OmniPage15.0\Ereg\ereg.exe File not found

O4 - HKLM..\Run: [soundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [uSBDetector] C:\USBStorage\USBDetector.exe (ali)

O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-620378532-70996183-65556643-1002..\Run: [EPSON PX700W Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE (SEIKO EPSON CORPORATION)

O4 - HKU\S-1-5-21-620378532-70996183-65556643-1002..\Run: [Neuf Media Center] C:\Program Files\SFR\Media Center\MediaCenter.exe (SFR)

O4 - HKU\S-1-5-21-620378532-70996183-65556643-1002..\Run: [smartRAM] C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)

O4 - HKU\S-1-5-21-620378532-70996183-65556643-1002..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKU\S-1-5-21-620378532-70996183-65556643-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-620378532-70996183-65556643-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-620378532-70996183-65556643-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Value error. File not found

O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} Page introuvable | Facebook (Facebook Photo Uploader 5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Value error.)

O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)

O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {DB28CF23-0083-40B5-BF63-69925D672385} http://www.nero.com/doc/NeroVersionChecker.cab (CNeroSerialChecker Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Value error. File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Julien\Pictures\MAURICE 2010\DSC03731.JPG

O24 - Desktop BackupWallPaper: C:\Users\Julien\Pictures\MAURICE 2010\DSC03731.JPG

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{e91341e4-f8dd-11db-8e61-0016179756cb}\Shell\AutoRun\command - "" = ie.exe

O33 - MountPoints2\{e91341e4-f8dd-11db-8e61-0016179756cb}\Shell\explore\Command - "" = ie.exe

O33 - MountPoints2\{e91341e4-f8dd-11db-8e61-0016179756cb}\Shell\open\Command - "" = ie.exe

O34 - HKLM BootExecute: (autocheck autochk /p \??\C) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/08 17:24:42 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Julien\Desktop\OTL.exe

[2010/12/04 15:13:15 | 000,000,000 | ---D | C] -- C:\Users\Julien\Desktop\martin

[2010/11/21 12:25:56 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/08 17:24:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Julien\Desktop\OTL.exe

[2010/12/08 16:57:57 | 000,678,056 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2010/12/08 16:57:57 | 000,595,386 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/12/08 16:57:57 | 000,126,042 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2010/12/08 16:57:57 | 000,103,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/12/08 16:53:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/12/08 16:50:00 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{16C7D855-F1FC-4527-9BBB-4BDA37B23D39}.job

[2010/12/08 16:48:56 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010/12/08 16:48:56 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010/12/08 16:48:48 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job

[2010/12/08 16:48:48 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2010/12/08 16:32:20 | 000,001,356 | ---- | M] () -- C:\Users\Julien\AppData\Local\d3d9caps.dat

[2010/12/08 16:27:06 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/12/08 16:26:52 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{09399726-A584-42C2-A231-F42F3A0D0ED9}.job

[2010/12/06 21:20:40 | 000,145,408 | ---- | M] () -- C:\Users\Julien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/12/06 21:13:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{753D1E83-B0FD-43E8-B13F-01763C768C67}.job

[2010/12/06 21:12:28 | 000,000,000 | ---- | M] () -- C:\Users\Julien\AppData\Roaming\.NANotifyHere

[2010/12/06 19:51:00 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml

[2010/12/06 19:51:00 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml

[2010/12/05 11:56:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/12/05 11:33:00 | 000,000,256 | ---- | M] () -- C:\Windows\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

[2010/12/04 19:09:30 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\AWC Update.job

[2010/11/22 08:43:13 | 000,004,923 | ---- | M] () -- C:\Users\Julien\AppData\Roaming\QuickZip45.ini

[2010/11/18 20:58:13 | 000,076,800 | ---- | M] () -- C:\Users\Julien\Desktop\firmware_r117.doc

[2010/11/14 19:09:39 | 000,028,672 | ---- | M] () -- C:\Users\Julien\Desktop\Présentation_gestion_postes.doc

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/06 19:15:57 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml

[2010/12/06 19:15:57 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml

[2010/12/04 16:26:16 | 000,000,000 | ---- | C] () -- C:\Users\Julien\AppData\Roaming\.NANotifyHere

[2010/11/18 20:58:11 | 000,076,800 | ---- | C] () -- C:\Users\Julien\Desktop\firmware_r117.doc

[2010/11/14 19:09:36 | 000,028,672 | ---- | C] () -- C:\Users\Julien\Desktop\Présentation_gestion_postes.doc

[2010/09/16 02:12:27 | 000,000,183 | ---- | C] () -- C:\Windows\System32\MRT.INI

[2010/08/15 11:49:58 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2010/04/14 09:25:37 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI

[2010/01/30 23:19:14 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll

[2010/01/30 23:19:14 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys

[2009/10/21 18:19:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/09/22 17:24:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2009/05/17 17:03:03 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini

[2009/04/12 19:30:13 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll

[2009/04/08 12:26:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IPPCPUID.DLL

[2009/04/08 12:24:27 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll

[2009/04/08 12:18:16 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI

[2009/01/03 12:01:13 | 000,000,174 | ---- | C] () -- C:\Windows\wininit.ini

[2008/11/21 22:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2008/04/13 14:58:14 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini

[2008/03/25 18:44:09 | 000,032,171 | ---- | C] () -- C:\Windows\Irremote.ini

[2008/03/25 18:44:00 | 000,006,526 | ---- | C] () -- C:\Windows\HCWPNP.INI

[2007/12/30 16:40:32 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI

[2007/12/30 16:40:31 | 000,000,181 | ---- | C] () -- C:\Windows\dalloz.ini

[2007/11/03 13:50:48 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2007/09/07 17:34:50 | 000,004,923 | ---- | C] () -- C:\Users\Julien\AppData\Roaming\QuickZip45.ini

[2007/08/08 11:42:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2007/06/25 16:46:18 | 000,013,304 | ---- | C] () -- C:\Windows\System32\drivers\BTNetFilter.sys

[2007/06/25 16:46:17 | 000,012,500 | ---- | C] () -- C:\Windows\System32\drivers\VBTEnum.sys

[2007/05/27 10:57:28 | 000,001,356 | ---- | C] () -- C:\Users\Julien\AppData\Local\d3d9caps.dat

[2007/04/07 18:30:12 | 000,036,972 | ---- | C] () -- C:\Windows\System32\ActPanel.dll

[2007/04/07 14:11:17 | 000,145,408 | ---- | C] () -- C:\Users\Julien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007/03/21 17:28:07 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI

[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/10/18 01:53:26 | 000,147,456 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll

[2005/12/22 10:05:46 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini

[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/04/14 09:11:53 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Canon

[2010/04/14 08:55:43 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\Epson

[2010/05/08 17:47:18 | 000,000,000 | ---D | M] -- C:\Users\Corentin\AppData\Roaming\Epson

[2009/12/12 16:04:55 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\Epson

[2010/01/02 13:28:24 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\albumart

[2010/08/15 11:49:57 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\Apowersoft

[2010/12/06 18:38:19 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\Azureus

[2009/09/04 16:41:34 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\BSplayer

[2007/10/13 13:34:49 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\BSplayer Pro

[2009/04/08 12:31:26 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\Canon

[2009/05/19 13:35:03 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\EPSON

[2010/09/05 15:39:15 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\F6E8DADB6E23D24BB20EDF3507C88D41

[2010/04/18 18:04:14 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\FreeFLVConverter

[2010/05/18 20:01:51 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\IObit

[2009/02/21 13:01:41 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\LG Electronics

[2010/01/30 23:25:48 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\PC Suite

[2010/02/01 22:57:05 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\Samsung

[2007/12/31 19:04:18 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\ScanSoft

[2010/09/16 17:32:04 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\TuneUpMedia

[2010/01/27 22:37:33 | 000,000,000 | ---D | M] -- C:\Users\Julien\AppData\Roaming\UBitMenu

[2010/10/28 11:10:59 | 000,000,000 | ---D | M] -- C:\Users\Propriétaire\AppData\Roaming\EPSON

[2010/12/08 16:48:48 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\AWC AutoSweep.job

[2010/12/08 16:48:48 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job

[2010/12/04 19:09:30 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\AWC Update.job

[2010/12/04 16:21:50 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2010/12/08 16:26:52 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{09399726-A584-42C2-A231-F42F3A0D0ED9}.job

[2010/12/08 16:50:00 | 000,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{16C7D855-F1FC-4527-9BBB-4BDA37B23D39}.job

[2010/12/06 21:13:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{753D1E83-B0FD-43E8-B13F-01763C768C67}.job

[2010/12/05 11:33:00 | 000,000,256 | ---- | M] () -- C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

< End of report >

extra :

OTL Extras logfile created on: 08/12/2010 17:34:01 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Julien\Desktop

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18975)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free

3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232,88 Gb Total Space | 3,68 Gb Free Space | 1,58% Space Free | Partition Type: NTFS

Computer Name: PC-DE-PROPRIÉTA | User Name: Julien | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0147EA87-E9F8-4EBE-BBE9-57F9E34CA06F}" = lport=1723 | protocol=6 | dir=in | app=system |

"{01AD5390-04C1-4588-8FB8-D87B44235491}" = lport=1701 | protocol=17 | dir=in | app=system |

"{0BE3FD21-AF06-4F4D-9345-298C7C8C9831}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{19C40491-CA0B-4C9C-86BA-05D3A04E545A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2264E7D3-4FD5-4A0E-BAB1-6343C88D11EC}" = rport=137 | protocol=17 | dir=out | app=system |

"{28D8F249-9B53-430E-9116-D2B32643B676}" = lport=2869 | protocol=6 | dir=in | app=system |

"{2ED738C1-9A59-47BA-B167-E4DD9BD35556}" = rport=1701 | protocol=17 | dir=out | app=system |

"{3EE00207-2CA6-40AE-8528-69CDE03BE31A}" = lport=64396 | protocol=6 | dir=in | name=azureus |

"{3FA88969-D64D-45D4-8A0E-31CD0629AFBA}" = lport=10243 | protocol=6 | dir=in | app=system |

"{489491E8-1DB2-4EF7-9861-D7349AD159B8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=partage de fichiers et d'imprimantes (service spouleur - rpc-epmap) |

"{517067D5-3529-433D-B55E-4DF05E0803BA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{5AFCA61B-4E3A-4DFB-9FC8-27C67BFFD922}" = lport=445 | protocol=6 | dir=in | app=system |

"{5D55AC89-1652-4A77-AC8A-EB1CE6E05A7E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{609E199D-3910-4E87-BDA0-8DF3AE32436A}" = rport=139 | protocol=6 | dir=out | app=system |

"{6499B180-F04D-4481-9789-8C3997E9D6D2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{7F35F008-EA87-4F5F-868E-916408BA7475}" = rport=138 | protocol=17 | dir=out | app=system |

"{823D629E-945E-45FA-AEC0-7C8940466B3F}" = rport=10243 | protocol=6 | dir=out | app=system |

"{85807F51-4B23-4374-A9AD-AF1B64D976E5}" = lport=2869 | protocol=6 | dir=in | app=system |

"{8828AAD6-3A6E-410D-A4D7-2A45177DAD66}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |

"{9C70D1E3-0274-40FB-BB74-18F9C9AF8781}" = lport=2869 | protocol=6 | dir=in | app=system |

"{A4857880-366F-4D59-9B0F-3F2BC82B00FB}" = lport=137 | protocol=17 | dir=in | app=system |

"{A6EE6BCE-897B-4102-AFFA-A919097B0074}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{B0086B25-AB41-41A6-AB28-1E9E7DAE0CC6}" = rport=445 | protocol=6 | dir=out | app=system |

"{C783ADCF-086C-47E2-B41C-6730A8B60CA7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{EF36B8EC-C400-483C-B3E9-74CE6AEF8C18}" = lport=139 | protocol=6 | dir=in | app=system |

"{F25B0FEB-37FE-4610-9C56-30B4F9EEFD03}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{F6A3EE92-31A9-4EB7-9036-06229C921D91}" = lport=138 | protocol=17 | dir=in | app=system |

"{F85E2C2C-5CAF-4E47-8B17-E5AC560CB46F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{FF27A6F6-27F9-4E77-984E-78825657FB08}" = rport=1723 | protocol=6 | dir=out | app=system |

"{FF662C2A-37C4-44F5-B178-14A7EA8C35DF}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{05FA87E8-A001-4A54-BB81-2D0FA763FD7B}" = protocol=6 | dir=in | app=c:\program files\sfr\media center\httpd\httpd.exe |

"{075FB115-64A2-4EA3-8558-5E74F665CA3B}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |

"{0E1A9055-888D-4F9E-BD91-327D606D3D58}" = protocol=17 | dir=in | app=c:\program files\sfr\media center\httpd\httpd.exe |

"{0E47737F-0FCD-4655-ACC2-D5660B8964A1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{1529CE5A-59C5-4266-B182-A0AB037FABF5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{19312787-AC22-48DF-AE8D-61FAD47C047D}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{1B887450-A495-462C-8989-9BB4940A6A9F}" = protocol=1 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv4) |

"{1C2D85FF-BB6E-4052-A8FE-2BDAA84A2E3B}" = protocol=6 | dir=out | app=system |

"{21EF4B3A-7FB5-435C-98D7-3C438F7C99C3}" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |

"{2BF7BAB0-0BB0-4EF2-88F2-2501F3ADB04D}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |

"{2D2AB65E-DC42-4F96-B1CD-ED7348546C1D}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{2F3D52CD-DA41-457D-B90C-290351FA5680}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1199546092\ee\aolsoftware.exe |

"{33282DF4-1140-4DA7-A02F-83F0DBB99601}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{3575E6DC-3844-43C6-A23C-432FA46561B1}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{3784817D-F667-4150-983D-61B694A1E337}" = dir=in | app=c:\program files\pando networks\pando\pando.exe |

"{3A3FAFAA-103A-4999-B6E1-48E42228D52F}" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |

"{405E008A-8965-4139-AD96-BD4FD3D20C31}" = protocol=6 | dir=out | app=system |

"{41ABE273-DDA6-48FC-89A6-E8873E818CA0}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |

"{42773B36-9E4B-41B0-ACB5-92011A932660}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |

"{440A9AC5-C853-4F84-A291-716688074124}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |

"{444F0F22-57DC-4A0F-8017-0360BC1528D7}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |

"{453F1184-3373-4ABF-9AA3-7F13213349A5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |

"{4592A23D-88E4-423F-A13F-6665A0F75689}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{46EE4185-F56E-4A4A-9150-C8741905FE5E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{55EFFB6E-CCE9-4D41-93C2-AAD43A0B0502}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |

"{563C1BD1-9F89-4CFB-BF22-CA9653FEEAB9}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{59189BFD-CD49-4D6C-AE6D-AFA136557C82}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |

"{5C349A65-D716-43DB-9802-491C7EAFECD0}" = protocol=17 | dir=in | app=c:\program files\sfr\media center\mediacenter.exe |

"{60E955FA-0E0C-41BE-BCE9-2E82E9702630}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{652AF9AB-05A8-42EF-AF06-00AE8FE2B79B}" = dir=in | app=c:\program files\msn messenger\livecall.exe |

"{66F6EBBA-17C0-4D7E-A67D-38FE17BBC4ED}" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |

"{6A7091AD-F7A1-453D-A8AC-B050B448C33E}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |

"{6D29BB41-B79A-4F0F-B078-FE8F971E0DA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{6FD0CA63-6088-4816-A948-EE31CB6E500A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |

"{74AC082C-8AC7-4A92-8D28-86DFFCA32F88}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |

"{77BAD6B1-1E8F-4B7D-B63D-12D9E5B9426A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{87733C90-80A8-433C-AD9E-0FC1AB18CE02}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{883B5D17-ED8B-4737-806B-A130C7D1C5A4}" = protocol=17 | dir=in | app=c:\program files\pando networks\pando\pando.exe |

"{8984030D-AF13-465B-A1C4-D7C0A95AB264}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |

"{89D2E09B-922A-4402-991D-C349BA638D5E}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |

"{933A814D-B78A-44CA-8AFE-D7CF99C6AF5C}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |

"{93F4E966-9254-40A2-8F23-CCF1BA3FCDA7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{9A194DE5-69A9-40E9-80A0-843E352051F4}" = protocol=58 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv6) |

"{9E4E1D03-6738-435E-B392-786B75C5C258}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1199546092\ee\aolsoftware.exe |

"{A23EF3BE-4AAC-4F31-8648-DD98F61033E1}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |

"{A841ADF4-BFD4-40DF-91A7-9C8424C55705}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |

"{AA75BF4D-18A7-4321-83BA-F969A1F3CF19}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{AE9AB672-1980-453B-B5E3-E80C0A13D607}" = protocol=6 | dir=in | app=c:\program files\pando networks\pando\pando.exe |

"{B416BEAD-F496-49C4-BA4B-66070D84C2AE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{B50EC987-FDE8-4EF1-845A-40E9D4172C01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{B56CA002-FABF-4830-BE60-787F8E2B720B}" = protocol=6 | dir=in | app=c:\program files\sfr\media center\mediacenter.exe |

"{BD5E67CD-B0BD-47E7-887F-26F08012745C}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |

"{C677E1E7-8967-4208-A994-F4CCFF5EAC6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{C827C9A6-65ED-4C51-9925-E38EF8D33CD4}" = protocol=58 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv6) |

"{CE3C9E25-BA6F-41F9-8A09-227441171A5A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{D23B27AB-B327-4BD0-BCAF-CB651E79D987}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |

"{E70CF501-B096-40A3-8242-68C3E563B893}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{EB0F913E-65E6-47D5-B0A3-A7F5F0D36F39}" = protocol=1 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv4) |

"{ECDE6857-3581-4B25-9DA4-151E64965AE0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{ED4BDE40-46FC-4E49-8476-6003965159E9}" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |

"{ED7CF993-0DBD-4BB2-B9C9-59C9A5F2F843}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |

"{EF348203-A399-462B-9D4A-456356C6C570}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{F3772AFC-CC05-4674-ACB6-A3EC4215BC2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{FC5947DA-FEA5-4DB0-A4DD-79929936F38C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |

"{FED1F1D0-49EF-46FE-A8F9-16027E7A3F33}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |

"TCP Query User{17C1F2ED-E714-4AF6-A001-28EADE934B47}C:\program files\java\jre1.5.0_03\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.5.0_03\bin\javaw.exe |

"TCP Query User{35E248E9-945F-4277-9C50-1C5D812647BB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{3C00D206-15A8-458E-B603-99EC7FBE046E}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"TCP Query User{5E43999C-E625-419E-ACE7-25226B943408}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |

"TCP Query User{7B12C34E-8E09-41C9-AA7B-7ED98F82DE0C}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe |

"TCP Query User{8334D9A3-0A0D-4210-9E41-FEDAACE374D2}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

"TCP Query User{88492D6C-4FAC-4697-86B7-7F70EE04F52C}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |

"TCP Query User{ACF9C436-67E3-4C5A-8FB3-7717FEB104EA}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe |

"TCP Query User{B54F72CC-FC01-45B4-9085-E779A8A54BFB}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |

"TCP Query User{CF8B67B6-29CF-4787-BBE8-8462BEEDFEA6}C:\program files\microsoft lifecam\lifecam.exe" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |

"TCP Query User{F11A5DBC-6258-45E8-9F51-C5D0F787382A}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |

"UDP Query User{33C2DBB9-1F32-42F6-924B-ACE879A66F20}C:\program files\java\jre1.5.0_03\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.5.0_03\bin\javaw.exe |

"UDP Query User{377B706F-2F91-4265-8B35-9E7FCCD45127}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |

"UDP Query User{9482BB8F-EA49-4F23-9F43-910DE937CA0E}C:\program files\microsoft lifecam\lifecam.exe" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |

"UDP Query User{A18F76A6-FB10-4C86-BE5B-BC46E5AA2DAE}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{A40E11AC-3944-46D0-A89B-E7A81B2BF7C4}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"UDP Query User{A528008B-07FF-4279-8559-76A4B9889CAA}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

"UDP Query User{C7E84B34-99AA-413C-B268-D34CEAD908B5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

"UDP Query User{CE7EAD61-611D-45D6-A49C-297303AD050B}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |

"UDP Query User{CFC2EABD-E18D-4301-97A4-6E6E3103C6D3}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe |

"UDP Query User{DA722821-4CCD-4232-B5D6-B5A885045BCC}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |

"UDP Query User{DE6AA2FE-628E-4BB1-9435-1178E5A7E25E}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{0821AE51-3BF1-471E-9967-DA4063789388}" = Songbeat

"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)

"{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}" = Windows Live Toolbar

"{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar)

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime

"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II

"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{268723B7-A994-4286-9F85-B974D5CAFC7B}" = EasyRecovery Professional

"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 10

"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10

"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V2.0.7

"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3

"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)

"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2

"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager

"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)

"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)

"{68249B78-B714-11D7-88E8-0050DA21757E}" = Environnement d'exécution Java 2, Standard Edition v1.3.1_18

"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{718263DE-E612-4653-BB7D-7154BA9E31AB}" = Microsoft LifeCam

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)

"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5

"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10

"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)

"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10

"{93BDB939-4F02-4AC8-94D0-83603C8D08C2}" = LG PC Suite II

"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder

"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter

"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support

"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando

"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution

"{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.3 - Français

"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder

"{AF145F8997B44EE9B106D018EF1DB58B}" = DivX Converter Mobile

"{B056DB05-BF39-49A0-AAB8-C8FA49D9660C}" = Micro Application - PrintPratic 3

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{BBFAA659-FC2D-46cc-A8C0-BE0D03560F17}_is1" = UBitMenu FR

"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)

"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0

"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)

"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10

"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}" = Search Settings 1.2

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005

"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14

"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)

"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2

"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10

"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb

"{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)

"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro

"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10

"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)

"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic

"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10

"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)

"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)

"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)

"7-Zip" = 7-Zip 4.55 beta

"8461-7759-5462-8226" = Vuze

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player Plugin

"Adobe Photoshop Elements 1.0" = Adobe Photoshop Elements

"Adobe SVG Viewer" = Adobe SVG Viewer

"Advanced SystemCare 3_is1" = Advanced SystemCare 3

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)

"EPSON PX700W Series" = EPSON PX700W Series Printer Uninstall

"EPSON Scanner" = EPSON Scan

"EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Guide d'utilisation" = EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Manuel

"Free Video Converter_is1" = Free Video Converter V 2.1

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B}" = EasyRecovery Professional

"LiveUpdate1.7" = LiveUpdate 1.7 (Symantec Corporation)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Neuf_Kit" = Neuf - Kit de connexion

"Neuf_TV_PC" = TV sur PC

"Quick Zip_is1" = Quick Zip 4.60.019

"RealPlayer 6.0" = RealPlayer

"Red Kawa File Server" = Red Kawa File Server 1.1

"Revo Uninstaller" = Revo Uninstaller 1.75

"SFR_Media Center" = SFR - Media Center

"ShalSoft.GigaTribe_is1" = GigaTribe 3.01.005

"Songbeat" = Songbeat 1.3

"SuperMegaSpoof_is1" = SuperMegaSpoof 2.0

"TuneUpMedia" = TuneUp Companion 1.7.1

"ViewpointMediaPlayer" = Viewpoint Media Player

"VLC media player" = VLC media player 1.0.1

"Vuze_Remote Toolbar" = Vuze_Remote Toolbar

"Windows Live Toolbar" = Windows Live Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-620378532-70996183-65556643-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Advanced SystemCare 3" = Advanced SystemCare 3

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 02/12/2009 06:07:32 | Computer Name = PC-de-Propriéta | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 02/12/2009 13:36:25 | Computer Name = PC-de-Propriéta | Source = Application Error | ID = 1000

Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage

0x4549b14e, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821,

code d’exception 0xc0000374, décalage d’erreur 0x000afaf8, ID du processus 0x1084,

heure de début de l’application 0x01ca7375f457f543.

Error - 02/12/2009 15:11:30 | Computer Name = PC-de-Propriéta | Source = Application Error | ID = 1000

Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage

0x4549b14e, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821,

code d’exception 0xc0000374, décalage d’erreur 0x000afaf8, ID du processus 0xd54,

heure de début de l’application 0x01ca73833ace16c1.

Error - 03/12/2009 05:13:43 | Computer Name = PC-de-Propriéta | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 03/12/2009 05:13:43 | Computer Name = PC-de-Propriéta | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 03/12/2009 05:56:52 | Computer Name = PC-de-Propriéta | Source = Windows Search Service | ID = 3013

Description =

Error - 03/12/2009 05:56:52 | Computer Name = PC-de-Propriéta | Source = Windows Search Service | ID = 3013

Description =

Error - 03/12/2009 06:12:21 | Computer Name = PC-de-Propriéta | Source = Application Error | ID = 1000

Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage

0x4549b14e, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821,

code d’exception 0xc0000374, décalage d’erreur 0x000afaf8, ID du processus 0x2e0,

heure de début de l’application 0x01ca740115016b58.

Error - 03/12/2009 07:12:26 | Computer Name = PC-de-Propriéta | Source = Application Error | ID = 1000

Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage

0x4549b14e, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821,

code d’exception 0xc0000374, décalage d’erreur 0x000afaf8, ID du processus 0x12d0,

heure de début de l’application 0x01ca74097ae9d5a6.

Error - 03/12/2009 08:02:43 | Computer Name = PC-de-Propriéta | Source = Application Error | ID = 1000

Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage

0x4549b14e, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821,

code d’exception 0xc0000374, décalage d’erreur 0x000afaf8, ID du processus 0x1528,

heure de début de l’application 0x01ca74107e8188d8.

[ Canal+ Events ]

Error - 16/04/2009 21:29:14 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = IdentityHandler : Le thread a été abandonné.

Error - 16/04/2009 21:29:14 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = ServicesAdapter::ProcessRequest : Le thread a été abandonné.

Error - 18/04/2009 04:25:15 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = IdentityHandler : Le thread a été abandonné.

Error - 18/04/2009 04:25:15 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = ServicesAdapter::ProcessRequest : Le thread a été abandonné.

Error - 19/04/2009 06:30:26 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = IdentityHandler : Le thread a été abandonné.

Error - 19/04/2009 06:30:26 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = ServicesAdapter::ProcessRequest : Le thread a été abandonné.

Error - 20/04/2009 04:44:03 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = IdentityHandler : Le thread a été abandonné.

Error - 20/04/2009 04:44:03 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = ServicesAdapter::ProcessRequest : Le thread a été abandonné.

Error - 25/07/2009 09:24:40 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = Application.UpdateWidget : Impossible de lire les données de la connexion

de transport : Une connexion existante a dû être fermée par l'hôte distant.

Error - 17/10/2009 09:55:05 | Computer Name = PC-de-Propriéta | Source = VideoOnDemand | ID = 0

Description = Application.UpdateWidget : Impossible de lire les données de la connexion

de transport : Une connexion existante a dû être fermée par l'hôte distant.

[ OSession Events ]

Error - 29/02/2008 16:42:08 | Computer Name = PC-de-Propriéta | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 67

seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 08/12/2010 11:48:36 | Computer Name = PC-de-Propriéta | Source = volmgr | ID = 262190

Description = L'initialisation du fichier de vidage sur incident a échoué.

Error - 08/12/2010 11:53:29 | Computer Name = PC-de-Propriéta | Source = EventLog | ID = 6008

Description = L'arrêt système précédant à 16:51:35 le 08/12/2010 n'était pas prévu.

Error - 08/12/2010 11:52:56 | Computer Name = PC-de-Propriéta | Source = volmgr | ID = 262190

Description = L'initialisation du fichier de vidage sur incident a échoué.

Error - 08/12/2010 11:53:01 | Computer Name = PC-de-Propriéta | Source = volmgr | ID = 262190

Description = L'initialisation du fichier de vidage sur incident a échoué.

Error - 08/12/2010 11:53:55 | Computer Name = PC-de-Propriéta | Source = DCOM | ID = 10005

Description =

Error - 08/12/2010 11:54:05 | Computer Name = PC-de-Propriéta | Source = DCOM | ID = 10005

Description =

Error - 08/12/2010 11:54:14 | Computer Name = PC-de-Propriéta | Source = DCOM | ID = 10005

Description =

Error - 08/12/2010 11:54:45 | Computer Name = PC-de-Propriéta | Source = Service Control Manager | ID = 7001

Description =

Error - 08/12/2010 11:54:45 | Computer Name = PC-de-Propriéta | Source = Service Control Manager | ID = 7026

Description =

Error - 08/12/2010 12:13:40 | Computer Name = PC-de-Propriéta | Source = DCOM | ID = 10005

Description =

< End of report >

Merci de m'aider, je suis désespéré

lance_yien · le 9 décembre 2010

Bonjour resyn46,

Très Important!

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

>>> Que faire à la réception de nouvelles instructions,

Lire la totalité du message.
Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

Malware Bytes Anti-Malware depuis ici.
Security Check (par screen317) depuis ici ou ici.

>>> Utiliser Malwarebytes' Anti-Malware Fermer tout et cliquer sur mbam-setup.exe. Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

Patienter jusqu'à la fin (affichage du message ci-dessous)

Cliquer sur OK, pour fermer ce message.

- Cliquer sur "Afficher les résultats" puis sur "Supprimer la sélection".

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

>>> Ton problème principal doit être l'espace libre sur le DD:

Drive C: | 232,88 Gb Total Space | 3,68 Gb Free Space | 1,58% Space Free | Partition Type: NTFS

Le minimum recommandé est de 15%

Je te dirai après ce qu'il faut faire, pour le moment il faut éliminer les éventuelles infection.

Commence par désinstaller "Vuze_Remote" (depuis Ajouts/ suppression de programmes) car réputé pour installer des barres d'outils avec des spyware et autres programmes pour traquer les infos personnelles.

>>> Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation".

:OTL

IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-21-620378532-70996183-65556643-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092

O33 - MountPoints2\{e91341e4-f8dd-11db-8e61-0016179756cb}\Shell\AutoRun\command - "" = ie.exe

O33 - MountPoints2\{e91341e4-f8dd-11db-8e61-0016179756cb}\Shell\explore\Command - "" = ie.exe

O33 - MountPoints2\{e91341e4-f8dd-11db-8e61-0016179756cb}\Shell\open\Command - "" = ie.exe

:Files

C:\Windows\tasks\*.job

C:\Program Files\Vuze_Remote

C:\ProgramData\McAfee

:Services

:Reg

:Commands

[EMPTYTEMP]

[RESETHOSTS]

[REBOOT]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

Rapports demandés:

Malwarebytes Anti-Malware log
checkup.txt
OTL

Est-ce qu'il y a de l'amélioration en Mode normal?

Connexion

Pas encore inscrit ?

infection ?

Messages recommandés

resyn46

lance_yien

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer