[Résolu] PC infecté

[Cilou66]

Bonjour,

 

J'ai envoyé un message dans une autre partie du forum parce que mon PC était lent et qu'il plantait parfois.

On m'a dit d'utiliser ZHPDiag et d'envoyer le rapport.

Tonton a lu mon rapport et m'a dit que mon PC était infecté.

Voici le lien du précédent message : http://forum.zebulon.fr/findpost-t184312-p1545147.html

 

Je ne sais pas comment désinfecter mon PC.

Merci d'avance pour votre aide.

[lance_yien]

Bonjour Cilou66,

 

---

Très Important!

 

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

 

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions,

• Lire la totalité du message.
  
• Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
  Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  
• Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  
• Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  
• NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.
  

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

---

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

 

• Malware Bytes Anti-Malware depuis ici.
• Security Check (par screen317) depuis ici ou ici.

 

 

>>> Utiliser Malwarebytes' Anti-Malware: Fermer tout et double-cliquer sur mbam-setup.exe (pour Vista/ Windows7, cliquer-droit dessus => "Exécuter en tant qu'Administrateur"). Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

 

 

Patienter jusqu'à la fin (affichage du message ci-dessous)

 

 

Cliquer sur OK, pour fermer ce message.

 

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

 

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

 

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

 

 

Rapports demandés:

• Malwarebytes Anti-Malware log
• checkup.txt

[Cilou66]

Bonjour lance_yien,

 

J'ai fait tout ce que tu m'as dit.

 

Voila les rapports :

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 6318

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

09/04/2011 10:46:55

mbam-log-2011-04-09 (10-46-55).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 167204

Temps écoulé: 17 minute(s), 27 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 2

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 6

Fichier(s) infecté(s): 3

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Adware.ISTBar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\activex.DLL (Adware.180Solutions) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

c:\documents and settings\all users\application data\crucialsoft ltd\ms antispyware 2009 (Rogue.MSAntiSpyware) -> Quarantined and deleted successfully.

c:\documents and settings\all users\application data\crucialsoft ltd\ms antispyware 2009\BASE (Rogue.MSAntiSpyware) -> Quarantined and deleted successfully.

c:\documents and settings\all users\application data\crucialsoft ltd\ms antispyware 2009\DELETED (Rogue.MSAntiSpyware) -> Quarantined and deleted successfully.

c:\documents and settings\all users\application data\crucialsoft ltd\ms antispyware 2009\LOG (Rogue.MSAntiSpyware) -> Quarantined and deleted successfully.

c:\documents and settings\all users\application data\crucialsoft ltd\ms antispyware 2009\SAVED (Rogue.MSAntiSpyware) -> Quarantined and deleted successfully.

c:\documents and settings\all users\application data\crucialsoft ltd (Rogue.AV2009) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

c:\documents and settings\montaubric\local settings\Temp\_ad45.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

c:\documents and settings\all users\application data\crucialsoft ltd\ms antispyware 2009\20081219081602859.log (Rogue.MSAntiSpyware) -> Quarantined and deleted successfully.

c:\documents and settings\all users\application data\crucialsoft ltd\ms antispyware 2009\LOG\20081218183657984.log (Rogue.MSAntiSpyware) -> Quarantined and deleted successfully.

 

 

Results of screen317's Security Check version 0.99.10

Windows XP Service Pack 3

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

BitDefender Internet Security 2010

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

CCleaner

Java 6 Update 24

Adobe Flash Player

Adobe Reader 9.4.3 - Français

Out of date Adobe Reader installed!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Fichiers communs BitDefender BitDefender Update Service livesrv.exe

BitDefender BitDefender 2010 vsserv.exe

BitDefender BitDefender 2010 bdagent.exe

BitDefender BitDefender 2010 seccenter.exe

``````````End of Log````````````

 

 

Est-ce que tout est bon maintenant?

 

Cilou66

[lance_yien]

Bonjour,

 

Malwarebytes' Anti-Malware a supprimé pas mal de choses, continuant!

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe.

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

[Cilou66]

Bonjour,

 

Voici le rapport OTL.txt :

 

OTL logfile created on: 09/04/2011 12:28:01 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Montaubric\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free

3,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 2304 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 120,43 Gb Free Space | 80,80% Space Free | Partition Type: NTFS

Drive D: | 7,81 Gb Total Space | 7,74 Gb Free Space | 99,04% Space Free | Partition Type: NTFS

Drive E: | 9,77 Gb Total Space | 9,33 Gb Free Space | 95,57% Space Free | Partition Type: NTFS

Drive F: | 9,77 Gb Total Space | 8,52 Gb Free Space | 87,20% Space Free | Partition Type: NTFS

Drive G: | 9,92 Gb Total Space | 7,22 Gb Free Space | 72,79% Space Free | Partition Type: NTFS

 

Computer Name: MONTAUBR-72645B | User Name: Montaubric | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/04/09 12:26:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Montaubric\Bureau\OTL.exe

PRC - [2011/03/08 09:28:53 | 000,310,856 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe

PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

PRC - [2010/07/20 12:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe

PRC - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe

PRC - [2010/03/18 16:25:08 | 001,123,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe

PRC - [2010/03/18 16:04:52 | 001,091,984 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe

PRC - [2009/11/13 11:29:42 | 009,117,504 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

PRC - [2009/11/13 11:28:04 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/10/25 17:37:32 | 002,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe

PRC - [2007/10/25 17:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

PRC - [2007/10/25 17:32:58 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe

PRC - [2007/10/19 14:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

PRC - [2007/10/19 14:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

PRC - [2007/04/13 18:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe

PRC - [2007/04/04 03:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

PRC - [2006/12/07 17:08:46 | 000,032,768 | ---- | M] () -- C:\PVSW\Bin\WGE_SRV.exe

PRC - [2005/04/23 16:49:44 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE

PRC - [2004/07/22 14:40:00 | 000,106,546 | ---- | M] () -- C:\PVSW\Bin\w3dbsmgr.exe

PRC - [2003/05/27 17:17:32 | 000,147,456 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\Trust\450LR Mouse Wireless Optical\Amoumain.exe

PRC - [2003/04/04 16:47:24 | 000,032,768 | ---- | M] (France Telecom) -- C:\Program Files\Messager Wanadoo\StartMessager.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/04/09 12:26:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Montaubric\Bureau\OTL.exe

MOD - [2011/04/02 10:11:04 | 000,232,968 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_86\midas32.dll

MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2007/10/19 14:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcInj.dll

MOD - [2006/05/03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll

MOD - [2003/05/27 17:17:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\Amhooker.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- -- (Netiris)

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2011/03/08 09:28:53 | 000,310,856 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)

SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/06/14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)

SRV - [2010/03/12 16:40:10 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)

SRV - [2009/11/13 11:28:04 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)

SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)

SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)

SRV - [2007/10/19 14:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)

SRV - [2007/10/19 14:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2007/10/19 14:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)

SRV - [2007/04/13 18:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

SRV - [2006/12/07 17:08:46 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\PVSW\Bin\WGE_SRV.exe -- (EBP Pervasive.SQL)

SRV - [2005/06/25 13:36:07 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)

SRV - [2005/04/23 16:49:44 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)

SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010/09/20 18:49:18 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)

DRV - [2010/09/20 18:49:17 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)

DRV - [2010/09/20 18:49:17 | 000,111,312 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf)

DRV - [2010/09/20 18:49:17 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/04/23 17:43:52 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)

DRV - [2010/02/26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2010/02/26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2010/02/26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2010/02/26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2010/02/22 14:58:40 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)

DRV - [2010/02/03 13:57:36 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)

DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)

DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)

DRV - [2009/01/08 10:04:37 | 000,194,362 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)

DRV - [2008/08/26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - [2007/10/19 14:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)

DRV - [2007/10/11 19:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2007/10/11 19:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)

DRV - [2007/07/03 17:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)

DRV - [2007/07/03 17:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)

DRV - [2007/07/03 17:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)

DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2005/05/27 11:32:52 | 001,317,152 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)

DRV - [2005/05/27 11:31:28 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)

DRV - [2005/04/23 16:49:39 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CdaC15BA.SYS -- (CdaC15BA)

DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)

DRV - [2003/06/09 03:45:04 | 000,116,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)

DRV - [2003/06/09 03:44:52 | 000,136,448 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)

DRV - [2003/06/09 03:44:36 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)

DRV - [2003/06/09 03:44:32 | 000,113,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2003/06/09 03:44:22 | 000,494,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV - [2003/06/09 03:42:58 | 000,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)

DRV - [2003/06/09 03:42:44 | 000,135,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)

DRV - [2003/06/09 03:42:28 | 000,819,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)

DRV - [2003/05/27 17:17:32 | 000,009,600 | ---- | M] ((Standard Mouse Types)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt) Trust Ami PS/2 Port Mouse Driver (11)

DRV - [2002/06/06 11:14:32 | 000,053,168 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)

DRV - [2002/06/06 11:14:30 | 000,743,136 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)

DRV - [2001/08/17 22:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = eSnips Search

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Orange Professionnel, le portail d'information et de services dédiés aux professionnels des entreprises

IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/03/03 15:20:32 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/03/03 15:20:35 | 000,000,000 | ---D | M]

 

 

O1 HOSTS File: ([2004/08/05 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)

O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)

O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [bDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)

O4 - HKLM..\Run: [bitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)

O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4 - HKLM..\Run: [ESI[tronic] WLAN Service] C:\Program Files\Bosch\ESIStart\remoteservice\apache-tomcat-6.0.18\bin\launch.bat ()

O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe ()

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()

O4 - HKLM..\Run: [MessagerStarter Wanadoo] C:\Program Files\Messager Wanadoo\StartMessager.exe (France Telecom)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe (Nokia)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [searchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [WheelMouse] File not found

O4 - HKCU..\Run: [] File not found

O4 - HKCU..\RunOnce: [shockwave Updater] File not found

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]

O15 - HKCU\..Trusted Domains: atelio-chiffrage.com ([www] http in Trusted sites)

O16 - DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} http://www.shockwave.com/content/fashiondash/sis/fashiondashweb.1.0.0.21.cab (CPlayFirstFashionDasControl Object)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} http://games.bigfishgames.com/en_cooking-dash/online/CookingDashWeb.1.0.0.9.cab (CPlayFirstCookingDasControl Object)

O16 - DPF: {226ACC34-3194-40E2-9AE8-834FCFE9E80D} http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--685013f6-27cf-4223-847c-e49e4295ea23/online/mystery_of_shark_island/fr/MysteryOfSharkIslandWeb.1.0.0.8.cab (CPlayFirstmsiControl Object)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} http://p.playfirst.com/play/game/fitness-dash/FitnessDashWeb.1.0.0.11.cab (CPlayFirstFitnessDasControl Object)

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)

O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} file:///C:/Documents%20and%20Settings/Montaubric/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab (CPlayFirstDinerDash2_frControl Object)

O16 - DPF: {596B26AA-E941-4FB5-8F91-0762447578F0} http://games.bigfishgames.com/fr_dream-chronicles/online/dream.1.0.0.17_fr.cab (CPlayFirstdreamControl Object)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {74EF5274-F439-2168-B543-14745B625C72} http://www.shockwave.com/content/weddingdash2/sis/WeddingDash2Web.1.0.0.13.cab (CPlayFirstWeddingDasControl Object)

O16 - DPF: {773199E3-9555-4F03-AA06-9EC5F756783A} http://games.bigfishgames.com/fr_chocolatier/online/Chocolatier.1.0.0.16_fr.cab (CPlayFirstChocolatieControl Object)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/plugins/MaConfig_4_6_0_1.cab ("Ma-Config.com control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_8971.cab (FTMediaPlayer Class)

O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://www.shockwave.com/content/burgershop/sis/GoBitGamesPlayer_v5.cab (GoBit Games Player)

O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--451a1c1a-17be-4a81-bec4-8e56bd2037e3/online/zenerchi/fr/ZenerchiWeb.1.0.0.10.cab (CPlayFirstzenerchiControl Object)

O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} file:///C:/Documents%20and%20Settings/Montaubric/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/ddfotg.1.0.0.37.cab (CPlayFirstddfotgControl Object)

O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} http://195.6.151.129/viewer/activeXViewer/activexviewer.cab (Crystal Report Smart Viewer 7)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://jeuxentelechargement.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D40F5876-A494-4124-8161-82625BB28C06} http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--01b1ed6f-69ba-4e13-9e71-cfc8639e7f7e/online/chocolatier_2/fr/Chocolatier2Web.1.0.0.10.cab (CPlayFirstChocolatieControl Object)

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--ff56dfb6-ef25-44b4-8050-7debf56f8f4c/online/peggle/fr/popcaploader_v10_en.cab (Reg Error: Key error.)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} http://incredigamesfr.oberon-media.com/online/online2/wedding_dash/WeddingDash.1.0.0.47.cab (CPlayFirstWeddingDashControl Object)

O16 - DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--eacb7eca-ed1c-4dea-beef-f91f5fcd9ae6/online/parking_dash/fr/parkingdash.1.0.0.15.cab (CPlayFirstParkingDasControl Object)

O16 - DPF: Interface Chat Voila http://chat4.x-echo.com/version5/Applet/vchatsign.cab (Reg Error: Key error.)

O16 - DPF: Interface Chat Wanadoo http://chat7.x-echo.com/version8/Applet/wchatsign.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Montaubric\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Montaubric\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/04/09 12:16:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{23be902c-c4b6-11df-886b-00012925b09d}\Shell - "" = AutoRun

O33 - MountPoints2\{23be902c-c4b6-11df-886b-00012925b09d}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{f29d9c3c-16bb-11dd-8541-00012925b09d}\Shell\AutoRun\command - "" = J:\start.exe

O33 - MountPoints2\{f29d9c3c-16bb-11dd-8541-00012925b09d}\Shell\FramaKey\command - "" = J:\start.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (33509132979929088)

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/04/09 12:26:54 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Montaubric\Bureau\OTL.exe

[2011/04/09 10:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Montaubric\Application Data\Malwarebytes

[2011/04/09 10:27:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/04/09 10:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware

[2011/04/09 10:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2011/04/09 10:27:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/04/09 10:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/04/02 18:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

[2011/04/02 18:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/04/02 18:42:02 | 002,373,230 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Montaubric\Bureau\ZHPDiag2.exe

[2011/04/02 16:39:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Montaubric\Recent

[2011/03/29 14:40:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner

[2011/03/29 14:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/03/11 16:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java

[2011/03/11 16:34:41 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/03/11 16:34:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/03/11 16:34:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/03/10 15:08:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2005/04/09 14:15:01 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

[6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[240 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/04/09 12:34:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job

[2011/04/09 12:29:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/04/09 12:26:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Montaubric\Bureau\OTL.exe

[2011/04/09 10:50:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/04/09 10:49:45 | 000,041,237 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2011/04/09 10:49:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/04/09 10:49:27 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/09 10:48:37 | 000,024,144 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-0000000A-00001102-00000002-80671102}.rfx

[2011/04/09 10:48:37 | 000,024,144 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-0000000A-00001102-00000002-80671102}.rfx

[2011/04/09 10:48:37 | 000,016,348 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-0000000A-00001102-00000002-80671102}.rfx

[2011/04/09 10:48:37 | 000,016,348 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-0000000A-00001102-00000002-80671102}.rfx

[2011/04/09 10:48:37 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm

[2011/04/09 10:48:37 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm

[2011/04/09 10:48:37 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-0000000A-00001102-00000002-80671102}.dat

[2011/04/09 10:48:37 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-0000000A-00001102-00000002-80671102}.dat

[2011/04/09 10:48:25 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv

[2011/04/09 10:48:03 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI

[2011/04/09 10:27:08 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011/04/09 10:25:46 | 000,879,081 | ---- | M] () -- C:\Documents and Settings\Montaubric\Bureau\SecurityCheck.exe

[2011/04/08 14:50:45 | 000,002,573 | ---- | M] () -- C:\Documents and Settings\Montaubric\Bureau\Microsoft Office Word 2003.lnk

[2011/04/03 10:15:23 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\Montaubric\Application Dataprivacy.xml

[2011/04/02 18:46:13 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/04/02 18:42:54 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

[2011/04/02 18:42:54 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

[2011/04/02 18:42:54 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

[2011/04/02 18:42:06 | 002,373,230 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Montaubric\Bureau\ZHPDiag2.exe

[2011/04/02 15:52:35 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Montaubric\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/03/29 10:09:10 | 001,137,769 | ---- | M] () -- C:\GTB.cab

[2011/03/27 10:48:22 | 000,512,628 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2011/03/27 10:48:22 | 000,443,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/03/27 10:48:22 | 000,085,834 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2011/03/27 10:48:21 | 000,071,846 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/03/22 10:07:32 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk

[2011/03/11 19:07:26 | 000,000,022 | ---- | M] () -- C:\WINDOWS\OP70.INI

[2011/03/11 09:30:17 | 000,000,216 | -HS- | M] () -- C:\boot.ini

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[240 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/04/09 12:29:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/04/09 10:27:08 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011/04/09 10:25:46 | 000,879,081 | ---- | C] () -- C:\Documents and Settings\Montaubric\Bureau\SecurityCheck.exe

[2011/04/02 18:46:13 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/04/02 18:42:54 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

[2011/04/02 18:42:54 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

[2011/04/02 18:42:54 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

[2011/02/14 16:00:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt

[2011/02/14 15:58:08 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2010/09/20 16:07:32 | 000,038,642 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin

[2010/02/27 09:58:41 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Montaubric\Application Data\bdfvconp.ini

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_unmip.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_histprot.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_webproxy.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_video.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_tabloids.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_socialnetworks.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_searchengines.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_regionaltlds.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_pornography.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlineshop.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinepay.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinedating.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_news.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_im.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_illegal.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_hate.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_games.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_gambling.dat

[2010/01/30 11:33:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_drugs.dat

[2009/10/23 08:58:57 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Montaubric\Application Data\setup_ldm.iss

[2009/10/22 15:10:33 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat

[2009/10/22 15:10:33 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat

[2009/10/22 15:03:21 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\rezumatenoi.dat

[2009/10/22 14:49:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wsbl.dat

[2009/10/22 14:49:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_white.dat

[2009/10/22 14:49:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_summ.dat

[2009/10/22 14:49:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_black.dat

[2009/10/22 14:49:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat

[2009/10/22 14:49:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat

[2009/09/18 09:29:14 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2009/07/08 15:50:11 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Montaubric\Local Settings\Application Data\fusioncache.dat

[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll

[2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe

[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

[2007/10/28 21:30:15 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI

[2007/10/28 21:15:47 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin

[2007/10/11 19:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll

[2006/12/10 12:31:19 | 002,729,472 | ---- | C] () -- C:\WINDOWS\System32\fun_avcodec.dll

[2006/04/23 20:22:23 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2006/04/23 20:22:19 | 001,317,152 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys

[2006/04/23 20:14:11 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe

[2006/04/23 20:11:51 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe

[2006/04/17 17:51:07 | 000,001,402 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2006/03/15 18:27:31 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat

[2006/03/14 16:51:21 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RSoftInfo.dat

[2005/11/11 14:25:33 | 000,000,597 | ---- | C] () -- C:\WINDOWS\wwwconfig.dat

[2005/11/04 19:03:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2005/11/04 19:03:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2005/11/04 19:03:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2005/11/04 19:03:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2005/11/04 19:03:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2005/11/04 19:03:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll

[2005/11/04 19:03:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2005/11/04 19:03:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2005/11/04 19:03:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe

[2005/11/04 19:03:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2005/11/04 19:03:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll

[2005/09/20 09:35:37 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PMK_setup.ini

[2005/09/03 16:52:28 | 000,000,300 | ---- | C] () -- C:\WINDOWS\bbbconfig.dat

[2005/08/01 19:51:23 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini

[2005/07/30 16:22:37 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

[2005/07/11 13:26:45 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat

[2005/06/30 20:03:00 | 000,000,049 | ---- | C] () -- C:\WINDOWS\minipad.ini

[2005/06/30 20:02:56 | 000,002,313 | ---- | C] () -- C:\WINDOWS\quran.ini

[2005/05/22 14:42:14 | 000,001,033 | ---- | C] () -- C:\WINDOWS\eReg.dat

[2005/05/08 17:05:40 | 000,032,397 | ---- | C] () -- C:\WINDOWS\SGTBox.INI

[2005/04/10 16:37:26 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3q.DLL

[2005/04/10 12:31:25 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2005/04/10 12:31:25 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\74B79C3BF7.sys

[2005/04/10 12:22:55 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2005/04/10 12:22:52 | 000,107,520 | ---- | C] () -- C:\Documents and Settings\Montaubric\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2005/04/09 20:48:55 | 000,005,607 | ---- | C] () -- C:\WINDOWS\System32\stci.dll

[2005/04/09 20:48:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\rnaph.dll

[2005/04/09 20:39:47 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005/04/09 20:08:44 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI

[2005/04/09 20:07:29 | 000,000,021 | ---- | C] () -- C:\WINDOWS\phbase.ini

[2005/04/09 20:06:51 | 000,000,572 | ---- | C] () -- C:\WINDOWS\maxlink.ini

[2005/04/09 20:06:05 | 000,000,022 | ---- | C] () -- C:\WINDOWS\OP70.INI

[2005/04/09 20:04:49 | 000,000,143 | ---- | C] () -- C:\WINDOWS\pstudio.ini

[2005/04/09 20:04:49 | 000,000,028 | ---- | C] () -- C:\WINDOWS\album.ini

[2005/04/09 20:04:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Ps_setup.ini

[2005/04/09 14:31:16 | 000,000,288 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-0000000A-00001102-00000002-80671102}.dat

[2005/04/09 14:31:16 | 000,000,288 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-0000000A-00001102-00000002-80671102}.dat

[2005/04/09 14:16:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI

[2005/04/09 14:16:26 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI

[2005/04/09 14:16:25 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT

[2005/04/09 14:15:14 | 000,035,674 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini

[2005/04/09 14:15:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini

[2005/04/09 14:15:08 | 000,251,970 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat

[2005/04/09 14:15:08 | 000,189,490 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat

[2005/04/09 14:15:08 | 000,142,968 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT

[2005/04/09 14:15:08 | 000,114,972 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat

[2005/04/09 14:15:08 | 000,053,674 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat

[2005/04/09 14:15:06 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE

[2005/04/09 14:15:06 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE

[2005/04/09 14:15:06 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE

[2005/04/09 14:15:06 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI

[2005/04/09 14:15:06 | 000,000,192 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI

[2005/04/09 13:49:38 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2005/04/09 13:47:58 | 000,216,856 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2005/04/09 12:20:43 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2005/04/09 12:12:10 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2004/10/27 00:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll

[2004/08/05 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2004/08/05 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/08/05 14:00:00 | 000,512,628 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2004/08/05 14:00:00 | 000,443,588 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004/08/05 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2004/08/05 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/08/05 14:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004349_.tmp.dll

[2004/08/05 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/08/05 14:00:00 | 000,085,834 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2004/08/05 14:00:00 | 000,071,846 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/08/05 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/08/05 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2004/08/05 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/08/05 14:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004317_.tmp.dll

[2004/08/05 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/08/05 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2004/08/05 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2004/08/05 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2003/05/27 17:17:32 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\Amsample.dll

[2003/05/27 17:17:32 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\Amoucplx.dll

[2003/05/27 17:17:32 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Amoures.dll

[2003/05/27 17:17:32 | 000,082,758 | ---- | C] () -- C:\WINDOWS\System32\Amuninst.exe

[2003/05/27 17:17:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Amhooker.dll

[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll

[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2005/04/09 12:16:27 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011/03/08 09:29:40 | 000,083,520 | ---- | M] () -- C:\bdlog.txt

[2009/10/22 14:28:44 | 000,000,484 | ---- | M] () -- C:\BdUninstallTool2009.10.22-02.28.29.log

[2009/10/22 14:28:44 | 000,000,038 | ---- | M] () -- C:\BdUninstallTool2009.10.22-02.28.29.reg

[2010/09/20 15:52:54 | 010,014,171 | ---- | M] () -- C:\BdUninstallTool2010.09.20-03.48.29.log

[2010/09/20 15:52:54 | 000,523,269 | ---- | M] () -- C:\BdUninstallTool2010.09.20-03.48.29.reg

[2010/09/20 16:30:38 | 001,174,562 | ---- | M] () -- C:\BdUninstallTool2010.09.20-04.29.49.log

[2010/09/20 16:30:38 | 000,284,755 | ---- | M] () -- C:\BdUninstallTool2010.09.20-04.29.49.reg

[2011/03/11 09:30:17 | 000,000,216 | -HS- | M] () -- C:\boot.ini

[2004/08/05 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2005/04/09 12:16:27 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2007/10/29 11:28:45 | 000,000,000 | ---- | M] () -- C:\conmgr.log

[2005/04/09 14:09:00 | 000,000,008 | ---- | M] () -- C:\DFIMB.DAT

[2011/03/29 10:09:10 | 001,137,769 | ---- | M] () -- C:\GTB.cab

[2011/04/09 10:49:27 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys

[2005/04/09 12:16:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/10/23 08:59:02 | 000,000,091 | ---- | M] () -- C:\LogiSetup.log

[2005/04/09 12:16:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/05 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008/08/23 09:44:38 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2011/04/09 10:49:26 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys

[2011/04/02 18:46:13 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/04/09 12:29:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2009/07/24 17:29:54 | 000,060,555 | ---- | M] () -- C:\playground.log

[2008/09/05 14:58:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm

[2009/06/02 15:20:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm

[2008/09/05 14:58:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2009/06/02 15:20:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2006/04/09 15:48:32 | 000,001,114 | ---- | M] () -- C:\threatalerts.txt

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[240 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2005/04/09 13:47:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2005/04/09 13:47:05 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2005/04/09 13:47:05 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

 

< %systemroot%\system32\drivers\*.sys /90 >

[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-08 16:59:07

 

< >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF61E54

@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A42A9F39

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:726FDB23

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AD171C9E

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D26DD363

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A925163

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADE16379

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27AD48A5

@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:77846FFE

@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05816AFA

 

< End of report >

 

Et le rapport Extras.txt :

 

OTL Extras logfile created on: 09/04/2011 12:28:01 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Montaubric\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free

3,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 2304 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 120,43 Gb Free Space | 80,80% Space Free | Partition Type: NTFS

Drive D: | 7,81 Gb Total Space | 7,74 Gb Free Space | 99,04% Space Free | Partition Type: NTFS

Drive E: | 9,77 Gb Total Space | 9,33 Gb Free Space | 95,57% Space Free | Partition Type: NTFS

Drive F: | 9,77 Gb Total Space | 8,52 Gb Free Space | 87,20% Space Free | Partition Type: NTFS

Drive G: | 9,92 Gb Total Space | 7,22 Gb Free Space | 72,79% Space Free | Partition Type: NTFS

 

Computer Name: MONTAUBR-72645B | User Name: Montaubric | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp

"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

"8752:TCP" = 8752:TCP:LocalSubNet:Enabled:ESI[tronic] WLAN Service

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

"C:\PVSW\Bin\w3dbsmgr.exe" = C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- ()

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

"C:\PVSW\Bin\w3dbsmgr.exe" = C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- ()

"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)

"C:\Program Files\Bosch\ESIStart\jre\bin\javaw.exe" = C:\Program Files\Bosch\ESIStart\jre\bin\javaw.exe:LocalSubNet:Enabled:ESI[tronic] WLAN Service Assistance -- (Sun Microsystems, Inc.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader

"{06A940CD-4924-485E-8500-476C9E08A820}" = Samsung PC Studio 3

"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor débarquement allié

"{0DFF6117-CBBC-4F5C-9C57-6936644F10D4}" = BitDefender Internet Security 2010

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1CABB679-3958-44AA-BFFF-4E68A2684255}" = ArcSoft Panorama Maker 3.0

"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare

"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 24

"{28258F75-D8F3-4711-A575-13FA898A9097}_is1" = Diner Dash fr

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3D5782A9-E8E0-4F25-BD76-0CC94E209F66}" = Samsung PC Studio

"{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Visionneuse Journal Windows Microsoft

"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4EF8BE6A-899C-4196-94E7-297C5F7A203E}" = pdfforge Toolbar v1.1.1

"{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA

"{5186380B-691F-4A28-BD9D-40657F3AADAA}" = Farm Frenzy 3

"{59367F7E-D7C1-4629-8AEC-71AA24A68F31}" = Nokia Software Updater

"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{741763E8-928B-4C38-AC3A-0797CF6A80AE}" = EBP Comptabilité 12.1

"{747D0A04-5BDA-478D-A010-68CCCBE4D15A}" = EBP Btrieve 8.6

"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform

"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine

"{81D62C32-0984-11D3-86CD-00105AD33021}" = Caere Scan Manager 5.1

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}" = SigmaTel MSCN Audio Player

"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger

"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{9115E7DB-3B29-445A-802D-11E0AA945B7F}" = Sound Blaster Live!

"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam

"{96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}" = Ma-Config.com

"{972A8B3F-411D-4A19-A7C3-351A0D04AA80}" = Turbo Pizza

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder

"{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}" = Nikon View 6

"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.3 - Français

"{AE977FE5-F014-4F1E-83F7-B4FD143B5EEF}" = Nokia Photos

"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D353C323-5E95-4873-9825-9FEC1C8A3794}" = Nokia Download!

"{DBE6E90D-C37F-4840-87A8-90DF737C9349}" = EBP Gestion Commerciale 12.0

"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater

"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver

"{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}" = Windows Live Messenger

"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Photoshop 7.0" = Adobe Photoshop 7.0

"Adobe Shockwave Player" = Adobe Shockwave Player

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"ArcSoft PhotoBase" = ArcSoft PhotoBase

"ArcSoft PhotoStudio 2000" = ArcSoft PhotoStudio 2000

"Ashtons - Family Resort Deluxe" = Ashtons - Family Resort Deluxe

"Burger Bustle Deluxe" = Burger Bustle Deluxe

"Canon ScanGear Toolbox CS 2.2" = Canon ScanGear Toolbox CS 2.2

"CANONIJPLM100" = PIXMA Extended Survey Program

"CanonMyPrinter" = Canon My Printer

"CanonSolutionMenu" = Canon Utilities Solution Menu

"CCleaner" = CCleaner

"CdaC13Ba" = SafeCast Shared Components

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX

"EBP Btrieve 8.6" = EBP Btrieve 8.6

"EBP Comptabilité 12.1" = EBP Comptabilité 12.1

"EBP Gestion Commerciale 12.0" = EBP Gestion Commerciale 12.0

"Enregistrement utilisateur de Canon iP4500 series" = Enregistrement utilisateur de Canon iP4500 series

"ESI[tronic] Startcenter" = ESI[tronic] Startcenter

"getPlus®_ocx" = getPlus®_ocx

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"Leeloo's Talent Agency Deluxe" = Leeloo's Talent Agency Deluxe

"Logitech Print Service" = Logitech Print Service

"lvdrivers_11.50" = Coffret de pilotes Logitech QuickCam

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Media Player" = Media Player

"MediaNavigation.CDLabelPrint" = CD-LabelPrint

"Messager Wanadoo.exe" = Messager Wanadoo

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MsgPlus! Plugin" = Messenger Plus! 3

"Nero - Burning Rom!UninstallKey" = Nero 6

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NMPUninstallKey" = Nero Media Player

"Nokia Ovi Suite" = Nokia Ovi Suite

"NVIDIA Drivers" = NVIDIA Drivers

"Orange WebTV Player_is1" = Orange WebTV Player 1.28971

"Pastry Passion Deluxe" = Pastry Passion Deluxe

"Plantes contre Zombies" = Plantes contre Zombies

"Posh Boutique 2 Deluxe" = Posh Boutique 2 Deluxe

"QuickTime" = QuickTime

"Royal Envoy Deluxe" = Royal Envoy Deluxe

"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"Sandlot Games Client Services_is1" = Sandlot Games Client Services

"Text Express 2 Deluxe" = Text Express 2 Deluxe

"VLC media player" = VideoLAN VLC media player 0.8.1

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"WheelMouse" = 450LR MOUSE WIRELESS OPTICAL

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinRAR archiver" = Archiveur WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"ZHPDiag_is1" = ZHPDiag 1.27

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 03/04/2011 04:14:52 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 04/04/2011 02:23:54 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 05/04/2011 02:09:21 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 05/04/2011 02:28:39 | Computer Name = MONTAUBR-72645B | Source = MsiInstaller | ID = 11706

Description = Produit : Microsoft Office Professional Edition 2003 -- Erreur 1706.

Le programme d'installation ne peut pas trouver les fichiers requis. Vérifiez votre

connexion au réseau ou votre lecteur de CD-ROM.Pour d'éventuelles solutions supplémentaires

à ce problème, consultez C:\Program Files\Microsoft Office\OFFICE11\1036\SETUP.CHM.

 

Error - 05/04/2011 02:28:46 | Computer Name = MONTAUBR-72645B | Source = MsiInstaller | ID = 1024

Description = Produit : Microsoft Office Professional Edition 2003 - La mise à jour

'Office 2003 Service Pack 3 (SP3): MAINSP3' n'a pas pu être installée. Code d'erreur

1603. Windows Installer peut créer des journaux pour faciliter la résolution des

éventuelles erreurs d'installation des packages logiciels. Utilisez le lien suivant

pour afficher des instructions concernant l'activation des journaux : How to enable Windows Installer logging

 

Error - 06/04/2011 02:21:31 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 07/04/2011 02:27:23 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 08/04/2011 02:03:09 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 09/04/2011 04:09:20 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 09/04/2011 04:49:47 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

[ System Events ]

Error - 03/04/2011 04:14:53 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 04/04/2011 02:23:55 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 05/04/2011 02:09:22 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 05/04/2011 02:29:53 | Computer Name = MONTAUBR-72645B | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x8024002d : Microsoft Office 2003 Service Pack 3 (SP3).

 

Error - 06/04/2011 02:21:31 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 07/04/2011 02:27:24 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 08/04/2011 02:03:10 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 08/04/2011 02:03:12 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7034

Description = Le service NVIDIA Display Driver Service s'est terminé de façon inattendue

pour la 1ème fois.

 

Error - 09/04/2011 04:09:21 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 09/04/2011 04:49:48 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

 

< End of report >

[Cilou66]

Et le rapport Extras.txt :

 

OTL Extras logfile created on: 09/04/2011 12:28:01 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Montaubric\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free

3,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 2304 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 120,43 Gb Free Space | 80,80% Space Free | Partition Type: NTFS

Drive D: | 7,81 Gb Total Space | 7,74 Gb Free Space | 99,04% Space Free | Partition Type: NTFS

Drive E: | 9,77 Gb Total Space | 9,33 Gb Free Space | 95,57% Space Free | Partition Type: NTFS

Drive F: | 9,77 Gb Total Space | 8,52 Gb Free Space | 87,20% Space Free | Partition Type: NTFS

Drive G: | 9,92 Gb Total Space | 7,22 Gb Free Space | 72,79% Space Free | Partition Type: NTFS

 

Computer Name: MONTAUBR-72645B | User Name: Montaubric | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp

"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

"8752:TCP" = 8752:TCP:LocalSubNet:Enabled:ESI[tronic] WLAN Service

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

"C:\PVSW\Bin\w3dbsmgr.exe" = C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- ()

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

"C:\PVSW\Bin\w3dbsmgr.exe" = C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- ()

"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)

"C:\Program Files\Bosch\ESIStart\jre\bin\javaw.exe" = C:\Program Files\Bosch\ESIStart\jre\bin\javaw.exe:LocalSubNet:Enabled:ESI[tronic] WLAN Service Assistance -- (Sun Microsystems, Inc.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader

"{06A940CD-4924-485E-8500-476C9E08A820}" = Samsung PC Studio 3

"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor débarquement allié

"{0DFF6117-CBBC-4F5C-9C57-6936644F10D4}" = BitDefender Internet Security 2010

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1CABB679-3958-44AA-BFFF-4E68A2684255}" = ArcSoft Panorama Maker 3.0

"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare

"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 24

"{28258F75-D8F3-4711-A575-13FA898A9097}_is1" = Diner Dash fr

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3D5782A9-E8E0-4F25-BD76-0CC94E209F66}" = Samsung PC Studio

"{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Visionneuse Journal Windows Microsoft

"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4EF8BE6A-899C-4196-94E7-297C5F7A203E}" = pdfforge Toolbar v1.1.1

"{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA

"{5186380B-691F-4A28-BD9D-40657F3AADAA}" = Farm Frenzy 3

"{59367F7E-D7C1-4629-8AEC-71AA24A68F31}" = Nokia Software Updater

"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{741763E8-928B-4C38-AC3A-0797CF6A80AE}" = EBP Comptabilité 12.1

"{747D0A04-5BDA-478D-A010-68CCCBE4D15A}" = EBP Btrieve 8.6

"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform

"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine

"{81D62C32-0984-11D3-86CD-00105AD33021}" = Caere Scan Manager 5.1

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}" = SigmaTel MSCN Audio Player

"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger

"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{9115E7DB-3B29-445A-802D-11E0AA945B7F}" = Sound Blaster Live!

"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam

"{96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}" = Ma-Config.com

"{972A8B3F-411D-4A19-A7C3-351A0D04AA80}" = Turbo Pizza

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder

"{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}" = Nikon View 6

"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.3 - Français

"{AE977FE5-F014-4F1E-83F7-B4FD143B5EEF}" = Nokia Photos

"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D353C323-5E95-4873-9825-9FEC1C8A3794}" = Nokia Download!

"{DBE6E90D-C37F-4840-87A8-90DF737C9349}" = EBP Gestion Commerciale 12.0

"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater

"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver

"{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}" = Windows Live Messenger

"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Photoshop 7.0" = Adobe Photoshop 7.0

"Adobe Shockwave Player" = Adobe Shockwave Player

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"ArcSoft PhotoBase" = ArcSoft PhotoBase

"ArcSoft PhotoStudio 2000" = ArcSoft PhotoStudio 2000

"Ashtons - Family Resort Deluxe" = Ashtons - Family Resort Deluxe

"Burger Bustle Deluxe" = Burger Bustle Deluxe

"Canon ScanGear Toolbox CS 2.2" = Canon ScanGear Toolbox CS 2.2

"CANONIJPLM100" = PIXMA Extended Survey Program

"CanonMyPrinter" = Canon My Printer

"CanonSolutionMenu" = Canon Utilities Solution Menu

"CCleaner" = CCleaner

"CdaC13Ba" = SafeCast Shared Components

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX

"EBP Btrieve 8.6" = EBP Btrieve 8.6

"EBP Comptabilité 12.1" = EBP Comptabilité 12.1

"EBP Gestion Commerciale 12.0" = EBP Gestion Commerciale 12.0

"Enregistrement utilisateur de Canon iP4500 series" = Enregistrement utilisateur de Canon iP4500 series

"ESI[tronic] Startcenter" = ESI[tronic] Startcenter

"getPlus®_ocx" = getPlus®_ocx

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"Leeloo's Talent Agency Deluxe" = Leeloo's Talent Agency Deluxe

"Logitech Print Service" = Logitech Print Service

"lvdrivers_11.50" = Coffret de pilotes Logitech QuickCam

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Media Player" = Media Player

"MediaNavigation.CDLabelPrint" = CD-LabelPrint

"Messager Wanadoo.exe" = Messager Wanadoo

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MsgPlus! Plugin" = Messenger Plus! 3

"Nero - Burning Rom!UninstallKey" = Nero 6

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NMPUninstallKey" = Nero Media Player

"Nokia Ovi Suite" = Nokia Ovi Suite

"NVIDIA Drivers" = NVIDIA Drivers

"Orange WebTV Player_is1" = Orange WebTV Player 1.28971

"Pastry Passion Deluxe" = Pastry Passion Deluxe

"Plantes contre Zombies" = Plantes contre Zombies

"Posh Boutique 2 Deluxe" = Posh Boutique 2 Deluxe

"QuickTime" = QuickTime

"Royal Envoy Deluxe" = Royal Envoy Deluxe

"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"Sandlot Games Client Services_is1" = Sandlot Games Client Services

"Text Express 2 Deluxe" = Text Express 2 Deluxe

"VLC media player" = VideoLAN VLC media player 0.8.1

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"WheelMouse" = 450LR MOUSE WIRELESS OPTICAL

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinRAR archiver" = Archiveur WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"ZHPDiag_is1" = ZHPDiag 1.27

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 03/04/2011 04:14:52 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 04/04/2011 02:23:54 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 05/04/2011 02:09:21 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 05/04/2011 02:28:39 | Computer Name = MONTAUBR-72645B | Source = MsiInstaller | ID = 11706

Description = Produit : Microsoft Office Professional Edition 2003 -- Erreur 1706.

Le programme d'installation ne peut pas trouver les fichiers requis. Vérifiez votre

connexion au réseau ou votre lecteur de CD-ROM.Pour d'éventuelles solutions supplémentaires

à ce problème, consultez C:\Program Files\Microsoft Office\OFFICE11\1036\SETUP.CHM.

 

Error - 05/04/2011 02:28:46 | Computer Name = MONTAUBR-72645B | Source = MsiInstaller | ID = 1024

Description = Produit : Microsoft Office Professional Edition 2003 - La mise à jour

'Office 2003 Service Pack 3 (SP3): MAINSP3' n'a pas pu être installée. Code d'erreur

1603. Windows Installer peut créer des journaux pour faciliter la résolution des

éventuelles erreurs d'installation des packages logiciels. Utilisez le lien suivant

pour afficher des instructions concernant l'activation des journaux : How to enable Windows Installer logging

 

Error - 06/04/2011 02:21:31 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 07/04/2011 02:27:23 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 08/04/2011 02:03:09 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 09/04/2011 04:09:20 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

Error - 09/04/2011 04:49:47 | Computer Name = MONTAUBR-72645B | Source = WDSmartWareBackgroundService | ID = 0

Description =

 

[ System Events ]

Error - 03/04/2011 04:14:53 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 04/04/2011 02:23:55 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 05/04/2011 02:09:22 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 05/04/2011 02:29:53 | Computer Name = MONTAUBR-72645B | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x8024002d : Microsoft Office 2003 Service Pack 3 (SP3).

 

Error - 06/04/2011 02:21:31 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 07/04/2011 02:27:24 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 08/04/2011 02:03:10 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 08/04/2011 02:03:12 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7034

Description = Le service NVIDIA Display Driver Service s'est terminé de façon inattendue

pour la 1ème fois.

 

Error - 09/04/2011 04:09:21 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 09/04/2011 04:49:48 | Computer Name = MONTAUBR-72645B | Source = Service Control Manager | ID = 7000

Description = Le service Netiris Agent n'a pas pu démarrer en raison de l'erreur :

%%2

 

 

< End of report >

[lance_yien]

>>> Désinstaller "pdfforge Toolbar" si présent dans "Ajout/ suppression de programmes" car connu comme un adware.

 

 

>>> Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

SRV - File not found [Auto | Stopped] -- -- (Netiris)

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = eSnips Search

IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)

O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [searchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [WheelMouse] File not found

O4 - HKCU..\Run: [] File not found

O4 - HKCU..\RunOnce: [shockwave Updater] File not found

O15 - HKCU\..Trusted Domains: atelio-chiffrage.com ([www] http in Trusted sites)

O33 - MountPoints2\{23be902c-c4b6-11df-886b-00012925b09d}\Shell - "" = AutoRun

O33 - MountPoints2\{23be902c-c4b6-11df-886b-00012925b09d}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{f29d9c3c-16bb-11dd-8541-00012925b09d}\Shell\AutoRun\command - "" = J:\start.exe

O33 - MountPoints2\{f29d9c3c-16bb-11dd-8541-00012925b09d}\Shell\FramaKey\command - "" = J:\start.exe

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF61E54

@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A42A9F39

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:726FDB23

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AD171C9E

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D26DD363

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A925163

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADE16379

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27AD48A5

@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:77846FFE

@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05816AFA

[2004/08/05 14:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004349_.tmp.dll

[2004/08/05 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/08/05 14:00:00 | 000,085,834 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2004/08/05 14:00:00 | 000,071,846 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/08/05 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/08/05 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2004/08/05 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/08/05 14:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004317_.tmp.dll

 

:Services

 

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{4EF8BE6A-899C-4196-94E7-297C5F7A203E}" = -

 

:Files

C:\Program Files\pdfforge Toolbar

C:\WINDOWS\tasks\*.job

C:\*.sqm

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

 

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC:

Ta version de Adobe Acrobat Reader n'est pas à jour. La désinstaller et télécharger la dernière version ici (Décocher la case Inclure dans votre téléchargement).

 

 

Rapports demandés:

• OTL.txt

As-tu encore des symptômes à vérifier, sinon on passera à la finition?

[Cilou66]

Bonjour,

 

J'ai désinstallé pdfforge toolbar et fait ce que tu m'as dit avec OTL.

Voici le rapport :

 

All processes killed

========== OTL ==========

Service Netiris stopped successfully!

Service Netiris deleted successfully!

Service HidServ stopped successfully!

Service HidServ deleted successfully!

Service AppMgmt stopped successfully!

Service AppMgmt deleted successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.

File C:\Program Files\pdfforge Toolbar\SearchSettings.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.

File C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.

File C:\Program Files\pdfforge Toolbar\SearchSettings.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.

File C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.

C:\WINDOWS\system32\NeroCheck.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.

File C:\Program Files\pdfforge Toolbar\SearchSettings.exe not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WheelMouse deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Shockwave Updater deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\atelio-chiffrage.com\www\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23be902c-c4b6-11df-886b-00012925b09d}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23be902c-c4b6-11df-886b-00012925b09d}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23be902c-c4b6-11df-886b-00012925b09d}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23be902c-c4b6-11df-886b-00012925b09d}\ not found.

File "J:\WD SmartWare.exe" autoplay=true not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f29d9c3c-16bb-11dd-8541-00012925b09d}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f29d9c3c-16bb-11dd-8541-00012925b09d}\ not found.

File J:\start.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f29d9c3c-16bb-11dd-8541-00012925b09d}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f29d9c3c-16bb-11dd-8541-00012925b09d}\ not found.

File J:\start.exe not found.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:4CF61E54 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:A42A9F39 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:726FDB23 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:AD171C9E deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:D26DD363 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:3A925163 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:ADE16379 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:27AD48A5 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:77846FFE deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:05816AFA deleted successfully.

C:\WINDOWS\system32\_004349_.tmp.dll moved successfully.

C:\WINDOWS\system32\dssec.dat moved successfully.

C:\WINDOWS\system32\perfc00C.dat moved successfully.

C:\WINDOWS\system32\perfc009.dat moved successfully.

C:\WINDOWS\system32\mib.bin moved successfully.

C:\WINDOWS\system32\perfd00C.dat moved successfully.

C:\WINDOWS\system32\perfd009.dat moved successfully.

C:\WINDOWS\system32\_004317_.tmp.dll moved successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{4EF8BE6A-899C-4196-94E7-297C5F7A203E} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}\ not found.

========== FILES ==========

File\Folder C:\Program Files\pdfforge Toolbar not found.

C:\WINDOWS\tasks\Symantec NetDetect.job moved successfully.

C:\sqmdata00.sqm moved successfully.

C:\sqmdata01.sqm moved successfully.

C:\sqmnoopt00.sqm moved successfully.

C:\sqmnoopt01.sqm moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Montaubric

->Temp folder emptied: 2917664076 bytes

->Temporary Internet Files folder emptied: 40659303 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 1911080 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 3191899 bytes

%systemroot%\System32 .tmp files removed: 62501952 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 37768 bytes

Windows Temp folder emptied: 193857845 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 1298930592 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 4 310,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default User

 

User: LocalService

 

User: Montaubric

->Flash cache emptied: 0 bytes

 

User: NetworkService

 

Total Flash Files Cleaned = 0,00 mb

 

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.22.3 log created on 04102011_105228

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

 

 

Je vais maintenant désinstaller et réinstaller Adobe Acrobat Reader.

 

Je ne sais pas si c'est des symptômes, mais j'ai remarqué quelques autres petites choses :

- après avoir démarré, le PC ouvre une fenêtre avec un fond noir et des choses écrites dedans, mais ça passe trop vite pour que j'ai le temps de lire. C'est normal?

- des fois, Bitdefender ne marchait plus (icone grise) et revenait tout seul au bout d'une minute environ.

- j'avais annulé les mises à jour automatiques de bitdefender parce que ça faisait trop ramé le PC quand il les faisait (je les fais manuellement tous les matins quand j'allume le PC). Je laisse comme ça ou pas?

 

Et merci pour ta patience et tes explications très claires.

 

Cilou66

[lance_yien]

Bonjour Cilou66,

 

...

Je ne sais pas si c'est des symptômes, mais j'ai remarqué quelques autres petites choses :

- après avoir démarré, le PC ouvre une fenêtre avec un fond noir et des choses écrites dedans, mais ça passe trop vite pour que j'ai le temps de lire. C'est normal?

Sans aucun détail, je ne sais pas quoi te dire à part de surveiller si ça revient.

 

- des fois, Bitdefender ne marchait plus (icone grise) et revenait tout seul au bout d'une minute environ.

- j'avais annulé les mises à jour automatiques de bitdefender parce que ça faisait trop ramé le PC quand il les faisait (je les fais manuellement tous les matins quand j'allume le PC). Je laisse comme ça ou pas?

En effet il est lourd comme programme ainsi que tous les "Internet Security...".

Je te suggère d'essayer un autre antivirus (Avira ou Avast qui sont gratuit en plus:)).

ATTENTION: Pour désinstaller Bitdefender, Passer par "Ajout/suppression de programmes". Ensuite télécharger et utiliser leur utilitaire.

 

MAIS avant ça finis les instructions suivantes.

--

 

>>> Supprimer les utilitaires:

- Lancer OTL et cliquer sur Purge outils. Laisser faire et redémarrer le PC.

- Pour supprimer les autres utilitaires et leur rapports, cliquer-droit dessus => "Supprimer".

 

 

>>> Ré-initialiser les Points de Restauration parce qu'elles peuvent contenir des traces d'infection:

Cliquer-droit sur "Poste de travail" => "Propriétés" => "Restauration Système". Cocher la case "désactiver..." et cliquer sur "appliquer".

Quand c'est prêt, décocher cette même case => "OK" et redémarrer le PC.

Un nouveau point de restauration sera créé.

 

 

>>> StartUpLite Il y a toujours des programmes qui se lancent INUTILEMENT en même temps que Windows.

Télécharger, sur le Bureau, MBAM' StartUpLite depuis ici.

Fermer toutes les applications en cours et autres fenêtres ouvertes et cliquer-droit sur StartUpLite.exe => "Exécuter en tant qu'administrateur" pour lancer le programme.

Il affichera toutes les entrées inutiles en démarrage automatique

Sélectionner TOUTES les entrées affichées et cliquer sur Continue.

S'il affiche "No unnecessary startups found!", c'est qu'il n'y a rien à faire.

 

 

>>> Protéger/ Sécuriser:

• Vérifier le Pare-feu: Un pare-feu est le 1er rempart contre les intrusions.
  - Celui de Vista/ Windows 7, contrôler et activer si nécessaire depuis le "Centre de sécurité".
  - Celui inclus dans Windows XP ne contrôle pas le flux sortant d'Internet d'où l'importance d'en installer un autre.
  Vérifier et choisir, si nécessaire, un parmi ceux-ci (gratuits): Online Armor Firewall, Sunbelt Personal Firewall, Outpost Firewall FREE.
   
  
• Contrôler et configurer les mises à jour Windows:
  - Cliquer ICI et installer toutes les Mises à jour critiques après avoir accepté l'installation de l'activex (si proposé).
  - OU, cliquer sur "Démarrer" => "Tous les programmes" => "Windows update".
  - ET, optez (si ce n'est pas encore fait) pour une MAJ Automatique à une heure où vous êtes sûr que votre PC n'est pas éteint.
   
  
  
  

  
   
  

• Installer PSI de Secunia pour des MAJ logiciels
  
• Installer Update Checker pour des MAJ pilotes
  
• Utiliser PC Pitstop pour Optimiser votre PC (en anglais)
  
• Sauvegarder le Registre avec Erunt
  Pour des raisons évidentes, garder les copies de sauvegarde sur un support autre que le disque système.
  
• Immunisez votre machine avec Spyware Blaster, compatible avec Toutes les versions de Windows 32bit et 64bit. Tuto.
  
• Vaccinez votre machine et vos médias amovibles (clés USB...) avec MKV contre les "vers" (Autorun worms). Juste brancher tous les médias amovibles, lancer le programme et cliquer sur le bouton Vaccination (l'action est reversible en cliquant sur "Supprimer la vaccination".
  
• Opter pour Firefox ou Opera pour la navigation de tous les jours et réserver Internet Explorer pour les Mises à jour et les cas bien spécifiques.
  
• Nettoyer et dé-fragmenter, régulièrement, les Partitions/ Disques.

 

>>> Ce qu'il faut ÉVITER ABSOLUMENT: Parce qu'il existe toujours un programme/logiciel gratuit et légal pour pratiquement tout ce qu'on veut, supprimer de votre machine et rester à l'écart de tout ce qui est,

• Warez , Crack , keygen etc. Arrêter de croire que ces programmes sont là juste pour faire plaisir ou rendre service. Il n'y a qu'à parcourir les Forums pour voir le nombre de PC victimes de ces programmes.
  
• P2P , *.Torrent etc: Lire attentivement Le danger des P2P.

 

>>> Ajouter Résolu: Merci d'éditer ton 1er post pour ajouter [Résolu] à la fin du titre après avoir cliqué sur le bouton "Modifier".

 

Bonne chance!