Plus rien ne va ... ou presque!!!

maykiki · le 25 avril 2011

Bonjour à tous,

ca faisait longtemps que je n avais pas eu besoin de vos conseils précieux!!!

Sur mon netbook ACER Aspire one, XP familial SP3, j ai plein de problemes depuis plusieurs semaines.

en gros, il rame énormément tant au niveau internet que bureautique.

l ouverture prends en gros 4- 5 minutes, qd je lance firefox, il faut le faire plusieurs fois et patienter, patienter...

Quant à ma connexion WIFI, impossible de me connecter de chez moi il ne trouve pas mon acces, oblige de me connecter sur mon voisin et chose etrange, chez mon voisin je capte MON wifi!!

Autre chose, une fois connecte sur un wifi, pour changer de wifi, je ne peux plus simplement deconnecte et reconnecte. J ai trouve cette astuce, je dois passer Winsockxpfix suite a un message d erreur me disant winsock absent, un truc comme ca!

J ai assez souvent aussi des fenetres publicitaires qui s ouvrent.

J avais pense a le formater vu que je n ai rien d important dessus mais je ne sais comment faire! Pas de lecteur CD externe, juste une cle USB! Pas de disque de reinstallation... j ai un peu peur de me retrouver avec une becane sans OS!!

Voila le rapport hijackthis, en esperant que qqun saura m aider ;-)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:00:23, on 25/04/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Launch Manager\dsiwmis.exe

C:\Program Files\Acer\Acer VCM\RS_Service.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\WINDOWS\snuvcdsm.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Acer\Acer VCM\AcerVCM.exe

C:\Documents and Settings\Julie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\CheckPoint\ZAForceField\ForceField.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\OfferBox\OfferBox.exe

C:\Program Files\Fluendo\Moovida\spointer\moovida_air.exe

C:\Documents and Settings\Julie\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=ao532h&r=0xph0510y445l04g4wu05w5562r329

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=ao532h&r=0xph0510y445l04g4wu05w5562r329

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=ao532h&r=0xph0510y445l04g4wu05w5562r329

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll

R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll

R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll

O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: Interest recogniser for Moovida (powered by Spointer) - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} - C:\Program Files\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll

O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll

O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll

O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll

O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe

O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"

O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe

O4 - HKLM\..\Run: [sNUVCDSM] C:\WINDOWS\snuvcdsm.exe

O4 - HKLM\..\Run: [snp2uvc] rundll32.exe C:\WINDOWS\system32\csnp2uvc.dll,ResetCIDS

O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\Julie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe

O4 - Global Startup: Acer VCM.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--

End of file - 12466 bytes

lance_yien · le 26 avril 2011

Bonjour maykiki,

Très Important!

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

>>> Que faire à la réception de nouvelles instructions:

Lire la totalité du message.
TOUS LES UTILITAIRES doivent être lancés depuis le Bureau (sauf indication spécifique). Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

>>> Ne pas abandonner son sujet avant d'avoir été informé(e) que tout est OK.

>>> Désinstaller (depuis Ajout/ suppression de programmes si présents) ces barres d'outils qui s'installent souvent sans rien demander et ne servent qu'à espionner tes habitudes et/ ou apporter des adwares et autres malware: "Freecorder", "Softonic-Eng7" et "OfferBox" et supprimer leur dossiers si toujours présents:

C:\Program Files\Freecorder

C:\Program Files\Softonic-Eng7

C:\Program Files\OfferBox

--

Ensuite,

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

Malware Bytes Anti-Malware depuis ici.
Security Check (par screen317) depuis ici ou ici.

>>> Utiliser Malwarebytes' Anti-Malware: Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur mbam-setup.exe (pour Vista/ Windows7, cliquer-droit sur mbam-setup.exe => "Exécuter en tant qu'administrateur"). Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

Patienter jusqu'à la fin (affichage du message ci-dessous)

Cliquer sur OK, pour fermer ce message.

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

Rapports demandés:

Malwarebytes Anti-Malware log
checkup.txt

maykiki · le 26 avril 2011

Salut lance__yien!

Merci de prendre en charge ma demande! Quel galèr ce pc, heureusement que j en ai un autre!!!

alors voila les rapports demandés:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Version de la base de données: 6448

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

26/04/2011 19:30:44

mbam-log-2011-04-26 (19-30-44).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 147644

Temps écoulé: 6 minute(s), 10 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Results of screen317's Security Check version 0.99.10

Windows XP Service Pack 3

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Avira AntiVir Personal - Free Antivirus

ZoneAlarm

ZoneAlarm Toolbar

Avira successfully updated!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

HijackThis 2.0.2

Adobe Flash Player 10.2.152.32

Adobe Reader 9.4.4 MUI

Out of date Adobe Reader installed!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

``````````End of Log````````````

Merci à toi pour la marche à suivre ;-)

@+

lance_yien · le 27 avril 2011

Bonjour,

Pas de signes d'infection visible. On continue!

Tu ne m'as rien dit à propos de la désinstallation de "Freecorder", "Softonic-Eng7" et "OfferBox"?

--

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe (Vista/ Windows7, cliquer-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

maykiki · le 27 avril 2011

Hello!

alors pour les 3 dossiers a desinstaller, ils etaient presents tous les 3 mais c fait, supprimer!

Je fais suivre les 2 rapports!

Merci bcp!

en tout cas, c deja ca s il ne parait pas infecte ;-)

Modifié le 27 avril 2011 par maykiki

maykiki · le 27 avril 2011

OTL logfile created on: 27/04/2011 17:24:16 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Julie\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 013,00 Mb Total Physical Memory | 556,00 Mb Available Physical Memory | 55,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 138,05 Gb Total Space | 97,88 Gb Free Space | 70,90% Space Free | Partition Type: NTFS

Computer Name: ACER-891255B6DC | User Name: Julie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/27 17:21:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Julie\Bureau\OTL.exe

PRC - [2011/04/23 21:36:59 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Julie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe

PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/05/28 09:44:13 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2010/05/28 09:44:13 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2010/05/18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe

PRC - [2010/01/13 11:55:58 | 000,030,080 | ---- | M] () -- C:\WINDOWS\snuvcdsm.exe

PRC - [2010/01/13 11:03:48 | 000,109,648 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe

PRC - [2009/12/11 10:21:48 | 001,160,272 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe

PRC - [2009/09/10 15:43:08 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

PRC - [2009/09/10 15:42:46 | 000,305,448 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe

PRC - [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe

PRC - [2009/07/10 16:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe

PRC - [2009/07/10 03:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe

PRC - [2009/07/03 19:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe

PRC - [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011/04/27 17:21:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Julie\Bureau\OTL.exe

MOD - [2011/01/11 04:27:10 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll

MOD - [2011/01/11 04:24:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcp80.dll

MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2010/05/18 16:01:40 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2011/01/24 15:49:34 | 000,310,640 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/05/28 09:44:13 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010/05/28 09:44:13 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010/05/20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)

SRV - [2010/05/18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)

SRV - [2010/01/13 11:03:48 | 000,109,648 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)

SRV - [2009/09/10 15:42:46 | 000,305,448 | ---- | M] () [On_Demand | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)

SRV - [2009/07/10 03:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)

SRV - [2009/07/03 19:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®

SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - [2011/01/30 17:48:32 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/05/28 09:44:13 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/05/28 09:44:13 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010/05/18 16:01:28 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)

DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)

DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)

DRV - [2010/01/13 11:55:54 | 001,766,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV - [2010/01/05 02:54:48 | 001,602,856 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)

DRV - [2009/12/09 11:52:54 | 006,017,568 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2009/11/18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009/11/18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2009/09/04 07:46:08 | 000,045,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)

DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008/12/02 05:52:00 | 000,058,800 | ---- | M] (Egis Incorporated.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV - [2008/12/02 05:52:00 | 000,017,840 | ---- | M] (Egis Incorporated.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV - [2008/12/02 05:52:00 | 000,015,280 | ---- | M] (Egis Incorporated.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=ao532h&r=0xph0510y445l04g4wu05w5562r329

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=ao532h&r=0xph0510y445l04g4wu05w5562r329

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=ao532h&r=0xph0510y445l04g4wu05w5562r329

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic-Eng7 Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "Bing"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/ig"

FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15

FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.223.0

FF - prefs.js..extensions.enabledItems: moovida@spointer.com:2.4.1379.97

FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.1.3

FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.7.2.0

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2

FF - prefs.js..keyword.URL: "http://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/02/07 14:57:46 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\moovida@spointer.com: C:\Program Files\Fluendo\Moovida\spointer\extensions\moovida@spointer.com [2010/07/11 19:47:29 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 23:48:19 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 09:02:39 | 000,000,000 | ---D | M]

[2010/05/27 20:28:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Julie\Application Data\Mozilla\Extensions

[2011/04/25 09:11:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\extensions

[2010/07/18 19:32:02 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}

[2010/10/03 21:57:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/10/03 21:57:18 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}

[2010/05/27 20:33:39 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}

[2010/10/02 21:33:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2011/04/23 21:36:59 | 000,002,650 | ---- | M] () -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\searchplugins\bing.xml

[2010/06/08 11:28:50 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\searchplugins\conduit.xml

[2010/07/11 21:16:35 | 000,002,548 | ---- | M] () -- C:\Documents and Settings\Julie\Application Data\Mozilla\Firefox\Profiles\bsf82ov3.default\searchplugins\fissa.xml

[2010/05/27 20:27:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/02/07 14:57:46 | 000,000,000 | ---D | M] (ZoneAlarm Security Engine) -- C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER

[2010/07/11 19:47:29 | 000,000,000 | ---D | M] (Interest Recognizer for Moovida) -- C:\PROGRAM FILES\FLUENDO\MOOVIDA\SPOINTER\EXTENSIONS\MOOVIDA@SPOINTER.COM

[2009/10/26 16:45:36 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll

[2010/07/30 08:09:33 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/07/30 08:09:33 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/07/30 08:09:33 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/07/30 08:09:34 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/07/30 08:09:34 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/04/25 18:51:30 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)

O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)

O2 - BHO: (Interest recogniser for Moovida (powered by Spointer)) - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} - C:\Program Files\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll (Moovida)

O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [iSW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)

O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)

O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )

O4 - HKLM..\Run: [sNUVCDSM] C:\WINDOWS\snuvcdsm.exe ()

O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)

O4 - Startup: C:\Documents and Settings\Julie\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\Julie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Julie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Julie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/03/02 22:44:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{6c3e2236-94a0-11df-bcc8-705ab649a961}\Shell\AutoRun\command - "" = n0qls.exe

O33 - MountPoints2\{6c3e2236-94a0-11df-bcc8-705ab649a961}\Shell\open\Command - "" = n0qls.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (65315805348233216)

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/04/27 17:22:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Julie\Bureau\OTL.exe

[2011/04/25 18:58:16 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Julie\Bureau\HiJackThis.exe

[2011/04/23 21:40:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Live Add-in

[2011/04/23 21:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector

[2011/04/23 21:40:21 | 000,054,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys

[2011/04/23 21:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework

[2011/04/23 21:39:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Julie\Application Data\PriceGong

[2010/03/13 21:49:08 | 000,049,464 | ---- | C] ( ) -- C:\WINDOWS\AutosetFrequency.exe

[2010/03/13 21:43:30 | 000,245,120 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll

[2010/03/13 21:43:30 | 000,202,112 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll

[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/27 17:25:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/04/27 17:21:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Julie\Bureau\OTL.exe

[2011/04/27 17:13:47 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/04/27 17:13:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/04/27 17:13:08 | 1062,309,888 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/26 19:38:02 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/04/26 19:37:02 | 000,879,081 | ---- | M] () -- C:\Documents and Settings\Julie\Bureau\SecurityCheck.exe

[2011/04/25 18:57:58 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Julie\Bureau\HiJackThis.exe

[2011/04/25 09:02:40 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk

[2011/04/24 19:44:32 | 000,515,618 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2011/04/24 19:44:32 | 000,446,018 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/04/24 19:44:32 | 000,087,060 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2011/04/24 19:44:32 | 000,073,224 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/04/23 21:36:59 | 000,001,084 | ---- | M] () -- C:\Documents and Settings\Julie\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk

[2011/04/23 07:48:37 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/04/19 20:16:34 | 000,345,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/04/18 23:36:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011/04/12 20:22:08 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Julie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/04/07 06:19:26 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Julie\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk

[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/27 17:25:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/04/26 19:37:37 | 000,879,081 | ---- | C] () -- C:\Documents and Settings\Julie\Bureau\SecurityCheck.exe

[2011/04/25 09:02:40 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk

[2011/04/23 21:36:59 | 000,001,084 | ---- | C] () -- C:\Documents and Settings\Julie\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk

[2011/04/07 06:19:26 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\Julie\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk

[2010/10/14 18:35:08 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

[2010/09/26 19:39:50 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010/09/26 19:39:49 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2010/09/26 19:39:46 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010/09/26 19:39:46 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010/09/26 19:39:45 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/08/31 17:43:27 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010/08/02 09:49:08 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Julie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/23 21:19:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Julie\Application Data\wklnhst.dat

[2010/05/28 03:21:42 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Julie\Local Settings\Application Data\fusioncache.dat

[2010/05/27 20:33:20 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat

[2010/05/27 20:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/03/13 21:49:08 | 000,632,056 | ---- | C] () -- C:\WINDOWS\Image.dll

[2010/03/13 21:49:08 | 000,206,208 | ---- | C] () -- C:\WINDOWS\PLFSetI.exe

[2010/03/13 21:49:08 | 000,025,848 | ---- | C] () -- C:\WINDOWS\USB_VIDEO_REG.exe

[2010/03/13 21:49:08 | 000,000,637 | ---- | C] () -- C:\WINDOWS\AutoSetFrequency.ini

[2010/03/13 21:43:30 | 001,766,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys

[2010/03/13 21:43:30 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys

[2010/03/13 21:43:30 | 000,030,080 | ---- | C] () -- C:\WINDOWS\snuvcdsm.exe

[2010/03/13 21:43:30 | 000,000,378 | ---- | C] () -- C:\WINDOWS\PidList.ini

[2010/03/03 07:24:41 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe

[2010/03/03 07:24:41 | 000,007,003 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2010/03/03 07:24:31 | 000,515,618 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2010/03/03 07:24:31 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2010/03/03 07:24:31 | 000,087,060 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2010/03/03 07:24:31 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2010/03/03 07:24:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2010/03/03 07:24:20 | 000,446,018 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2010/03/03 07:24:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2010/03/03 07:24:20 | 000,073,224 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2010/03/03 07:24:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2010/03/03 07:24:19 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2010/03/03 07:24:19 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2010/03/03 07:24:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2010/03/03 07:24:16 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2010/03/03 07:24:16 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2010/03/03 07:24:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2010/03/03 07:24:10 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2010/03/03 01:41:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2010/03/03 00:01:28 | 000,361,808 | ---- | C] () -- C:\WINDOWS\EMCRI_E.dll

[2010/03/02 23:54:44 | 000,231,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTConvEQ.dat

[2010/03/02 23:54:44 | 000,001,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat

[2010/03/02 23:54:44 | 000,000,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat

[2010/03/02 23:54:44 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat

[2010/03/02 23:54:44 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat

[2010/03/02 23:54:44 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat

[2010/03/02 23:54:44 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat

[2010/03/02 23:39:55 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010/03/02 23:39:12 | 000,345,016 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/03/02 22:47:12 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe

[2010/03/02 22:46:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010/03/02 22:42:56 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/03/02 22:42:06 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2010/03/02 22:44:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011/03/14 00:44:19 | 000,000,216 | RHS- | M] () -- C:\boot.ini

[2008/04/14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2010/03/02 22:44:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2011/04/27 17:13:08 | 1062,309,888 | -HS- | M] () -- C:\hiberfil.sys

[2010/03/02 22:44:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/07/26 10:50:52 | 000,002,060 | ---- | M] () -- C:\MOD01SET0J00P2000X.enc

[2008/09/11 11:27:43 | 000,002,488 | ---- | M] () -- C:\MOD01WOS02FRP20001.enc

[2010/03/02 22:44:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008/04/14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008/04/14 14:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2011/04/27 17:13:06 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys

[2011/04/27 17:25:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2010/03/02 23:55:11 | 000,002,133 | ---- | M] () -- C:\RHDSetup.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

[2010/03/02 23:38:54 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2010/03/02 23:38:54 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2010/03/02 23:38:53 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >

[2011/02/17 15:18:24 | 000,455,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys

[2011/01/30 17:48:32 | 000,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys

[2011/02/17 15:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-25 22:15:24

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A16A184

@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D7E5A8F

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93DE1838

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:041C0562

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1F04E8D

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ABE89FFE

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:444C53BA

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7DFDF9DF

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

maykiki · le 27 avril 2011

OTL Extras logfile created on: 27/04/2011 17:24:16 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Julie\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 013,00 Mb Total Physical Memory | 556,00 Mb Available Physical Memory | 55,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 138,05 Gb Total Space | 97,88 Gb Free Space | 70,90% Space Free | Partition Type: NTFS

Computer Name: ACER-891255B6DC | User Name: Julie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp

"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)

"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works

"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM

"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour

"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime

"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger

"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{6084C211-01A1-464E-97A0-09772E122B50}" = Moovida

"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare

"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam

"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{81E95872-8357-4363-A764-8F98B28340C5}" = Ma-Config.com

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console

"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack

"{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar

"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.4 MUI

"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support

"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FC9B811E-39BC-4813-9E29-B83CCF700010}" = WebCam

"2127ABE5E1966BDA60C24138AD02D2431C7A6FAA" = ENE USB Card Reader Driver

"Acer Screensaver" = Acer ScreenSaver

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Alice's Tea Cup Madness Deluxe" = Alice's Tea Cup Madness Deluxe

"Avenue Flo Deluxe" = Avenue Flo Deluxe

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"AVS Update Manager_is1" = AVS Update Manager 1.0

"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4

"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7

"BFGC" = Big Fish Games: Game Manager

"BFG-Elixir of Immortality" = Elixir of Immortality

"Burger Shop 2 Deluxe" = Burger Shop 2 Deluxe

"Cake Mania - Lights, Camera, Action! Deluxe" = Cake Mania - Lights, Camera, Action! Deluxe

"CleanUp!" = CleanUp!

"ddfed826c16f5c6bd841e979ecc3dbea" = Marooned 2 - Secrets of the Akoni

"Delicious - Emilys Holiday Season Deluxe" = Delicious - Emilys Holiday Season Deluxe

"DivX Setup.divx.com" = Configuration DivX

"Fantastic Farm Deluxe" = Fantastic Farm Deluxe

"Farm Craft 2 - Global Vegetable Crisis Deluxe" = Farm Craft 2 - Global Vegetable Crisis Deluxe

"Farm Frenzy - Gone Fishing Deluxe" = Farm Frenzy - Gone Fishing Deluxe

"Farm Frenzy 3 - Ice Age Deluxe" = Farm Frenzy 3 - Ice Age Deluxe

"Farm Frenzy 3 - Russian Roulette Deluxe" = Farm Frenzy 3 - Russian Roulette Deluxe

"Fishdom 2 Deluxe" = Fishdom 2 Deluxe

"Fissa" = Fissa

"Gardenscapes Deluxe" = Gardenscapes Deluxe

"Great Adventures - Lost in Mountains Deluxe" = Great Adventures - Lost in Mountains Deluxe

"HDMI" = Intel® Graphics Media Accelerator Driver

"Heroes of Hellas 2 - Olympia Deluxe" = Heroes of Hellas 2 - Olympia Deluxe

"HijackThis" = HijackThis 2.0.2

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"Identity Card" = Identity Card

"ie8" = Windows Internet Explorer 8

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"Joan Jade and the Gates of Xibalba Deluxe" = Joan Jade and the Gates of Xibalba Deluxe

"jv16 PowerTools_is1" = jv16 PowerTools 1.3

"KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full)

"Leeloo's Talent Agency Deluxe" = Leeloo's Talent Agency Deluxe

"LManager" = Launch Manager

"Love and Death - Bitten Deluxe" = Love and Death - Bitten Deluxe

"Loveley Kitchen Deluxe" = Loveley Kitchen Deluxe

"Luxor Great Adventures Deluxe" = Luxor Great Adventures Deluxe

"Magic Encyclopedia - Illusions Deluxe" = Magic Encyclopedia - Illusions Deluxe

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Miriel's Enchanted Mystery Deluxe" = Miriel's Enchanted Mystery Deluxe

"Mirror Mysteries Deluxe" = Mirror Mysteries Deluxe

"Mortimer Beckett and the Lost King Deluxe" = Mortimer Beckett and the Lost King Deluxe

"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"My Kingdom for the Princess Deluxe" = My Kingdom for the Princess Deluxe

"Posh Boutique 2 Deluxe" = Posh Boutique 2 Deluxe

"PROPLUS" = Microsoft Office Professional Plus 2007

"RadLight MPC DirectShow Filter" = RadLight MPC DirectShow Filter (remove only)

"Ranch Rush 2 Deluxe" = Ranch Rush 2 Deluxe

"Ranch Rush Deluxe" = Ranch Rush Deluxe

"Royal Envoy Deluxe" = Royal Envoy Deluxe

"Sally's Studio Deluxe" = Sally's Studio Deluxe

"Samantha Swift and the Mystery from Atlantis Deluxe" = Samantha Swift and the Mystery from Atlantis Deluxe

"Settlement - Colossus Deluxe" = Settlement - Colossus Deluxe

"SKIP-BO Castaway Caper" = SKIP-BO Castaway Caper

"SpywareBlaster_is1" = SpywareBlaster 4.3

"Supermarket Management Deluxe" = Supermarket Management Deluxe

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Trivial Pursuit Family Edition" = Trivial Pursuit Family Edition

"Vacation Mogul Deluxe" = Vacation Mogul Deluxe

"Vampireville Deluxe" = Vampireville Deluxe

"VLC media player" = VLC media player 1.1.4

"Wandering Willows Deluxe" = Wandering Willows Deluxe

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = Logiciel d'archivage WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"ZoneAlarm" = ZoneAlarm

"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Notification de cadeaux MSN" = Notification de cadeaux MSN

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 23/04/2011 02:20:14 | Computer Name = ACER-891255B6DC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 2000

Error - 23/04/2011 02:20:14 | Computer Name = ACER-891255B6DC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 2000

Error - 25/04/2011 13:39:09 | Computer Name = ACER-891255B6DC | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 25/04/2011 13:39:11 | Computer Name = ACER-891255B6DC | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 25/04/2011 15:07:24 | Computer Name = ACER-891255B6DC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 25/04/2011 15:07:24 | Computer Name = ACER-891255B6DC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 2187

Error - 25/04/2011 15:07:24 | Computer Name = ACER-891255B6DC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 2187

Error - 25/04/2011 15:07:26 | Computer Name = ACER-891255B6DC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 25/04/2011 15:07:26 | Computer Name = ACER-891255B6DC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 4406

Error - 25/04/2011 15:07:26 | Computer Name = ACER-891255B6DC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 4406

[ OSession Events ]

Error - 09/06/2010 15:32:12 | Computer Name = ACER-891255B6DC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application

Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 160 seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 26/04/2011 13:16:17 | Computer Name = ACER-891255B6DC | Source = Service Control Manager | ID = 7023