Besoin d'aide SVP [Résolu]

[Dancamelonat]

J'ai récemment été infecté et j'ai eu beaucoup de difficultés qui ne sont pas toutes réglées. Mon antivirus n'était pas à jour à ce moment là non plus. J'ai depuis renouvelé ma licence. Entre autre j'ai été prise avec antivirus antispyware 2011. J'ai réussie à l'aide de forum à retirer des clés du registre et avec mon antivirus ZA à bloquer des accès. Mon système est maintenant plus stable mais j'ai encore des problèmes et je ne suis vraiment pas assez connaissante pour régler ça.

 

J,ai utilisé spybot qui détecte mais ne corrige pas semble-t-il puisque il les redétecte à la prochaine analyse. J'ai aussi essayé Malwarebytes antimalware mais ne sais pas trop ce qu'il a fait de bon. Je suis donc toujours au prise avec : clik.giftload et win32.fraudload.edt

 

Actuellement mon PC a les symptomes suivants:

- je boot et qq fois rien ne se passe, j’aperçois mon wallpaper sans plus. Rien ne load et je dois forcer la fermeture et retenter un boot

- l'apparence de certains de mes logiciels semblent altérée. Comme la boite de réception et d'envoi de outlook. QQ fois explorer pplante et tout mon affichage change.

-J'ai souvent un message avec generichost process win 32 services qui aurait un prob

-Certaines fois ma connection internet disparait et je dois à nouveau entrer les paramètres

 

Ça vous dit qq chose? Je suis craintive et peu de connaissance dans ce genre de problème. On peut m'aider?

 

Qq'un m'a fait peur et m'a dit que mon PC était à risque et que mes info perso dont mes info bancaires pourraient être connues à cause de ce problème. Est-ce vrai?

 

Merci à l'avance pour votre aide

 

Danca

Modifié le 13 mai 2011 par Dancamelonat

[lance_yien]

Bonjour Dancamelonat,

 

---

Très Important!

 

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

 

>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions:

• Lire la totalité du message.
  
• TOUS LES UTILITAIRES doivent être lancés depuis le Bureau (sauf indication spécifique). Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
  Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  
• Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  
• Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  
• NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.
  

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

 

>>> Ne pas abandonner son sujet avant d'avoir été informé(e) que tout est OK.

---

 

... Qq'un m'a fait peur et m'a dit que mon PC était à risque et que mes info perso dont mes info bancaires pourraient être connues à cause de ce problème. Est-ce vrai?

Ce quelqu'un suit toujours ton problème? Si oui et sur un autre forum, merci de nous donner le lien pour mieux comprendre ton problème.

Concernant le risque de vol d'identifiant, mots de passe et autres documents confidentiel, oui ça existe et c'est même fréquent. Pour ton cas, il faut que ce quelqu'un te dise sur quoi se base-t-il s'il confirme ce risque sur ta machine.

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

>>> Utiliser Malwarebytes' Anti-Malware: Fermer toutes les applications et fenêtres ouvertes et lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

 

 

Patienter jusqu'à la fin (affichage du message ci-dessous)

 

 

Cliquer sur OK, pour fermer ce message.

 

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

 

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

 

 

>>> Utiliser SecurityCheck: Télécharger, sur le Bureau Security Check (par screen317) depuis ici ou ici

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur "SecurityCheck.exe" (Vista/W7, cliquer-droit dessus => "Exécuter en tant qu'administrateur") pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

 

 

Rapports demandés:

• Malwarebytes Anti-Malware log
• checkup.txt

[Dancamelonat]

Merci pur votre réponse. J'ai commencé le backup de mes donées personnelles. Mon PC est très lent et a tendance à bloquer alors c'est long. Je fais la suite ensuite et vous reviens. Je crois que nous ne sommes pas sur le même fuseau horaire non plus...

 

Et pour l'info donnée, non ce n'est pas sur un forum....alors j'attendrai votre avant avant de m'énerver

Modifié le 7 mai 2011 par Dancamelonat

[Dancamelonat]

Voici les 2 rapports demandés

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 6520

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

2011-05-06 15:39:01

mbam-log-2011-05-06 (15-39-01).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 198033

Temps écoulé: 19 minute(s), 11 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

 

 

Results of screen317's Security Check version 0.99.10

Windows XP Service Pack 3

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!

ZoneAlarm Extreme Security

Antivirus up to date! (On Access scanning disabled!)

```````````````````````````````

Anti-malware/Other Utilities Check:

Out of date Spybot installed!

Malwarebytes' Anti-Malware

Java 6 Update 20

Java 6 Update 7

Java 2 Runtime Environment, SE v1.4.2_03

Out of date Java installed!

Adobe Flash Player 10.2.159.1

Adobe Reader 8.2.6 - Français

Out of date Adobe Reader installed!

Mozilla Firefox (x86 fr..)

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

[lance_yien]

Bonjour,

 

....alors j'attendrai votre avir avant de m'énerver

??

--

 

Pas de signe d'infection! On continue.

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe (Vista/ Windows7, cliquer-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

 

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

 

Rapports demandés:

• OTL.txt
• Extras.txt

[Dancamelonat]

Je suis incapable de poster ma réponse en utilisant " ajouter une réponse " je reçois le message suivant La connexion avec le serveur a été réinitialisée pendant le chargement de la page.

[lance_yien]

Bonjour,

 

Utilise la "Réponse rapide" puisqu'elle semble fonctionner d'après ton MP ou essaie depuis un autre PC.

[Dancamelonat]

Maintenant plus le choix de venir sur un autre PC, mon PC ne veut plus souvrir sauf en mode sans échec depuis ce matin. J'avais sargardé sur une clé USB

 

Voici un rapport

 

OTL logfile created on: 2011-05-07 15:55:05 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrateur\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

 

1 014,00 Mb Total Physical Memory | 585,00 Mb Available Physical Memory | 58,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74,52 Gb Total Space | 29,69 Gb Free Space | 39,84% Space Free | Partition Type: NTFS

Drive F: | 241,13 Mb Total Space | 155,53 Mb Free Space | 64,50% Space Free | Partition Type: FAT

Drive G: | 14,90 Gb Total Space | 2,20 Gb Free Space | 14,73% Space Free | Partition Type: FAT32

 

Computer Name: PANASONI-D546DF | User Name: Administrateur | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011-05-07 15:53:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe

PRC - [2010-08-27 05:34:02 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe

PRC - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2009-10-16 10:31:38 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe

PRC - [2009-03-30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE

PRC - [2009-03-30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE

PRC - [2008-07-10 09:47:18 | 000,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

PRC - [2008-04-13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007-03-20 16:37:38 | 000,726,672 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\WSwitch\WSwitch.exe

PRC - [2007-02-21 11:19:58 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe

PRC - [2007-02-21 11:17:42 | 000,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe

PRC - [2007-02-21 11:13:26 | 000,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

PRC - [2007-02-12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2007-02-12 13:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2006-12-21 20:47:24 | 000,186,000 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe

PRC - [2006-11-28 12:53:52 | 000,054,928 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe

PRC - [2003-04-06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011-05-07 15:53:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe

MOD - [2010-08-27 05:34:08 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

MOD - [2010-08-27 05:33:58 | 000,562,664 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\AK\icsak.dll

MOD - [2010-08-23 12:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2008-07-25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll

MOD - [2008-07-25 11:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011-05-03 22:50:36 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)

SRV - [2010-08-29 02:54:52 | 002,434,568 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)

SRV - [2010-08-27 05:34:02 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)

SRV - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)

SRV - [2009-10-16 10:31:38 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe -- (ScsiAccess)

SRV - [2009-03-30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2008-11-04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2008-07-10 09:47:18 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2007-02-12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®

SRV - [2006-12-21 20:47:24 | 000,186,000 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe -- (PcInfoSV)

SRV - [2006-11-28 12:53:52 | 000,054,928 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe -- (PcInfoPi)

SRV - [2006-10-26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2005-04-04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2003-03-09 16:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010-08-27 05:33:54 | 000,035,568 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand | Running] -- C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys -- (icsak)

DRV - [2010-08-27 05:33:54 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)

DRV - [2010-06-09 19:16:12 | 000,528,128 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)

DRV - [2010-02-19 14:54:14 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)

DRV - [2009-11-12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009-10-14 12:29:54 | 000,030,880 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)

DRV - [2009-10-12 18:15:30 | 000,317,072 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)

DRV - [2009-10-12 18:15:26 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\kl1.sys -- (kl1)

DRV - [2009-01-07 23:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)

DRV - [2008-12-07 12:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)

DRV - [2008-07-02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)

DRV - [2007-10-09 20:56:39 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)

DRV - [2007-10-09 20:52:16 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2007-03-02 16:56:24 | 000,042,624 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\newmisc.sys -- (NewMisc)

DRV - [2007-02-25 06:05:24 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Pilote de carte Intel®

DRV - [2007-02-21 11:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)

DRV - [2006-12-22 07:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2006-12-22 07:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)

DRV - [2006-12-22 07:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2006-11-14 06:48:36 | 000,019,840 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hotkey.sys -- (HOTKEY)

DRV - [2005-10-21 07:19:34 | 000,036,352 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)

DRV - [2005-01-31 06:20:03 | 000,211,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)

DRV - [2005-01-31 06:12:46 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)

DRV - [2001-08-17 20:13:14 | 000,046,108 | ---- | M] (Xircom, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cben5.sys -- (CBEN5)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.152.14

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6

FF - prefs.js..extensions.enabledItems: en-CA@dictionaries.addons.mozilla.org:2.0.0

FF - prefs.js..extensions.enabledItems: {E37D0722-A3C5-4874-AEEB-718E1BE6100D}:1.9.1

FF - prefs.js..network.proxy.type: 0

 

 

FF - HKLM\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011-05-05 06:57:16 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{E37D0722-A3C5-4874-AEEB-718E1BE6100D}: C:\Documents and Settings\Administrateur\Local Settings\Application Data\{E37D0722-A3C5-4874-AEEB-718E1BE6100D} [2011-05-03 10:45:20 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-05-05 06:47:19 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

 

[2010-04-27 08:59:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions

[2011-05-03 23:52:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\extensions

[2010-04-29 14:29:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011-05-03 13:33:00 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2011-01-14 22:15:01 | 000,000,000 | ---D | M] (Canadian English Dictionary) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\extensions\en-CA@dictionaries.addons.mozilla.org

[2010-07-28 14:16:06 | 000,001,183 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\searchplugins\4shared.xml

[2010-10-30 14:45:19 | 000,002,979 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\searchplugins\photoxpress.xml

[2011-05-05 06:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

File not found (No name found) --

[2011-05-03 10:45:20 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\{E37D0722-A3C5-4874-AEEB-718E1BE6100D}

[2009-01-23 11:33:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011-04-14 12:47:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2010-01-01 04:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010-01-01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

[2010-01-01 04:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010-01-01 04:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2010-01-01 04:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010-01-01 04:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2009-01-23 11:38:27 | 000,292,670 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.123topsearch.com

O1 - Hosts: 127.0.0.1 123topsearch.com

O1 - Hosts: 127.0.0.1 www.132.com

O1 - Hosts: 127.0.0.1 132.com

O1 - Hosts: 127.0.0.1 www.136136.net

O1 - Hosts: 127.0.0.1 136136.net

O1 - Hosts: 127.0.0.1 www.163ns.com

O1 - Hosts: 127.0.0.1 163ns.com

O1 - Hosts: 10077 more lines...

O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - {33973600-925A-11D9-A1F6-9234C84D2622} - No CLSID value found.

O3 - HKLM\..\Toolbar: (PROMT) - {892E81F6-EC63-4d13-8422-835A7A05D6EB} - C:\Program Files\PRMT8\PRMTIE\prmtie.dll (PROMT Ltd.)

O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)

O4 - HKLM..\Run: [intelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)

O4 - HKLM..\Run: [WSwitch] C:\Program Files\Panasonic\WSwitch\WSwitch.exe (Matsushita Electric Industrial Co., Ltd.)

O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp officejet 4100 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe (Hewlett-Packard Co.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O8 - Extra context menu item: Automatically Determine Topic Template - C:\Program Files\PRMT8\PRMTIE\aot.htm ()

O8 - Extra context menu item: Customize Translation Options - C:\Program Files\PRMT8\PRMTIE\options.HTM ()

O8 - Extra context menu item: Open Entry - C:\Program Files\PRMT8\PRMTIE\addentry.HTM ()

O8 - Extra context menu item: Search the Web - C:\Program Files\PRMT8\PRMTIE\search.HTM ()

O8 - Extra context menu item: Translate - C:\Program Files\PRMT8\PRMTIE\translat.HTM ()

O8 - Extra context menu item: Translate Page - C:\Program Files\PRMT8\PRMTIE\page.HTM ()

O8 - Extra context menu item: Unknown Words - C:\Program Files\PRMT8\PRMTIE\infopanel.HTM ()

O9 - Extra 'Tools' menuitem : Customize Translation Options - {4034D172-4C52-49de-A6A1-E75F8F591FEC} - C:\Program Files\PRMT8\PRMTIE\options.HTM ()

O9 - Extra 'Tools' menuitem : Translate - {A2DA13D5-AC77-43b7-963B-40445EBCB8E0} - C:\Program Files\PRMT8\PRMTIE\Prmtie5.htm ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O15 - HKCU\..Trusted Domains: google.com ([picasaweb] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: google.fr ([picasaweb] https in Sites de confiance)

O15 - HKCU\..Trusted Ranges: Range78 ([https] in Sites de confiance)

O16 - DPF: {03A89EFD-E023-8600-A22D-45F77558EB4C} http://e2icommconf.e2impact.com/download/ilinci86.dll (ILINCInstall86 Class)

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Java Plug-in Technology (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} Reg Error: Value error. (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control)

O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2007-07-03 14:46:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{f302894b-4887-11df-92ba-0013e84ac30f}\Shell - "" = AutoRun

O33 - MountPoints2\{f302894b-4887-11df-92ba-0013e84ac30f}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\I\Shell - "" = AutoRun

O33 - MountPoints2\I\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (86144953624821760)

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011-05-07 15:25:38 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe

[2011-05-06 15:43:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Téléchargements

[2011-05-05 21:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

[2011-05-05 21:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011-05-05 21:36:18 | 001,224,845 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Mes documents\ZHPFix.exe

[2011-05-05 21:35:07 | 002,457,557 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Mes documents\ZHPDiag2.exe

[2011-05-04 20:08:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011-05-04 20:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware

[2011-05-04 20:07:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011-05-04 20:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011-05-04 16:14:51 | 072,022,928 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrateur\Bureau\msert.exe

[2011-05-03 22:50:36 | 000,361,216 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe

[2011-05-03 18:02:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK

[2011-05-03 18:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\MailFrontier

[2011-05-03 14:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia

[2011-05-03 14:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe

[2011-05-03 13:43:57 | 000,072,704 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\zllsputility.exe

[2011-05-03 13:43:53 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\kl1.sys

[2011-05-03 13:41:53 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll

[2011-05-03 13:41:48 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll

[2011-05-03 13:41:48 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll

[2011-05-03 13:41:33 | 000,043,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll

[2011-05-03 13:41:32 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll

[2011-05-03 13:41:32 | 000,300,544 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll

[2011-05-03 13:41:32 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll

[2011-05-03 13:41:32 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll

[2011-05-03 13:41:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs

[2011-05-03 13:41:28 | 000,528,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys

[2011-05-03 13:41:22 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs

[2011-05-03 13:40:32 | 000,686,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll

[2011-05-03 13:40:32 | 000,229,376 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll

[2011-05-03 13:40:32 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll

[2011-05-03 13:29:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs

[2011-05-03 12:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software

[2011-05-03 12:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\TuneUp Software

[2011-05-03 10:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe

[2011-05-03 10:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia

[2011-05-03 10:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe

[2011-05-03 10:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\{E37D0722-A3C5-4874-AEEB-718E1BE6100D}

[2011-05-03 10:43:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\6D7CC288E1638A8C8FE27B6EB5C10E89

[2011-05-02 20:09:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\dL28603GgIgF28603

[2011-05-02 20:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes

[2011-05-02 20:00:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2011-05-01 21:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlySoft

[2011-05-01 21:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft

[2011-04-30 16:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\BitTorrent

[2011-04-22 09:20:06 | 000,000,000 | ---D | C] -- C:\Impot 2010

[2011-04-13 17:14:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hewlett-Packard

[2011-04-13 17:14:12 | 000,082,380 | ---- | C] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS

[2011-04-13 17:01:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys

[2011-04-13 16:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Hewlett-Packard

[2011-04-13 16:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard

[2002-08-09 14:58:36 | 000,133,120 | ---- | C] ( ) -- C:\WINDOWS\System32\ZipDLL.dll

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011-05-07 16:00:20 | 000,000,534 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job

[2011-05-07 15:57:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011-05-07 15:53:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe

[2011-05-07 15:46:56 | 000,000,144 | ---- | M] () -- C:\WINDOWS\System32\pdfl.dat

[2011-05-07 15:45:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011-05-07 15:45:35 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job

[2011-05-07 15:45:13 | 000,000,332 | -HS- | M] () -- C:\WINDOWS\tasks\afse.job

[2011-05-07 15:45:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011-05-07 12:22:26 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat

[2011-05-07 11:57:46 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe Enregistrer pour le Web 11.0 Prefs

[2011-05-06 15:44:00 | 000,879,081 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\SecurityCheck.exe

[2011-05-06 13:53:32 | 143,754,240 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\backup outlook.pst

[2011-05-05 21:49:33 | 000,000,392 | ---- | M] () -- C:\ZHPRegY1.zhp

[2011-05-05 21:49:21 | 000,000,392 | ---- | M] () -- C:\ZHPRegY0.zhp

[2011-05-05 21:42:51 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011-05-05 21:36:59 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

[2011-05-05 21:36:59 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

[2011-05-05 21:36:59 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

[2011-05-05 21:36:18 | 001,224,845 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Mes documents\ZHPFix.exe

[2011-05-05 21:35:08 | 002,457,557 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Mes documents\ZHPDiag2.exe

[2011-05-05 20:25:19 | 000,000,116 | ---- | M] () -- C:\WINDOWS\wininit.ini

[2011-05-05 06:47:22 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011-05-05 06:47:22 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk

[2011-05-04 20:08:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011-05-04 16:16:29 | 072,022,928 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Administrateur\Bureau\msert.exe

[2011-05-03 22:50:36 | 000,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe

[2011-05-03 16:55:51 | 000,000,246 | RHS- | M] () -- C:\boot.ini

[2011-05-03 14:30:54 | 019,423,264 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2011-05-03 14:30:54 | 000,228,692 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2011-05-03 13:46:50 | 000,425,725 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml

[2011-05-03 13:43:58 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ZoneAlarm Security.lnk

[2011-05-03 13:38:35 | 152,520,704 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ZASPSetup_93_037_000_en.exe

[2011-05-03 13:00:13 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Pjomabadebiri.dat

[2011-05-03 10:45:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Xselihajilesoqa.bin

[2011-05-03 09:22:04 | 003,801,120 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\cpes_clean.exe

[2011-05-01 21:16:42 | 000,000,040 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib

[2011-05-01 20:20:09 | 000,126,976 | RHS- | M] () -- C:\WINDOWS\System32\iac25_32X.dll

[2011-04-30 21:41:22 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011-04-28 13:17:39 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CDBurnerXP.lnk

[2011-04-25 16:30:48 | 003,026,275 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\Camille B&W Selective.jpg

[2011-04-14 09:56:14 | 000,330,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011-04-14 07:43:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011-04-14 07:28:40 | 000,514,142 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2011-04-14 07:28:40 | 000,444,810 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011-04-14 07:28:40 | 000,086,374 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2011-04-14 07:28:40 | 000,072,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011-04-13 17:29:36 | 000,000,531 | ---- | M] () -- C:\hpfr3420.xml

[2011-04-13 17:20:11 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp officejet 4100 series#1302729346.job

[2011-04-13 17:16:51 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp officejet 4100 series.lnk

[2011-04-13 17:15:35 | 000,020,471 | ---- | M] () -- C:\WINDOWS\hpoins01.dat

[2011-04-13 17:14:28 | 000,000,669 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Disque de souvenirs HP.lnk

[2011-04-13 17:14:12 | 000,082,380 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS

[2011-04-13 16:49:58 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk

[2011-04-13 16:49:49 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\HP Photo & Imaging.lnk

[2011-04-13 16:49:31 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\HP Director.lnk

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011-05-07 15:57:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011-05-06 15:43:59 | 000,879,081 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\SecurityCheck.exe

[2011-05-06 13:50:47 | 143,754,240 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\backup outlook.pst

[2011-05-05 21:49:21 | 000,000,392 | ---- | C] () -- C:\ZHPRegY1.zhp

[2011-05-05 21:49:21 | 000,000,392 | ---- | C] () -- C:\ZHPRegY0.zhp

[2011-05-05 21:42:51 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011-05-05 21:36:59 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

[2011-05-05 21:36:59 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

[2011-05-05 21:36:59 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

[2011-05-05 06:47:22 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk

[2011-05-05 06:47:22 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk

[2011-05-04 20:08:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[2011-05-03 13:44:00 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat

[2011-05-03 13:43:58 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ZoneAlarm Security.lnk

[2011-05-03 13:41:28 | 000,425,725 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml

[2011-05-03 13:36:02 | 152,520,704 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ZASPSetup_93_037_000_en.exe

[2011-05-03 10:45:21 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Pjomabadebiri.dat

[2011-05-03 10:45:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Xselihajilesoqa.bin

[2011-05-03 09:22:03 | 003,801,120 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\cpes_clean.exe

[2011-05-02 15:32:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2011-05-01 21:16:42 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib

[2011-05-01 20:20:10 | 000,000,332 | -HS- | C] () -- C:\WINDOWS\tasks\afse.job

[2011-05-01 20:20:09 | 000,126,976 | RHS- | C] () -- C:\WINDOWS\System32\iac25_32X.dll

[2011-04-25 16:30:39 | 003,026,275 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\Camille B&W Selective.jpg

[2011-04-13 17:21:58 | 000,000,531 | ---- | C] () -- C:\hpfr3420.xml

[2011-04-13 17:20:08 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp officejet 4100 series#1302729346.job

[2011-04-13 17:16:51 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp officejet 4100 series.lnk

[2011-04-13 17:14:28 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Disque de souvenirs HP.lnk

[2011-04-13 16:49:58 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk

[2011-04-13 16:49:49 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\HP Photo & Imaging.lnk

[2011-04-13 16:49:30 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\HP Director.lnk

[2011-04-13 16:42:55 | 000,020,471 | ---- | C] () -- C:\WINDOWS\hpoins01.dat

[2011-04-13 16:42:55 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat

[2011-02-09 18:13:02 | 000,429,264 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2010-10-14 20:07:04 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2010-10-09 11:14:50 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\drivers\service.ini

[2010-08-11 15:13:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI

[2010-08-03 21:30:17 | 000,000,292 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc

[2010-06-18 00:11:37 | 000,000,467 | ---- | C] () -- C:\WINDOWS\exifmanager.ini

[2010-05-31 22:10:33 | 000,001,820 | ---- | C] () -- C:\WINDOWS\System32\enc_ba-2_000001.ini

[2010-05-31 22:10:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Progs_.ini

[2010-05-11 21:43:32 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe Enregistrer pour le Web 11.0 Prefs

[2010-03-10 23:58:51 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2010-01-13 21:24:31 | 000,000,395 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI

[2009-09-08 11:11:33 | 000,000,081 | ---- | C] () -- C:\WINDOWS\ISW_SCM.INI

[2009-07-30 13:06:56 | 000,000,067 | ---- | C] () -- C:\WINDOWS\KA.INI

[2009-05-30 00:42:20 | 000,309,248 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll

[2009-04-27 13:18:34 | 019,423,264 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009-04-27 13:01:48 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat

[2009-04-27 13:01:48 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\ibfl.dat

[2009-04-27 13:01:47 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\pdfl.dat

[2009-03-11 21:01:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\DirectCOM.dll

[2009-01-29 21:46:44 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin

[2008-12-31 13:52:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI

[2008-12-08 21:06:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI

[2008-12-07 12:44:54 | 000,030,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys

[2008-10-11 17:11:42 | 000,000,650 | ---- | C] () -- C:\WINDOWS\hegames.ini

[2008-10-11 17:08:10 | 000,000,043 | ---- | C] () -- C:\WINDOWS\Preschol.ini

[2008-10-11 17:07:51 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin040c.exe

[2008-09-08 23:27:33 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat

[2008-08-25 17:13:02 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2008-08-12 11:47:04 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\qttask.exe

[2008-07-01 13:12:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2008-05-27 13:09:19 | 000,000,150 | ---- | C] () -- C:\WINDOWS\Antidote.ini

[2008-02-29 23:44:36 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll

[2008-02-29 09:07:45 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2008-02-29 09:07:45 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\7B4AE373AC.sys

[2008-02-09 09:52:12 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe

[2008-02-09 09:52:12 | 000,003,466 | ---- | C] () -- C:\WINDOWS\unins000.dat

[2008-02-04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL

[2008-01-02 13:43:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini

[2007-12-27 22:20:38 | 000,362,173 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\tvwskclkxc_nav.dat

[2007-12-27 22:20:38 | 000,004,698 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\tvwskclkxc.dat

[2007-12-27 22:20:38 | 000,000,679 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\tvwskclkxc_navps.dat

[2007-11-28 09:16:09 | 000,242,688 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007-11-12 21:23:45 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2007-10-22 22:21:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2007-10-09 20:56:39 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys

[2007-10-09 20:52:16 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd4349.sys

[2007-10-08 21:16:05 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat

[2007-10-08 20:09:40 | 000,018,344 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc040c.dll

[2007-10-08 20:09:40 | 000,018,344 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc040c.dll

[2007-07-03 15:29:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2007-07-03 15:16:20 | 000,000,102 | ---- | C] () -- C:\WINDOWS\System32\softkbd.exe.config

[2007-07-03 15:13:37 | 000,000,052 | ---- | C] () -- C:\WINDOWS\DMIVIEW.INI

[2007-07-03 15:01:14 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll

[2007-07-03 15:01:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll

[2007-07-03 14:51:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2007-07-03 14:43:21 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2007-07-03 10:33:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2007-07-03 10:32:17 | 000,330,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2007-03-12 21:31:28 | 001,732,608 | ---- | C] () -- C:\WINDOWS\System32\BCGPStyle2007Luna.dll

[2004-08-05 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004-08-05 08:00:00 | 000,514,142 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2004-08-05 08:00:00 | 000,444,810 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004-08-05 08:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2004-08-05 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004-08-05 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004-08-05 08:00:00 | 000,086,374 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2004-08-05 08:00:00 | 000,072,686 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004-08-05 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004-08-05 08:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2004-08-05 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004-08-05 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004-08-05 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2004-08-05 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2003-03-09 16:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

[2003-01-21 01:20:21 | 000,000,052 | -H-- | C] () -- C:\WINDOWS\AJ820503.bin

[2002-08-09 11:18:36 | 000,122,368 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.dll

[2002-06-02 18:05:40 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\chkey1.dll

[2001-08-23 03:07:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2001-08-23 03:05:30 | 000,004,484 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2001-04-10 18:03:32 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll

[2000-10-31 19:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ZipSFX.bin

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2007-07-03 14:46:25 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011-05-03 16:55:51 | 000,000,246 | RHS- | M] () -- C:\boot.ini

[2004-08-05 08:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2007-07-03 14:46:25 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2010-10-08 12:14:44 | 000,000,010 | ---- | M] () -- C:\csb.log

[2011-04-13 17:29:36 | 000,000,531 | ---- | M] () -- C:\hpfr3420.xml

[2011-04-13 17:29:36 | 000,001,780 | ---- | M] () -- C:\hpfr3425.log

[2007-07-03 14:46:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2007-07-03 14:46:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004-08-05 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2009-01-23 11:54:45 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2011-05-07 15:44:53 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys

[2011-05-05 21:42:51 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011-05-07 15:57:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2010-10-09 16:18:53 | 000,002,326 | ---- | M] () -- C:\profile_43.txt

[2011-03-08 21:33:46 | 000,194,119 | ---- | M] () -- C:\rollback.ini

[2009-03-28 19:08:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm

[2009-03-28 19:14:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm

[2009-03-09 19:20:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm

[2009-03-09 19:22:43 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm

[2009-03-09 19:24:24 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm

[2009-03-09 19:24:37 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm

[2009-03-27 21:00:22 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm

[2009-03-27 21:08:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm

[2009-03-27 21:31:06 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm

[2009-03-28 08:20:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm

[2009-03-28 08:23:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm

[2009-03-28 08:26:57 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm

[2009-03-28 08:27:53 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm

[2009-03-28 15:11:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm

[2009-03-28 15:12:22 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm

[2009-03-28 15:16:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm

[2009-03-28 15:17:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm

[2009-03-28 19:02:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm

[2009-03-28 19:04:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm

[2009-03-28 19:06:53 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm

[2009-03-28 19:08:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2009-03-28 19:14:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2009-03-09 19:20:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm

[2009-03-09 19:22:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm

[2009-03-09 19:24:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm

[2009-03-09 19:24:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm

[2009-03-27 21:00:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm

[2009-03-27 21:08:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm

[2009-03-27 21:31:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm

[2009-03-28 08:20:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm

[2009-03-28 08:23:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm

[2009-03-28 08:26:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm

[2009-03-28 08:27:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm

[2009-03-28 15:11:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm

[2009-03-28 15:12:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm

[2009-03-28 15:16:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm

[2009-03-28 15:17:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm

[2009-03-28 19:02:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm

[2009-03-28 19:04:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm

[2009-03-28 19:06:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm

[2010-08-21 00:48:53 | 000,219,136 | -HS- | M] () -- C:\Thumbs.db

[2003-03-12 13:50:11 | 000,000,052 | -H-- | M] () -- C:\WM800918.bin

[2011-05-05 21:49:21 | 000,000,392 | ---- | M] () -- C:\ZHPRegY0.zhp

[2011-05-05 21:49:33 | 000,000,392 | ---- | M] () -- C:\ZHPRegY1.zhp

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2011-05-01 20:20:09 | 000,126,976 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\iac25_32X.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

[2011-05-07 16:04:23 | 000,000,332 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\afse.job

 

< %systemroot%\System32\config\*.sav >

[2007-07-03 10:31:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2007-07-03 10:31:29 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2007-07-03 10:31:29 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

 

< %systemroot%\system32\drivers\*.sys /90 >

[2011-04-13 17:14:12 | 000,082,380 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\system32\drivers\AFS2K.SYS

[2011-02-17 09:18:24 | 000,455,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys

[2011-02-17 09:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-27 12:06:44

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B8131DF5

@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3B8F70C

@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B1FCBEB0

@Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:22741C1F

@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7631EA83

@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3D0E56AC

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61AF2B29

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1AFC2166

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7F48F12

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:55818279

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6BF0805F

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4AD2C54D

 

< End of report >

[Dancamelonat]

Voici l'autre

 

 

 

OTL Extras logfile created on: 2011-05-07 15:55:05 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrateur\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

 

1 014,00 Mb Total Physical Memory | 585,00 Mb Available Physical Memory | 58,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74,52 Gb Total Space | 29,69 Gb Free Space | 39,84% Space Free | Partition Type: NTFS

Drive F: | 241,13 Mb Total Space | 155,53 Mb Free Space | 64,50% Space Free | Partition Type: FAT

Drive G: | 14,90 Gb Total Space | 2,20 Gb Free Space | 14,73% Space Free | Partition Type: FAT32

 

Computer Name: PANASONI-D546DF | User Name: Administrateur | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring" = 1

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp

"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update

"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime

"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA

"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView

"{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID

"{11107A2A-AD44-4BC8-ABB5-E88E63BCA785}" = Intel® Network Connections 14.8.43.0

"{128E898B-69B7-4E0F-8F89-A95678725DA1}" = PC Information Viewer

"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 20

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}" = Apple Mobile Device Support

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA

"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{5639BE8E-33DA-402A-B414-1FBED9CC50E1}" = DMI Viewer

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{61172A5D-60AA-43BE-958F-90451024E768}_is1" = Adobe Photoshop CS5 Portable

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0

"{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA)

"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Photo et imagerie HP 2.0 - All-in-One Pilote

"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03

"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg

"{88F3DD4D-C46C-4312-84DA-603087D3F86B}" = hp officejet 4100 series

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr

"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007

"{90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz

"{943622A3-F5E9-464F-A025-90D02F3B8ACE}" = Hotkey Appendix

"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM

"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Photo et imagerie HP 2.0 - All-in-One

"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM

"{99733131-7B00-4E5C-8991-113CD61D8E2F}" = Panasonic Common Components

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A474EA56-5DBD-4181-8230-806A4762EA7F}" = Antidote RX v3

"{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.6 - Français

"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8

"{AD044254-C8D2-4866-9449-890EF278617B}" = CPU Idle Setting

"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4

"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = Disque de souvenirs HP

"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{DEEFA812-64A6-4083-BB38-87F68B6BA820}" = Hotkey Settings

"{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}" = Microsoft .NET Framework 3.0 French Language Pack

"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore

"{EFF9D22F-2549-4A83-A7F1-BF6776A499AD}" = @promt Expert 8 English Giant

"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F1B993AF-70F6-432F-9FA2-59E4DFB9CCE6}" = Rocketfish High-Speed CF/SD/SDHC Card Reader

"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe

"{FD95D9B1-CD01-4240-BE5F-A2CA21B553BC}" = Wireless Switch Utility

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_10F70000" = HDAUDIO Soft Data Fax Modem with SmartCP

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Google Updater" = Outil de mise à jour Google

"HDMI" = Intel® Graphics Media Accelerator Driver

"HP OfficeJet 4100 Series" = Photo et imagerie HP 2.0 - hp officejet 4100 series

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InstallShield_{99733131-7B00-4E5C-8991-113CD61D8E2F}" = Panasonic Common Components

"InstallShield_{F1B993AF-70F6-432F-9FA2-59E4DFB9CCE6}" = Rocketfish High-Speed CF/SD/SDHC Card Reader

"LHTTSFRF" = L&H TTS3000 Français

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MSNINST" = MSN

"NFO viewer_is1" = NFO viewer v 2.1

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Photodex Presenter" = Photodex Presenter

"ProInst" = Intel® PROSet/Wireless Software

"ProShow Producer" = ProShow Producer

"Récupérez vos Fichiers_is1" = Récupérez vos Fichiers

"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20

"Wdf01001" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.1

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"ZHPDiag_is1" = ZHPDiag 1.27

"ZoneAlarm Extreme Security" = ZoneAlarm Extreme Security

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Facebook Plug-In" = Facebook Plug-In

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2011-05-07 12:17:30 | Computer Name = PANASONI-D546DF | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : The connection with the server was terminated abnormally

 

Error - 2011-05-07 15:31:37 | Computer Name = PANASONI-D546DF | Source = Application Hang | ID = 1002

Description = Application bloquée firefox.exe, version 2.0.1.4120, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 2011-05-07 15:31:52 | Computer Name = PANASONI-D546DF | Source = Application Hang | ID = 1002

Description = Application bloquée firefox.exe, version 2.0.1.4120, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 2011-05-07 15:32:14 | Computer Name = PANASONI-D546DF | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : The connection with the server was terminated abnormally

 

Error - 2011-05-07 15:36:50 | Computer Name = PANASONI-D546DF | Source = Application Error | ID = 1000

Description = Application défaillante OUTLOOK.EXE, version 12.0.6555.5000, module

défaillant OUTLOOK.EXE, version 12.0.6555.5000, adresse de défaillance 0x0000d30b.

 

Error - 2011-05-07 15:48:06 | Computer Name = PANASONI-D546DF | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : The connection with the server was terminated abnormally

 

Error - 2011-05-07 15:48:07 | Computer Name = PANASONI-D546DF | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : Cette connexion réseau n'existe pas.

 

Error - 2011-05-07 15:50:04 | Computer Name = PANASONI-D546DF | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : The connection with the server was terminated abnormally

 

Error - 2011-05-07 15:58:09 | Computer Name = PANASONI-D546DF | Source = crypt32 | ID = 131080

Description = Échec de la récupération de la mise à jour automatique du numéro de

séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

avec l'erreur : The connection with the server was terminated abnormally

 

Error - 2011-05-07 16:01:33 | Computer Name = PANASONI-D546DF | Source = Application Error | ID = 1000

Description = Application défaillante svchost.exe, version 5.1.2600.5512, module

défaillant Flash10e.ocx, version 10.0.45.2, adresse de défaillance 0x000a1484.

 

[ OSession Events ]

Error - 2010-06-10 10:34:26 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 40292

seconds with 1020 seconds of active time. This session ended with a crash.

 

Error - 2010-06-15 19:54:35 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 97995

seconds with 2640 seconds of active time. This session ended with a crash.

 

Error - 2010-06-15 19:55:47 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 59

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2010-06-16 10:04:28 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 46645

seconds with 1020 seconds of active time. This session ended with a crash.

 

Error - 2010-10-06 20:43:44 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application

Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 32 seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2010-10-15 08:09:07 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2260

seconds with 300 seconds of active time. This session ended with a crash.

 

Error - 2010-11-10 00:43:36 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 90766

seconds with 1500 seconds of active time. This session ended with a crash.

 

Error - 2010-12-07 09:23:00 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 326885

seconds with 10020 seconds of active time. This session ended with a crash.

 

Error - 2011-01-31 15:49:01 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 59850

seconds with 1320 seconds of active time. This session ended with a crash.

 

Error - 2011-04-13 06:45:14 | Computer Name = PANASONI-D546DF | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 46486

seconds with 960 seconds of active time. This session ended with a crash.

 

[ System Events ]

Error - 2011-05-06 15:04:58 | Computer Name = PANASONI-D546DF | Source = DCOM | ID = 10005

Description = DCOM a reçu l'erreur "%1053" lors de la mise en route du service winmgmt

avec les arguments "" pour démarrer le serveur : {8BC3F05E-D86B-11D0-A075-00C04FB68820}

 

Error - 2011-05-06 15:05:28 | Computer Name = PANASONI-D546DF | Source = DCOM | ID = 10005

Description = DCOM a reçu l'erreur "%1053" lors de la mise en route du service winmgmt

avec les arguments "" pour démarrer le serveur : {8BC3F05E-D86B-11D0-A075-00C04FB68820}

 

Error - 2011-05-06 15:09:18 | Computer Name = PANASONI-D546DF | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.0.101 pour la carte réseau dont l'adresse

réseau est 0013E84AC30F a été refusé par le serveur DHCP 192.168.0.1 (celui-ci a

envoyé un message DHCPNACK).

 

Error - 2011-05-06 15:09:35 | Computer Name = PANASONI-D546DF | Source = sptd | ID = 262148

Description = Le pilote a détecté une erreur interne dans ses structures de données

pour .

 

Error - 2011-05-06 15:11:28 | Computer Name = PANASONI-D546DF | Source = sptd | ID = 262148

Description = Le pilote a détecté une erreur interne dans ses structures de données

pour .

 

Error - 2011-05-06 15:14:48 | Computer Name = PANASONI-D546DF | Source = sptd | ID = 262148

Description = Le pilote a détecté une erreur interne dans ses structures de données

pour .

 

Error - 2011-05-07 09:06:45 | Computer Name = PANASONI-D546DF | Source = Service Control Manager | ID = 7011

Description = Délai (30000 millisecondes) d'attente pour une réponse du service

stisvc à une transaction.

 

Error - 2011-05-07 12:04:45 | Computer Name = PANASONI-D546DF | Source = sptd | ID = 262148

Description = Le pilote a détecté une erreur interne dans ses structures de données

pour .

 

Error - 2011-05-07 15:42:10 | Computer Name = PANASONI-D546DF | Source = sptd | ID = 262148

Description = Le pilote a détecté une erreur interne dans ses structures de données

pour .

 

Error - 2011-05-07 15:45:25 | Computer Name = PANASONI-D546DF | Source = sptd | ID = 262148

Description = Le pilote a détecté une erreur interne dans ses structures de données

pour .

 

 

< End of report >

[Dancamelonat]

J,ai réssi à repartir mon PC mais je ne sais pas combien de temps il va tenir. Souvent explorer refuse de loader et je dois forcer la fermeture en espérant que le prochain boot sera OK. Ce matin écran bleue.....mode sans échec, scan complet antimalware rien, scan ZA rien, et scan spybot qui détecte toujours click.giftload et win32.frudload.edt je crois. nettoyé et mon reboot a fonctionné, mais pour combien de temps....