Problème chargement pages Internet

[Huyo]

OTL logfile created on: 28/05/2011 20:37:02 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Yoann\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19048)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,80% Memory free

4,24 Gb Paging File | 2,96 Gb Available in Paging File | 69,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232,88 Gb Total Space | 87,22 Gb Free Space | 37,45% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-YOANNDEPA | User Name: Yoann | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/05/28 20:34:54 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Yoann\Desktop\OTL.exe

PRC - [2010/09/02 16:12:35 | 001,098,312 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe

PRC - [2010/09/02 16:11:56 | 000,998,472 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe

PRC - [2010/08/26 01:28:53 | 001,330,792 | ---- | M] () -- C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe

PRC - [2010/08/26 00:51:59 | 000,340,552 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe

PRC - [2010/04/16 13:10:14 | 000,410,696 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe

PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008/01/19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/05/28 20:34:54 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Yoann\Desktop\OTL.exe

MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/01/11 03:40:42 | 001,962,192 | ---- | M] (Astrill) [On_Demand | Stopped] -- C:\Program Files\Astrill\ASProxy.exe -- (ASProxy)

SRV - [2011/01/11 03:40:28 | 000,428,056 | ---- | M] (Astrill) [On_Demand | Stopped] -- C:\Program Files\Astrill\ASOvpnSvc.exe -- (ASOVPNHelper)

SRV - [2011/01/06 00:04:24 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)

SRV - [2010/09/02 16:12:35 | 001,098,312 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)

SRV - [2010/08/26 01:28:53 | 001,330,792 | ---- | M] () [Auto | Running] -- C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl)

SRV - [2010/08/26 00:51:59 | 000,340,552 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)

SRV - [2010/04/16 13:10:14 | 000,410,696 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService)

SRV - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/04/29 22:11:24 | 000,029,992 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\GRD.sys -- (GRD)

DRV - [2011/04/29 22:08:20 | 000,038,856 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre)

DRV - [2011/04/29 22:08:19 | 000,062,024 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt)

DRV - [2011/04/29 22:08:19 | 000,033,480 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\GDBehave.sys -- (GDBehave)

DRV - [2011/04/29 21:43:25 | 000,040,904 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd)

DRV - [2010/08/20 22:08:46 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)

DRV - [2009/05/12 22:42:00 | 007,743,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 30 F7 16 1A C6 CB 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://www.google.fr"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: addon@astrill.com:1.4

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.5

FF - prefs.js..extensions.enabledItems: {7E77F5DF-8022-40e3-9122-F03DEBEFC43B}:1.0.25

FF - prefs.js..extensions.enabledItems: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.7.1

FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1..

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 22:12:08 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/29 22:12:08 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt

 

[2010/11/27 12:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yoann\AppData\Roaming\mozilla\Extensions

[2011/05/28 16:30:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yoann\AppData\Roaming\mozilla\Firefox\Profiles\2joili87.default\extensions

[2011/01/29 10:21:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Yoann\AppData\Roaming\mozilla\Firefox\Profiles\2joili87.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/05/21 12:06:34 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Yoann\AppData\Roaming\mozilla\Firefox\Profiles\2joili87.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}

[2010/12/20 23:56:23 | 000,000,000 | ---D | M] (PsicoTSI) -- C:\Users\Yoann\AppData\Roaming\mozilla\Firefox\Profiles\2joili87.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}

[2011/05/21 12:06:34 | 000,000,000 | ---D | M] (FoxTrick) -- C:\Users\Yoann\AppData\Roaming\mozilla\Firefox\Profiles\2joili87.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}

[2011/01/26 22:46:10 | 000,000,000 | ---D | M] ("Astrill Proxy Switcher") -- C:\Users\Yoann\AppData\Roaming\mozilla\Firefox\Profiles\2joili87.default\extensions\addon@astrill.com

[2010/12/11 21:22:23 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Yoann\AppData\Roaming\mozilla\Firefox\Profiles\2joili87.default\extensions\vshare@toolbar

[2011/04/29 21:43:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2011/04/29 21:43:28 | 000,000,000 | ---D | M] (G Data Filtre Internet) -- C:\Program Files\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}

[2010/12/10 23:52:19 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/11/27 14:13:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/16 12:20:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/03/06 21:33:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/03/06 21:33:28 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/10/27 07:39:58 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/10/27 07:39:58 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/10/27 07:39:58 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/10/27 07:39:58 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/10/27 07:39:58 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2010/11/28 13:32:03 | 000,425,952 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 14675 more lines...

O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\Windows\System32\nwiz.exe ()

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\ASProxy.dll (Astrill)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\ASProxy.dll (Astrill)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\ASProxy.dll (Astrill)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\ASProxy.dll (Astrill)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\ASProxy.dll (Astrill)

O13 - gopher Prefix: missing

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\klogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img6.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img6.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/05/28 20:34:47 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Yoann\Desktop\OTL.exe

[2011/05/28 15:43:20 | 000,000,000 | ---D | C] -- C:\Users\Yoann\Documents\SimCity 4

[2011/05/27 09:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2011/05/27 09:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2011/05/23 22:56:45 | 000,000,000 | ---D | C] -- C:\Users\Yoann\Desktop\ZHP Diag

[2011/05/23 22:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/05/23 22:47:11 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/05/15 09:16:27 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/04/29 22:11:24 | 000,029,992 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys

[2011/04/29 21:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data AntiVirus 2011

[2011/04/29 21:43:40 | 000,038,856 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys

[2011/04/29 21:43:26 | 000,062,024 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys

[2011/04/29 21:43:26 | 000,033,480 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys

[2011/04/29 21:43:25 | 000,040,904 | ---- | C] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys

[2011/04/29 21:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA

[2011/04/29 21:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\G Data

[2011/04/29 21:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data

[2011/04/29 21:38:30 | 000,000,000 | ---D | C] -- C:\Users\Yoann\AppData\Local\Downloaded Installations

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/05/28 20:38:26 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/05/28 20:34:54 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Yoann\Desktop\OTL.exe

[2011/05/28 20:05:07 | 000,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/28 20:05:07 | 000,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/28 19:53:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/05/28 16:21:16 | 000,879,092 | ---- | M] () -- C:\Users\Yoann\Desktop\SecurityCheck.exe

[2011/05/28 16:09:34 | 000,704,094 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/05/28 16:09:34 | 000,618,372 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/05/28 16:09:34 | 000,129,404 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/05/28 16:09:34 | 000,106,372 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/05/28 16:06:03 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/05/28 16:05:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/05/28 16:05:03 | 2146,791,424 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/28 04:35:01 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3729A25F-C6D0-4869-AAA6-CCEE535E438A}.job

[2011/05/24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[2011/05/23 22:51:13 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 20:43:29 | 000,216,064 | ---- | M] () -- C:\Users\Yoann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/05/15 09:16:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/05/12 21:19:23 | 003,279,872 | ---- | M] () -- C:\Users\Yoann\Documents\carte anniversaire papy.pub

[2011/04/29 22:11:24 | 000,029,992 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys

[2011/04/29 22:08:20 | 000,038,856 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys

[2011/04/29 22:08:19 | 000,062,024 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys

[2011/04/29 22:08:19 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys

[2011/04/29 21:43:41 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\G Data AntiVirus 2011.lnk

[2011/04/29 21:43:25 | 000,040,904 | ---- | M] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/05/28 20:38:26 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/05/28 16:21:09 | 000,879,092 | ---- | C] () -- C:\Users\Yoann\Desktop\SecurityCheck.exe

[2011/05/23 22:51:13 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/12 14:44:59 | 003,279,872 | ---- | C] () -- C:\Users\Yoann\Documents\carte anniversaire papy.pub

[2011/04/29 21:43:41 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\G Data AntiVirus 2011.lnk

[2011/03/03 21:19:57 | 000,000,000 | ---- | C] () -- C:\Windows\System32\imblacklist.dat

[2011/03/03 21:10:18 | 000,089,188 | ---- | C] () -- C:\ProgramData\bdinstall.bin

[2011/01/26 22:47:08 | 000,002,376 | ---- | C] () -- C:\Windows\System32\ASProxy.ini

[2011/01/26 22:47:08 | 000,001,240 | ---- | C] () -- C:\Windows\System32\ASProxyOff.ini

[2010/12/12 09:39:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2010/12/11 16:31:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010/12/11 16:31:24 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2010/12/10 23:53:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/11/28 11:57:40 | 000,216,064 | ---- | C] () -- C:\Users\Yoann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/11/27 17:19:19 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvTaskbar.exe

[2010/11/27 17:19:18 | 001,724,416 | ---- | C] () -- C:\Windows\System32\nvwdmcpl.dll

[2010/11/27 17:19:18 | 001,650,688 | ---- | C] () -- C:\Windows\System32\nwiz.exe

[2010/11/27 17:19:18 | 000,442,368 | ---- | C] () -- C:\Windows\System32\nvAppBar.exe

[2010/11/27 17:19:17 | 000,466,944 | ---- | C] () -- C:\Windows\System32\nvShell.dll

[2010/11/27 17:19:16 | 001,507,328 | ---- | C] () -- C:\Windows\System32\nView.dll

[2010/11/27 17:19:16 | 001,101,824 | ---- | C] () -- C:\Windows\System32\nvwimg.dll

[2010/11/27 10:15:23 | 000,000,680 | ---- | C] () -- C:\Users\Yoann\AppData\Local\d3d9caps.dat

[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL

[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll

[2006/11/02 17:48:33 | 000,704,094 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2006/11/02 17:48:33 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2006/11/02 17:48:33 | 000,129,404 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2006/11/02 17:48:33 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 14:47:37 | 000,377,008 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 12:33:01 | 000,618,372 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 12:33:01 | 000,106,372 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2011/03/30 21:32:25 | 000,022,474 | ---- | M] () -- C:\bdlog.txt

[2009/06/16 12:24:49 | 000,000,212 | -HS- | M] () -- C:\Boot.BAK

[2010/11/27 10:02:04 | 000,000,356 | RHS- | M] () -- C:\Boot.ini.saved

[2006/03/02 03:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2010/11/27 10:02:04 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2008/01/16 12:48:06 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt

[2008/01/16 12:48:06 | 000,001,110 | ---- | M] () -- C:\globdata.ini

[2011/05/28 16:05:03 | 2146,791,424 | -HS- | M] () -- C:\hiberfil.sys

[2008/01/16 12:48:06 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[2008/01/16 12:48:14 | 000,000,843 | ---- | M] () -- C:\install.ini

[2008/01/16 12:52:54 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll

[2009/07/30 15:19:05 | 020,251,560 | ---- | M] (Microsoft Corporation) -- C:\installation_ie8-xp.exe

[2009/07/30 14:41:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/07/30 14:41:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2006/03/02 03:00:00 | 000,047,564 | -HS- | M] () -- C:\ntdetect.com

[2009/07/30 14:22:16 | 000,252,240 | -HS- | M] () -- C:\ntldr

[2011/05/28 16:05:02 | 2460,614,656 | -HS- | M] () -- C:\pagefile.sys

[2011/05/23 22:51:13 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/28 20:38:26 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2009/07/30 14:49:36 | 000,000,065 | -H-- | M] () -- C:\TrackitAudit.id

[2008/01/16 12:48:06 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp

[2009/06/05 09:28:32 | 000,512,846 | ---- | M] () -- C:\vcredist_x86.log

[2008/01/16 12:58:54 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab

[2008/01/16 13:00:56 | 000,233,984 | ---- | M] () -- C:\VC_RED.MSI

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2006/11/02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006/11/02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006/11/02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 

< %systemroot%\system32\drivers\*.sys /90 >

[2011/04/29 22:08:19 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys

[2011/04/29 21:43:25 | 000,040,904 | ---- | M] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys

[2011/04/29 22:11:24 | 000,029,992 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys

[2011/04/29 22:08:20 | 000,038,856 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys

[2011/04/29 22:08:19 | 000,062,024 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-28 07:09:28

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A745DB5D

 

< End of report >

 

OTL Extras logfile created on: 28/05/2011 20:37:02 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Yoann\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19048)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,80% Memory free

4,24 Gb Paging File | 2,96 Gb Available in Paging File | 69,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232,88 Gb Total Space | 87,22 Gb Free Space | 37,45% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-YOANNDEPA | User Name: Yoann | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{55B2EBDE-2916-4ED2-96EE-30E3FBF2E581}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{10039983-9A40-464E-B177-5F0636832FC1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

"{113CF08C-8897-438B-993A-6B998F43B472}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

"{15987E1E-74C6-4BC6-BC43-B83D9C70F6CF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{6AF1EDC9-5B14-4766-B590-1A4BA07BB9DC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{6FE59A12-5CCE-419F-87A4-4EA1A4BCF1A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{B0C60008-494D-4F2E-B3F1-0165B8BA0BE4}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |

"{B10A8215-6B8F-4D33-BA86-B33E84899F24}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{B48673E0-8DC8-44F8-B086-C9E17EF92357}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{B5F624A2-1208-44F7-9235-635524DD52AD}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2011\fm.exe |

"{C8568DBA-464C-4B34-A9B9-BC6F05225130}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2011\fm.exe |

"{E9443A2B-B254-45B9-B98B-DA61F560ACB5}" = dir=in | app=c:\program files\itunes\itunes.exe |

"{F0C2C2E5-8EAC-489E-8A7A-77F327ADBC28}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |

"TCP Query User{04327E66-756F-46FE-AC3E-828AD57CBC2A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"TCP Query User{AE36EDFB-00DA-4252-B61D-E02AA3272F99}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{27E0DB3F-7751-48B9-A77B-4A071E9D4C14}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{67080132-1EB0-4AEE-BC9D-8D1184120B09}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 24

"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari

"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007

"{90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A77BCF74-A5A3-441B-9923-305EAD8B7976}_is1" = Astrill 2.2.0.1824

"{A7FB84F1-FA4F-4B50-9AEC-4F83AB1DFEBE}" = G Data AntiVirus 2011

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Français

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support

"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0

"8461-7759-5462-8226" = Vuze

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"CCleaner" = CCleaner

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Football Manager 2011" = Football Manager 2011

"GoldBarre" = GoldBarre

"Google Chrome" = Google Chrome

"Hattrick Organizer" = Hattrick Organizer (remove only)

"LEGO Digital Designer" = LEGO Digital Designer

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)

"NVIDIA Drivers" = NVIDIA Drivers

"nView Desktop Manager" = NVIDIA nView Desktop Manager

"Revo Uninstaller" = Revo Uninstaller 1.90

"Veetle TV" = Veetle TV 0.9.18

"VLC media player" = VLC media player 1.1.5

"WinRAR archiver" = Logiciel d'archivage WinRAR

"Wise Registry Cleaner_is1" = Wise Registry Cleaner Professional V5.8.7

"ZHPDiag_is1" = ZHPDiag 1.27

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 29/04/2011 15:32:34 | Computer Name = PC-de-Yoanndepa | Source = VSS | ID = 8194

Description =

 

Error - 29/04/2011 16:18:03 | Computer Name = PC-de-Yoanndepa | Source = Application Hang | ID = 1002

Description = Le programme SpybotSD.exe version 1.6.2.46 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans l’application Rapports et

solutions aux problèmes du Panneau de configuration. ID de processus : b70 Heure de

début : 01cc06aa3ad4ea6d Heure de fin : 16

 

Error - 30/04/2011 05:51:53 | Computer Name = PC-de-Yoanndepa | Source = Application Error | ID = 1000

Description = Application défaillante ASOvpnSvc.exe, version 1.0.0.0, horodatage

0x00000000, module défaillant ASOvpnSvc.exe, version 1.0.0.0, horodatage 0x00000000,

code d’exception 0xc0000005, décalage d’erreur 0x00025e69, ID du processus 0x870,

heure de début de l’application 0x01cc071baf6ab490.

 

Error - 02/05/2011 01:03:06 | Computer Name = PC-de-Yoanndepa | Source = Application Error | ID = 1000

Description = Application défaillante ASOvpnSvc.exe, version 1.0.0.0, horodatage

0x00000000, module défaillant ASOvpnSvc.exe, version 1.0.0.0, horodatage 0x00000000,

code d’exception 0xc0000005, décalage d’erreur 0x00025e69, ID du processus 0xf50,

heure de début de l’application 0x01cc071d20f7d6a0.

 

Error - 04/05/2011 01:36:20 | Computer Name = PC-de-Yoanndepa | Source = Application Error | ID = 1000

Description = Application défaillante ASOvpnSvc.exe, version 1.0.0.0, horodatage

0x00000000, module défaillant ASOvpnSvc.exe, version 1.0.0.0, horodatage 0x00000000,

code d’exception 0xc0000005, décalage d’erreur 0x00025e69, ID du processus 0x129c,

heure de début de l’application 0x01cc09d3fb8d2330.

 

Error - 05/05/2011 12:02:58 | Computer Name = PC-de-Yoanndepa | Source = Application Error | ID = 1000

Description = Application défaillante ASOvpnSvc.exe, version 1.0.0.0, horodatage

0x00000000, module défaillant ASOvpnSvc.exe, version 1.0.0.0, horodatage 0x00000000,

code d’exception 0xc0000005, décalage d’erreur 0x00025e69, ID du processus 0x1194,

heure de début de l’application 0x01cc0a99893b5612.

 

Error - 10/05/2011 14:49:58 | Computer Name = PC-de-Yoanndepa | Source = Application Error | ID = 1000

Description = Application défaillante ASOvpnSvc.exe, version 1.0.0.0, horodatage

0x00000000, module défaillant ASOvpnSvc.exe, version 1.0.0.0, horodatage 0x00000000,

code d’exception 0xc0000005, décalage d’erreur 0x00025e69, ID du processus 0x17f8,

heure de début de l’application 0x01cc0b52e784bae2.

 

Error - 16/05/2011 14:49:58 | Computer Name = PC-de-Yoanndepa | Source = Windows Search Service | ID = 3013

Description =

 

Error - 28/05/2011 02:34:53 | Computer Name = PC-de-Yoanndepa | Source = Application Error | ID = 1000

Description = Application défaillante ASOvpnSvc.exe, version 1.0.0.0, horodatage

0x00000000, module défaillant ASOvpnSvc.exe, version 1.0.0.0, horodatage 0x00000000,

code d’exception 0xc0000005, décalage d’erreur 0x00025e69, ID du processus 0x5d8,

heure de début de l’application 0x01cc1caab6cf6d89.

 

Error - 28/05/2011 09:53:17 | Computer Name = PC-de-Yoanndepa | Source = VSS | ID = 8194

Description =

 

[ System Events ]

Error - 18/05/2011 06:06:37 | Computer Name = PC-de-Yoanndepa | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 5.5.1.15 pour la carte réseau dont l'adresse

réseau est 00FFA0F513D3 a été refusé par le serveur DHCP 5.5.15.254 (celui-ci a

envoyé un message DHCPNACK).

 

Error - 18/05/2011 13:00:29 | Computer Name = PC-de-Yoanndepa | Source = Service Control Manager | ID = 7000

Description =

 

Error - 21/05/2011 17:56:36 | Computer Name = PC-de-Yoanndepa | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 5.5.1.15 pour la carte réseau dont l'adresse

réseau est 00FFA0F513D3 a été refusé par le serveur DHCP 5.5.15.254 (celui-ci a

envoyé un message DHCPNACK).

 

Error - 22/05/2011 14:41:04 | Computer Name = PC-de-Yoanndepa | Source = DCOM | ID = 10010

Description =

 

Error - 27/05/2011 02:38:41 | Computer Name = PC-de-Yoanndepa | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 5.5.1.15 pour la carte réseau dont l'adresse

réseau est 00FFA0F513D3 a été refusé par le serveur DHCP 5.5.15.254 (celui-ci a

envoyé un message DHCPNACK).

 

Error - 27/05/2011 03:05:24 | Computer Name = PC-de-Yoanndepa | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 5.5.1.15 pour la carte réseau dont l'adresse

réseau est 00FFA0F513D3 a été refusé par le serveur DHCP 5.5.15.254 (celui-ci a

envoyé un message DHCPNACK).

 

Error - 27/05/2011 03:17:35 | Computer Name = PC-de-Yoanndepa | Source = Service Control Manager | ID = 7000

Description =

 

Error - 27/05/2011 16:14:51 | Computer Name = PC-de-Yoanndepa | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 5.5.1.15 pour la carte réseau dont l'adresse

réseau est 00FFA0F513D3 a été refusé par le serveur DHCP 5.5.15.254 (celui-ci a

envoyé un message DHCPNACK).

 

Error - 28/05/2011 03:09:26 | Computer Name = PC-de-Yoanndepa | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20

Description =

 

Error - 28/05/2011 10:05:19 | Computer Name = PC-de-Yoanndepa | Source = Service Control Manager | ID = 7000

Description =

 

 

< End of report >

[lance_yien]

Bonjour,

 

>>> Programmes antispyware: Ton rapport montre que les programmes suivants son installés et son actifs sur ta machine:

Spybot - Search & Destroy

Windows Defender

 

Je te suggère de désinstaller ou désactiver le premier OU désactiver le second.

Tu peux utiliser Malware Bytes Anti-Malware pour des scans occasionnels.

--

 

>>> OTL: (Re)brancher (et allumer) tous les médias amovibles disponibles et fermer toute s les applications et fenêtres en cours.

Désactiver les programmes de protection (antivirus etc...) et lancer OTL.

Copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008/01/19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

SRV - [2011/01/06 00:04:24 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)

SRV - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A745DB5D

 

:Services

 

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"8461-7759-5462-8226" = -

 

:Files

ipconfig /flushdns /c

C:\WINDOWS\tasks\*.job

C:\*.sqm

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

 

Rapports demandés:

• OTL.txt

Est-ce mieux?

Modifié le 21 juillet 2011 par lance_yien

[Huyo]

petite question avant de faire tout ça....

 

pour le 1er, je vais le désinstaller pas de soucis.

pour le second Windows Defender....j'ai pas l'impression qu'il prend véritablement en compte ma désactivation quand j'y retourne, il est automatiquement coché (panneau de config -----> Windows defender ----> outils ----> Option ----> tout en bas, je décoche utiliser Windows defender.... ; il me fait apparaitre une fenetre comme quoi il est désactiver, mais quand je refais le même chemin, c'est cocher

[lance_yien]

Après avoir décoché la case, as-tu cliqué sur Enregistrer.

Si tu n'arrives pas passe au reste.

[Huyo]

All processes killed

========== OTL ==========

No active process named SDWinSec.exe was found!

No active process named MSASCui.exe was found!

Service Boonty Games stopped successfully!

Service Boonty Games deleted successfully!

C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe moved successfully.

Error: No service named SBSDWSCService was found to stop!

Service\Driver key SBSDWSCService not found.

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe moved successfully.

Service WinDefend stopped successfully!

Service WinDefend deleted successfully!

File move failed. C:\Program Files\Windows Defender\mpsvc.dll scheduled to be moved on reboot.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

Prefs.js: vshare@toolbar:1.0.0 removed from extensions.enabledItems

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ not found.

File C:\PROGRA~1\SPYBOT~1\SDHelper.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5}\ deleted successfully.

C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.

C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender deleted successfully.

File move failed. C:\Program Files\Windows Defender\MSASCui.exe scheduled to be moved on reboot.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter deleted successfully.

File move failed. C:\Windows\System32\oobefldr.dll scheduled to be moved on reboot.

ADS C:\ProgramData\TEMP:A745DB5D deleted successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\8461-7759-5462-8226 not found.

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

C:\Users\Yoann\Desktop\cmd.bat deleted successfully.

C:\Users\Yoann\Desktop\cmd.txt deleted successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

C:\WINDOWS\tasks\User_Feed_Synchronization-{3729A25F-C6D0-4869-AAA6-CCEE535E438A}.job moved successfully.

File\Folder C:\*.sqm not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Mélanie

 

User: Public

 

User: Yoann

->Temp folder emptied: 386552998 bytes

->Temporary Internet Files folder emptied: 9481265 bytes

->Java cache emptied: 263274 bytes

->FireFox cache emptied: 95256525 bytes

->Google Chrome cache emptied: 0 bytes

->Apple Safari cache emptied: 0 bytes

->Flash cache emptied: 17173 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 6661 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 469,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Mélanie

 

User: Public

 

User: Yoann

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.23.0 log created on 05292011_194735

 

Files\Folders moved on Reboot...

File move failed. C:\Program Files\Windows Defender\mpsvc.dll scheduled to be moved on reboot.

File move failed. C:\Program Files\Windows Defender\MSASCui.exe scheduled to be moved on reboot.

File move failed. C:\Windows\System32\oobefldr.dll scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

[Huyo]

Après avoir décoché la case, as-tu cliqué sur Enregistrer.

Si tu n'arrives pas passe au reste.

 

 

c'est bon en faite..

[lance_yien]

Si tu n'as plus de problèmes,

 

>>> Supprimer les utilitaires:

- Lancer OTL et cliquer sur Purge outils. Laisser faire et redémarrer le PC.

- Pour supprimer les autres utilitaires et leur rapports, cliquer-droit dessus => "Supprimer".

 

 

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC:

Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (pour toi c'est 32 bits): Téléchargements Java pour tous les systèmes d'exploitation.

 

 

Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:

Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".

Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône .

Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.

Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.

 

 

>>> Ré-initialiser les Points de Restauration parce qu'elles peuvent contenir des traces d'infection:

Cliquer-droit sur "Ordinateur" => "Propriétés" => "Système" => "Protection Système". Décocher la case devant le nom de la partition système (généralement C:) et laisser faire.

Quand c'est fini cocher cette même case => "OK" et redémarrer le PC.

Un nouveau point de restauration sera créé.

 

 

>>> Vérifier/ Activer l'UAC: Parce qu'il y a de plus en plus de malware qui exploitent la désactivation de l'UAC (contrôle de compte utilisateur) de Windows (Vista et W7) pour installer des rootkits, garder ce module activé même s'il paraît, des fois, énervant:

Cliquer sur "Démarrer" => "Panneau de configuration". Cliquer sur " Comptes d'utilisateurs..." => "Activer ou désactiver le contrôle des comptes d'utilisateurs". Cocher la case "Utiliser le Contrôle des Comptes d'utilisateurs pour vous aider..." => OK.

Redémarrer le PC quand c'est demandé.

 

 

 

>>> StartUpLite Il y a toujours des programmes qui se lancent INUTILEMENT en même temps que Windows.

Télécharger, sur le Bureau, MBAM' StartUpLite depuis ici.

Fermer toutes les applications en cours et autres fenêtres ouvertes et cliquer-droit sur StartUpLite.exe => "Exécuter en tant qu'administrateur" pour lancer le programme.

Il affichera toutes les entrées inutiles en démarrage automatique

Sélectionner TOUTES les entrées affichées et cliquer sur Continue.

S'il affiche "No unnecessary startups found!", c'est qu'il n'y a rien à faire.

 

 

>>> Protéger/ Sécuriser:

• Vérifier le Pare-feu: Un pare-feu est le 1er rempart contre les intrusions.
  - Ceux de Vista/ Windows 7 peuvent suffire, juste contrôler et activer si nécessaire depuis le "Centre de sécurité".
  - Celui inclus dans Windows XP ne contrôle pas le flux sortant d'Internet d'où l'importance d'en installer un autre.
  Vérifier et choisir, si nécessaire, un parmi ceux-ci (gratuits): Online Armor Firewall, Sunbelt Personal Firewall, Outpost Firewall FREE.
   
  
• Contrôler et configurer les mises à jour Windows:
  - Cliquer ICI et installer toutes les Mises à jour critiques après avoir accepté l'installation de l'activex (si proposé).
  - OU, cliquer sur "Démarrer" => "Tous les programmes" => "Windows update".
  - ET, optez (si ce n'est pas encore fait) pour une MAJ Automatique à une heure où vous êtes sûr que votre PC n'est pas éteint.
   
  
• Installer PSI de Secunia pour des MAJ logiciels
  
• Installer Mes drivers pour des MAJ pilotes (cliquer sur Lancer la détection
  
• Utiliser PC Pitstop pour Optimiser votre PC (en anglais)
  
• Sauvegarder le Registre avec Erunt
  Pour des raisons évidentes, garder les copies de sauvegarde sur un support autre que le disque système.
  
• Immunisez votre machine avec Spyware Blaster, compatible avec Toutes les versions de Windows 32bit et 64bit. Tuto.
  
• Vaccinez votre machine et vos médias amovibles (clés USB...) avec MKV contre les "vers" (Autorun worms). Juste brancher tous les médias amovibles, lancer le programme et cliquer sur le bouton Vaccination (l'action est réversible en cliquant sur "Supprimer la vaccination".
  
• Opter pour Firefox ou Opera pour la navigation de tous les jours et réserver Internet Explorer pour les Mises à jour et les cas bien spécifiques.
  
• Nettoyer et dé-fragmenter, régulièrement, les Partitions/ Disques.

 

>>> Ce qu'il faut ÉVITER ABSOLUMENT: Parce qu'il existe toujours un programme/logiciel gratuit et légal pour pratiquement tout ce qu'on veut, supprimer de votre machine et rester à l'écart de tout ce qui est,

• Warez , Crack , keygen etc. Arrêter de croire que ces programmes sont là juste pour faire plaisir ou rendre service. Il n'y a qu'à parcourir les Forums pour voir le nombre de PC victimes de ces programmes.
  
• P2P , *.Torrent etc: Lire attentivement Le danger des P2P.

 

>>> Ajouter Résolu: Merci d'éditer ton 1er post pour ajouter [Résolu] à la fin du titre après avoir cliqué sur le bouton "Modifier".

 

Bonne chance!

[Huyo]

Je reprend le boulot demain , je fais tout ça sous 48h....

 

ça va me laisser le temps de voir si internet roule nikel ....je te tiens au courant...

 

Merci.

[Huyo]

Bonsoir,

 

J'ai pas totalement termine concernant les nettoyages et autres manip. A 1er vue j'ai encore quelques soucis. Je fais le reste et je vous dis quoi.

 

Cordialement