Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Analyse HiJack This - Internet lent...

KS_Croc

Par KS_Croc
dans Analyses et éradication malwares

 Partager

Messages recommandés

KS_Croc Power Member

KS_Croc

Posté(e)
Posté(e) (modifié)

Bonjour à tous,

Depuis quelques temps, mon Internet est lent...

J'ai effectué tous les scans recommandés qui ne m'indiquent rien de particulier.

(Malware bytes, Antivir, Spybot)

 

Pourriez-vous jeter un oeil à mon analyse HiJack This?

(Tout conseil d'optimisation est également bienvenu) :-)

 

Merci d'avance!

 

______________________________________________________________________________

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:09:01, on 21/07/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\tools\Avira\AntiVir Desktop\sched.exe

C:\tools\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe

C:\tools\Avira\AntiVir Desktop\avshadow.exe

C:\toons\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\tools\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\tools\Avira\AntiVir Desktop\avnotify.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\tools\iTunes\iTunesHelper.exe

C:\tools\Mozilla Firefox\firefox.exe

C:\tools\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Nico\Bureau\icons\secu\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\tools\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\tools\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [QuickTime Task] "C:\tools\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\tools\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\tools\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\tools\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NMSAccessU - Unknown owner - C:\toons\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

 

--

End of file - 8468 bytes

_________________________________________________________________________________

Modifié par KS_Croc

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour KS_Croc,

 

>>> Coller les rapports directement car plus facile à étudier. Merci!

De notre côté, nous utilisons certains formatages de texte et/ ou certaines couleurs juste dans le but d'attirer l'attention afin d'éviter toute mauvaise manipulation risquant de créer des problèmes.

 

Très Important!

 

exclam.gif>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

Si à la place du bouton "Suivre ce sujet" tu as "Arrêter de suivre ce sujet", c'est que les réglages ont déjà été faits.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

 

exclam.gif>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

exclam.gif>>> Que faire à la réception de nouvelles instructions:

  • Lire la totalité du message.
  • Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau. Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau (ou les déplacer avant utilisation par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller").
  • Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  • Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  • NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

exclam.gif>>> Comment répondre:

- Cliquer sur le bouton zeb_bouton.png (et non sur zeb-bouton2.png car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

 

exclam.gif>>> Ne pas abandonner son sujet avant d'avoir été informé(e) que tout est OK.

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

>>> CCleaner: Télécharger et installer CCleaner depuis ici (si tu ne l'as pas).

Lancer "CCleaner"[/b][/color] en cliquant sur son icône sur le Bureau ou en cliquant sur "Démarrer" => "Tous les programmes" => "CCleaner".

Dans la fenêtre principale, cocher les cases comme ceci (d'autres cases peuvent être cochées pour ceux qui maîtrisent l'outil): cclean-fr1.png

Cliquer sur "Nettoyeur" à gauche, sur "Analyser" à droite et laisser faire.

Cliquer sur "Nettoyer" quand c'est prêt autant de fois qu'il y a encore des items dans l'encadré à droite.

Il ne faut pas se servir du bouton "Registre" (à gauche) pendant la désinfection.

 

 

>>> ESET Online Scanner: Brancher et allumer tous les médias amovibles disponibles (DD externe, clés USB etc) et désactiver antivirus/ parefeu et antispyware.

Utiliser Internet Explorer pour aller ICI.

  • Cliquer sur le bouton vert ESET Online Scanner, cocher la case "YES, I accept the Terms of Use" et cliquer sur Start.
  • Accepter l'installation de l'ActiveX.
  • Cocher "Scan archives", DEcocher "Remove found threats" et cliquer Start. eset20.png
  • Eset téléchargera la base de données et commencera le scan. Le laisser finir son scan.
  • Ensuite, cliquer sur "List of found threats" eset3.png
  • Cliquer sur "Export to text file..." eset4.png et sauvegarder les résultats sur le Bureau en le nommant "scan-results" pour les copier/coller ici.
  • Cliquer sur eset-back.png et cocher la case Uninstall application on close eset5.png pour supprimer ESET Online Scanner de la machine.

Cliquer sur eset-fin.png et poster le rapport.

 

 

>>> Utiliser SecurityCheck: Télécharger Security Check (par screen317) depuis ici ou ici.

Fermer toutes les fenêtres et applications ouvertes et double-cliquer sur "SecurityCheck.exe".

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

 

 

Rapports demandés:

  • scan-results.txt
  • checkup.txt

Est-ce mieux?

  • 4 semaines après...
KS_Croc Power Member

KS_Croc

Posté(e)
  • Auteur
Posté(e)

Bonjour,

pas d'amélioration notable de la rapidité d'internet...

Voici les rapports :

_________________________________

ESET

Aucune menace détectée

 

_________________________________

CHECKUP

 

Results of screen317's Security Check version 0.99.18

Windows XP Service Pack 3

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Avira AntiVir Personal - Free Antivirus

ESET Online Scanner v3

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

HijackThis 2.0.2

CCleaner

Java 6 Update 11

Java 6 Update 3

Java 6 Update 5

Java 6 Update 7

Out of date Java installed!

Adobe Flash Player 10.3.181.26

Mozilla Firefox (3.6.8)Firefox Out of Date!

Mozilla Thunderbird (3.1.2) Thunderbird Out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

``````````End of Log````````````

 

_________________________________

HIJACKTHIS

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 06:28:19, on 18/08/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\tools\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\Explorer.EXE

C:\toons\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\tools\Avira\AntiVir Desktop\avgnt.exe

C:\tools\iTunes\iTunesHelper.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\dllhost.exe

C:\tools\Avira\AntiVir Desktop\avguard.exe

C:\tools\Avira\AntiVir Desktop\avshadow.exe

C:\tools\Mozilla Firefox\firefox.exe

C:\tools\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\Nico\Bureau\icons\secu\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\tools\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\tools\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\tools\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\tools\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10t_Plugin.exe -update plugin

O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\tools\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\tools\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NMSAccessU - Unknown owner - C:\toons\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

 

--

End of file - 8772 bytes

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour,

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe.

Copier/ coller ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

 

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ coller le contenu de chaque rapport dans une prochaine réponse, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

Rapports demandés:

  • OTL.txt
  • Extras.txt
KS_Croc Power Member

KS_Croc

Posté(e)
  • Auteur
Posté(e)

OTL.txt

_______________

OTL logfile created on: 18/08/2011 19:29:39 - Run 1

OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Nico\Mes documents\Téléchargements

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

511,48 Mb Total Physical Memory | 205,52 Mb Available Physical Memory | 40,18% Memory free

1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,43% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74,22 Gb Total Space | 25,08 Gb Free Space | 33,79% Space Free | Partition Type: NTFS

Drive D: | 72,27 Gb Total Space | 51,31 Gb Free Space | 70,99% Space Free | Partition Type: NTFS

Drive E: | 2,55 Gb Total Space | 1,10 Gb Free Space | 42,92% Space Free | Partition Type: FAT32

 

Computer Name: HERMES | User Name: Nico | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/08/18 19:23:03 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nico\Mes documents\Téléchargements\OTL.exe

PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011/04/28 07:36:12 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\tools\Avira\AntiVir Desktop\sched.exe

PRC - [2011/03/31 16:48:11 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\tools\Avira\AntiVir Desktop\avguard.exe

PRC - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/08/17 14:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\tools\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/01/14 23:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\tools\Avira\AntiVir Desktop\avshadow.exe

PRC - [2008/10/20 22:18:26 | 000,071,096 | ---- | M] () -- C:\toons\CDBurnerXP\NMSAccessU.exe

PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe

PRC - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe

PRC - [2006/02/10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

PRC - [2003/05/02 09:23:58 | 000,954,475 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

PRC - [2001/08/09 03:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2010/10/06 23:52:44 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9ae37194\mscorlib.dll

MOD - [2010/10/06 23:52:39 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6427b8ac\system.drawing.dll

MOD - [2010/10/06 23:52:32 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_c84ed540\system.xml.dll

MOD - [2010/10/06 23:52:24 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_2ba453b1\system.windows.forms.dll

MOD - [2010/10/06 23:52:09 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_2dd7f61e\system.dll

MOD - [2010/10/06 23:51:56 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll

MOD - [2010/06/17 16:28:02 | 000,355,688 | ---- | M] () -- C:\tools\Avira\AntiVir Desktop\sqlite3.dll

MOD - [2009/02/27 17:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA

MOD - [2009/01/11 00:15:44 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll

MOD - [2009/01/11 00:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll

MOD - [2008/10/27 17:27:37 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll

MOD - [2008/10/27 17:27:36 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqisrtb.resources.dll

MOD - [2008/10/27 17:27:29 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll

MOD - [2008/10/27 17:27:29 | 000,376,832 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqedit.resources.dll

MOD - [2008/10/27 17:27:28 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll

MOD - [2008/10/27 17:27:28 | 000,258,048 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqbakup.resources.dll

MOD - [2008/10/27 17:27:24 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll

MOD - [2008/10/27 17:27:23 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll

MOD - [2008/10/27 17:27:23 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqprrsc.resources.dll

MOD - [2008/10/27 17:27:22 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll

MOD - [2008/10/27 17:27:22 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll

MOD - [2008/10/27 17:27:22 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll

MOD - [2008/10/27 17:27:22 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll

MOD - [2008/10/27 17:27:22 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll

MOD - [2008/10/27 17:27:22 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll

MOD - [2008/10/27 17:27:22 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll

MOD - [2008/10/27 17:27:21 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll

MOD - [2008/10/27 17:27:21 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll

MOD - [2008/10/27 17:27:21 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll

MOD - [2008/10/27 17:27:21 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll

MOD - [2008/10/27 17:27:20 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll

MOD - [2008/10/27 17:27:20 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll

MOD - [2008/10/27 17:27:20 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll

MOD - [2008/10/27 17:27:20 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll

MOD - [2008/10/27 17:27:20 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll

MOD - [2008/10/27 17:27:20 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll

MOD - [2008/10/27 17:27:19 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll

MOD - [2008/10/27 17:27:19 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll

MOD - [2008/10/27 17:27:19 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqtray.resources.dll

MOD - [2008/10/27 17:27:19 | 000,094,208 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqcprsc.resources.dll

MOD - [2008/10/27 17:27:19 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll

MOD - [2008/10/27 17:27:19 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll

MOD - [2008/10/27 17:27:19 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll

MOD - [2008/10/27 17:27:19 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqfmrsc.resources.dll

MOD - [2008/10/27 17:27:19 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll

MOD - [2008/10/27 17:27:19 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll

MOD - [2008/10/27 17:27:18 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll

MOD - [2008/10/27 17:27:18 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll

MOD - [2008/10/27 17:27:18 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqcc2.resources.dll

MOD - [2008/10/20 22:18:26 | 000,071,096 | ---- | M] () -- C:\toons\CDBurnerXP\NMSAccessU.exe

MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2005/10/20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll

MOD - [2005/10/20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll

MOD - [2005/09/13 01:04:13 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll

MOD - [2005/09/13 01:04:12 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll

MOD - [2005/09/13 01:04:11 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll

MOD - [2003/09/22 11:26:35 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\mscorlib.resources.dll

MOD - [2003/09/22 11:26:35 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_fr_b77a5c561934e089\system.resources.dll

MOD - [2003/09/22 11:25:51 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll

MOD - [2003/05/15 03:11:04 | 000,753,664 | ---- | M] () -- D:\Tools\Adobe\Adobe Acrobat 6.0\Distillr\AdistRes.FRA

MOD - [2003/05/02 09:23:58 | 000,954,475 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

MOD - [2003/05/02 09:23:10 | 000,081,920 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\languages\french.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/04/28 07:36:12 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\tools\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/03/31 16:48:11 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\tools\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2008/10/20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\toons\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)

SRV - [2008/04/13 20:46:21 | 000,011,776 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\bdasup.sys -- (Rasiecw)

SRV - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

SRV - [2007/06/29 02:01:48 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)

SRV - [2005/04/04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2003/07/28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2001/08/09 03:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2011/03/31 16:48:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2010/12/13 18:14:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/06/17 16:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010/06/17 16:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\tools\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008/04/13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)

DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - [2007/06/29 02:01:48 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)

DRV - [2004/11/22 17:36:40 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)

DRV - [2003/10/05 10:41:14 | 000,123,520 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sojubus.sys -- (sojubus)

DRV - [2003/09/28 10:57:52 | 000,005,504 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sojuscsi.sys -- (sojuscsi)

DRV - [2003/07/22 08:14:04 | 000,004,608 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\npptNT.sys -- (NPPTNT)

DRV - [2003/05/22 17:44:44 | 000,670,203 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51)

DRV - [2003/05/15 15:04:00 | 000,126,764 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nvcap.sys -- (nvcap) nVidia WDM Video Capture (universal)

DRV - [2003/05/15 15:04:00 | 000,013,070 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nvxbar.sys -- (NVXBAR)

DRV - [2003/04/19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)

DRV - [2003/03/27 15:38:44 | 000,127,145 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)

DRV - [2003/03/25 19:02:12 | 000,046,455 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)

DRV - [2003/03/02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)

DRV - [2003/02/20 09:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)

DRV - [2002/07/10 17:39:34 | 000,032,256 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)

DRV - [2002/04/17 20:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K)

DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

DRV - [2001/08/17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge.

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar_bak = http://81.211.105.9/search.php?v=1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page_bak = http://81.211.105.9/index.php?v=1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic_France Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q="

 

FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\tools\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\tools\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\tools\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\tools\Mozilla Firefox\components [2011/08/18 19:28:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\tools\Mozilla Firefox\plugins [2011/08/18 19:28:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\tools\Mozilla Thunderbird\components [2011/08/18 19:28:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\tools\Mozilla Thunderbird\plugins

 

[2010/08/11 10:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Extensions

[2010/08/11 10:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011/06/23 06:14:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions

[2009/06/25 20:24:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/02/15 09:02:26 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}

[2010/08/11 23:34:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2009/03/29 11:59:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010/08/09 22:45:55 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/08/09 22:45:55 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/08/09 22:45:55 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/08/09 22:45:56 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/08/09 22:45:56 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2009/03/30 15:04:19 | 000,000,137 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\tools\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [Cmaudio] C:\WINDOWS\CMICNFG.CPL (C-Media Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\tools\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe ()

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)

O4 - Startup: C:\Documents and Settings\Nico\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk = C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaultButtons = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Search = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: ([]msn in My Computer)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewido.net/ewidoOnlineScan.cab (ewidoOnlineScan Control)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (Reg Error: Key error.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37886.2140277778 (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{3091d8b8-0c75-11dc-9a38-000c76678d6a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe

O33 - MountPoints2\{9e2fecec-613a-11db-9a03-000c76678d6a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe

O33 - MountPoints2\{b6d8940b-2ce9-11da-995f-000c76678d6a}\Shell\Setup\command - "" = C:\WINDOWS\System32\setup.exe -- [2008/04/14 04:34:21 | 000,023,040 | ---- | M] (Microsoft Corporation)

O33 - MountPoints2\{fc5b2ccd-1c8f-11de-90aa-000c76678d6a}\Shell\AutoRun\command - "" = H:\setupSNK.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: Ip6FwHlp - File not found

 

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()

Drivers32: MSACM.MI-SC4 - MI-SC4.acm File not found

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !)

Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)

Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()

Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

Drivers32: VIDC.VP40 - vp4vfw.dll File not found

Drivers32: vidc.yv12 - DivX.dll File not found

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/08/18 19:28:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime

[2011/08/17 23:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011/08/17 23:04:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nico\Recent

[2011/08/11 00:32:00 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys

[2011/08/11 00:31:12 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys

[2011/07/21 10:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes

[2011/07/21 10:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/07/21 10:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2003/10/05 10:41:14 | 000,123,520 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojubus.sys

[2003/09/28 10:57:52 | 000,005,504 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojuscsi.sys

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/08/18 19:32:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/08/18 19:28:19 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk

[2011/08/18 19:10:00 | 000,001,144 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1916744890-1713376151-1188671554-1006UA.job

[2011/08/18 11:10:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1916744890-1713376151-1188671554-1006Core.job

[2011/08/18 09:33:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/08/15 23:12:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2011/08/11 17:47:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/08/11 17:44:43 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job

[2011/08/11 17:44:24 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys

[2011/08/11 03:12:15 | 000,505,778 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2011/08/11 03:12:15 | 000,436,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/08/11 03:12:15 | 000,083,068 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2011/08/11 03:12:15 | 000,069,922 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/08/10 01:12:58 | 000,002,259 | ---- | M] () -- C:\Documents and Settings\Nico\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/08/10 01:12:57 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\Nico\Bureau\Google Chrome.lnk

[2011/08/09 18:42:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At1.job

[2011/08/08 18:42:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At2.job

[2011/08/07 18:42:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At3.job

[2011/07/25 17:09:56 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2011/07/21 10:56:54 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/08/18 19:32:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/08/18 19:28:18 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk

[2011/07/21 10:56:54 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk

[2010/08/13 23:00:26 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/03/17 09:08:16 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\Nico\Application Data\zxcdyt.dat

[2008/10/27 18:19:33 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll

[2008/10/27 16:58:29 | 000,128,583 | ---- | C] () -- C:\WINDOWS\hpoins11.dat

[2008/09/06 14:52:08 | 000,221,184 | --S- | C] () -- C:\WINDOWS\System32\glut32.dll

[2008/05/24 18:14:18 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll

[2007/12/30 12:39:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2007/09/28 18:07:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2007/09/28 18:05:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2007/06/29 02:01:48 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2007/04/20 01:14:31 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat

[2006/11/11 20:27:34 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2006/05/25 01:22:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe

[2006/02/08 08:20:58 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html

[2005/10/31 05:38:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\SOL.INI

[2005/10/02 15:53:51 | 000,001,229 | ---- | C] () -- C:\WINDOWS\scummvm.ini

[2005/09/24 17:04:35 | 000,001,610 | ---- | C] () -- C:\WINDOWS\HARRAPF.INI

[2005/09/24 17:04:35 | 000,000,826 | ---- | C] () -- C:\WINDOWS\HLIVRES.INI

[2005/09/24 17:04:35 | 000,000,497 | ---- | C] () -- C:\WINDOWS\PNAME.INI

[2005/09/24 17:04:35 | 000,000,327 | ---- | C] () -- C:\WINDOWS\LNAME.INI

[2005/09/24 17:04:35 | 000,000,327 | ---- | C] () -- C:\WINDOWS\GNAME.INI

[2005/04/18 23:37:26 | 000,000,530 | ---- | C] () -- C:\WINDOWS\eReg.dat

[2005/03/20 02:10:35 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll

[2005/03/20 02:10:35 | 000,032,758 | ---- | C] () -- C:\WINDOWS\xobglu32.dll

[2005/03/19 16:26:01 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\Machnm1.exe

[2005/03/01 15:30:20 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

[2004/12/18 14:45:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

[2004/12/18 01:21:12 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.dll

[2004/10/16 02:12:26 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2004/10/10 07:02:46 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/09/25 00:29:55 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe

[2004/09/05 18:02:19 | 000,000,209 | ---- | C] () -- C:\WINDOWS\the_cyanide_shop.ini

[2004/09/05 18:02:14 | 000,000,379 | ---- | C] () -- C:\WINDOWS\TheCyanideShop.Ini

[2004/08/15 16:37:00 | 000,075,614 | ---- | C] () -- C:\WINDOWS\War3Unin.dat

[2004/06/20 02:14:31 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2004/06/20 00:52:40 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys

[2004/06/20 00:52:40 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys

[2004/06/19 17:30:42 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI

[2004/05/29 22:49:55 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2004/03/31 00:38:53 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll

[2004/03/31 00:38:53 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll

[2004/02/22 16:36:27 | 000,132,429 | ---- | C] () -- C:\WINDOWS\unstall.exe

[2004/02/12 00:51:39 | 000,000,017 | ---- | C] () -- C:\WINDOWS\adm.ini

[2004/02/12 00:50:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\UnACE.dll

[2004/02/11 00:04:37 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe

[2004/02/07 00:00:26 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI

[2004/02/01 01:31:39 | 000,000,176 | ---- | C] () -- C:\WINDOWS\CS_MD_T.ini

[2004/01/24 00:35:06 | 000,000,339 | ---- | C] () -- C:\WINDOWS\SIERRA.INI

[2004/01/11 19:34:44 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2003/12/13 17:16:56 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys

[2003/12/13 01:18:37 | 000,000,057 | ---- | C] () -- C:\WINDOWS\emule.INI

[2003/12/07 13:59:22 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Nico\Local Settings\Application Data\fusioncache.dat

[2003/12/06 22:51:03 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini

[2003/12/06 19:48:36 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini

[2003/12/06 19:48:36 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini

[2003/12/06 19:48:27 | 000,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini

[2003/12/06 19:48:26 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe

[2003/12/06 19:48:24 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll

[2003/12/06 19:48:24 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll

[2003/12/06 19:48:23 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe

[2003/12/06 19:48:23 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin

[2003/11/06 20:35:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll

[2003/11/06 20:27:14 | 000,063,488 | ---- | C] () -- C:\Documents and Settings\Nico\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2003/10/06 14:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll

[2003/09/22 14:29:56 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat

[2003/09/22 13:22:48 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2003/09/22 13:22:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2003/09/22 13:04:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

[2003/09/22 12:57:38 | 001,892,352 | ---- | C] () -- C:\WINDOWS\CMIWCNFG.DLL

[2003/09/22 12:57:38 | 000,229,376 | ---- | C] () -- C:\WINDOWS\CMIRMDRV.EXE

[2003/09/22 12:57:38 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRMDRV.DLL

[2003/09/22 12:57:38 | 000,003,392 | ---- | C] () -- C:\WINDOWS\cmiainfo.sys

[2003/09/22 12:57:38 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI

[2003/09/22 12:57:38 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI

[2003/09/22 12:57:37 | 001,892,352 | ---- | C] () -- C:\WINDOWS\System32\cmiwcnfg.dll

[2003/09/22 12:57:37 | 000,000,228 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2003/09/22 12:57:36 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe

[2003/09/22 12:57:36 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll

[2003/09/22 12:57:33 | 000,253,952 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe

[2003/09/22 12:57:33 | 000,212,992 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe

[2003/09/22 12:57:33 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll

[2003/09/22 12:53:57 | 000,073,728 | ---- | C] () -- C:\WINDOWS\Dit.exe

[2003/09/22 12:53:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\DitExp.exe

[2003/09/22 12:53:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\Dit.DLL

[2003/09/22 12:53:57 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Dit.INI

[2003/09/22 12:17:11 | 000,005,678 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2003/09/22 12:16:34 | 000,560,504 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2003/09/22 11:41:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2003/09/22 11:26:45 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2003/09/22 11:24:16 | 000,000,843 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2003/09/22 11:19:43 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2003/09/22 11:13:27 | 000,000,846 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2003/09/22 11:13:20 | 000,505,778 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2003/09/22 11:13:20 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2003/09/22 11:13:20 | 000,083,068 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2003/09/22 11:13:20 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2003/09/22 11:13:05 | 000,436,602 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2003/09/22 11:13:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2003/09/22 11:13:05 | 000,069,922 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2003/09/22 11:13:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2003/09/22 11:13:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2003/09/22 11:13:04 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2003/09/22 11:13:02 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2003/09/22 11:12:58 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2003/09/22 11:12:58 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2003/09/22 11:12:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2003/09/22 11:12:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2003/05/05 09:55:36 | 000,393,728 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe

[2003/01/08 15:55:50 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\VOBRegCheck.exe

[2002/03/17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000082.DLL

[2001/09/17 14:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2001/07/07 04:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

[2000/09/14 03:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT

[1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[1997/01/16 06:00:00 | 000,030,736 | ---- | C] () -- C:\WINDOWS\System32\mpms32.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2010/08/13 07:59:49 | 000,001,212 | ---- | M] () -- C:\aaw7boot.log

[2011/06/23 04:43:06 | 000,006,582 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt

[2011/06/25 20:24:46 | 000,004,792 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt

[2011/06/27 08:07:06 | 000,004,858 | ---- | M] () -- C:\Ad-Report-CLEAN[3].txt

[2011/07/21 11:35:11 | 000,004,989 | ---- | M] () -- C:\Ad-Report-CLEAN[4].txt

[2011/06/22 12:07:15 | 000,012,484 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt

[2011/06/23 04:40:44 | 000,012,551 | ---- | M] () -- C:\Ad-Report-SCAN[2].txt

[2011/07/21 11:31:42 | 000,010,440 | ---- | M] () -- C:\Ad-Report-SCAN[3].txt

[2006/07/08 23:31:07 | 000,000,216 | RHS- | M] () -- C:\boot.ini

[2002/08/30 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2003/09/22 11:21:19 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2005/02/23 21:01:19 | 000,000,218 | ---- | M] () -- C:\Delme.bat

[2003/12/06 19:48:36 | 000,000,186 | ---- | M] () -- C:\driversagem.log

[2011/08/11 17:44:24 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys

[2003/09/22 11:21:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/04/30 23:44:12 | 000,000,127 | ---- | M] () -- C:\mbam-error.txt

[2003/09/22 11:21:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/10/10 13:39:53 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008/08/03 18:21:47 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2011/08/11 17:44:22 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys

[2011/08/18 19:32:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2004/08/14 00:16:59 | 000,000,056 | -HS- | M] () -- C:\redir.sys

[2006/07/09 00:39:46 | 000,010,919 | ---- | M] () -- C:\resultat.txt

[2009/11/26 17:40:29 | 000,000,143 | ---- | M] () -- C:\TCleaner.txt

[2004/10/24 22:17:39 | 000,001,187 | ---- | M] () -- C:\temp.log

[2008/12/24 16:59:03 | 000,000,510 | ---- | M] () -- C:\updatedatfix.log

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2003/09/22 13:16:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2003/09/22 13:16:01 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2003/09/22 13:16:01 | 000,413,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 

< %systemroot%\system32\drivers\*.sys /90 >

[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys

[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

[2011/07/15 15:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys

[2011/07/08 16:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys

[2011/06/24 16:10:47 | 000,139,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-11 01:13:08

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 3636 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc

 

< End of report >

KS_Croc Power Member

KS_Croc

Posté(e)
  • Auteur
Posté(e)

Extras.txt

___________________________

 

OTL Extras logfile created on: 18/08/2011 19:29:39 - Run 1

OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Nico\Mes documents\Téléchargements

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

511,48 Mb Total Physical Memory | 205,52 Mb Available Physical Memory | 40,18% Memory free

1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,43% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74,22 Gb Total Space | 25,08 Gb Free Space | 33,79% Space Free | Partition Type: NTFS

Drive D: | 72,27 Gb Total Space | 51,31 Gb Free Space | 70,99% Space Free | Partition Type: NTFS

Drive E: | 2,55 Gb Total Space | 1,10 Gb Free Space | 42,92% Space Free | Partition Type: FAT32

 

Computer Name: HERMES | User Name: Nico | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = FirefoxHTML] -- C:\tools\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\tools\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Winamp.Bookmark] -- "D:\Tools\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "D:\Tools\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "D:\Tools\Winamp\Winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"D:\games\Dawn of War\W40k.exe" = D:\games\Dawn of War\W40k.exe:*:Disabled:W40K

"D:\3dsmax6\3dsmax.exe" = D:\3dsmax6\3dsmax.exe:*:Disabled:3ds max application

"D:\Tools\FileZilla\filezilla.exe" = D:\Tools\FileZilla\filezilla.exe:*:Enabled:FileZilla -- ()

"D:\Tools\Kazaa Lite K++\KazaaLite.kpp" = D:\Tools\Kazaa Lite K++\KazaaLite.kpp:*:Disabled:KazaaLite

"D:\games\HL2\hl2.exe" = D:\games\HL2\hl2.exe:*:Disabled:hl2 -- ()

"D:\games\Half-Life\hlds.exe" = D:\games\Half-Life\hlds.exe:*:Disabled:hlds

"D:\Tools\SketchUp 4\SketchUp.exe" = D:\Tools\SketchUp 4\SketchUp.exe:*:Disabled:SketchUp Application -- (@Last Software, Inc.)

"D:\games\Battlefield 1942\BF1942.exe" = D:\games\Battlefield 1942\BF1942.exe:*:Disabled:BF1942

"C:\Program Files\OneClick\OneClick.exe" = C:\Program Files\OneClick\OneClick.exe:*:Disabled:OneClick

"D:\games\Black & White\runblack.exe" = D:\games\Black & White\runblack.exe:*:Disabled:lh

"C:\Program Files\Real\RealOne Player\realplay.exe" = C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player -- (RealNetworks, Inc.)

"C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)

"C:\WINDOWS\system32\rtcshare.exe" = C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC -- (Microsoft Corporation)

"D:\Tools\AceHTML 5 Pro\acehtml.exe" = D:\Tools\AceHTML 5 Pro\acehtml.exe:*:Enabled:AceHTML 5 Pro Executable -- (Visicom Media Inc.)

"D:\Tools\LeechFTP\Leechftp.exe" = D:\Tools\LeechFTP\Leechftp.exe:*:Enabled:LeechFTP

"C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Disabled:Java 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)

"C:\tools\AVG Anti-Spyware 7.5\avgas.exe" = C:\tools\AVG Anti-Spyware 7.5\avgas.exe:*:Enabled:AVG Anti-Spyware

"D:\games\World of Warcraft\WoW-1.2.1-to-1.2.2-Patch-frFR-Downloader.exe" = D:\games\World of Warcraft\WoW-1.2.1-to-1.2.2-Patch-frFR-Downloader.exe:*:Disabled:Blizzard Downloader

"D:\games\World of Warcraft\WoW-1.2.0-Patch-frFR-Downloader.exe" = D:\games\World of Warcraft\WoW-1.2.0-Patch-frFR-Downloader.exe:*:Disabled:Blizzard Downloader

"C:\Documents and Settings\Nico\Bureau\WoW-1.1.2-Installer-Downloader-frFR.exe" = C:\Documents and Settings\Nico\Bureau\WoW-1.1.2-Installer-Downloader-frFR.exe:*:Disabled:Blizzard Downloader

"C:\Temp\CTD_FirmwareUpgrader.exe" = C:\Temp\CTD_FirmwareUpgrader.exe:*:Disabled:CTD_FirmwareUpgrader -- (Terra Virtual)

"D:\games\Wolfenstein - Enemy Territory\ET.exe" = D:\games\Wolfenstein - Enemy Territory\ET.exe:*:Disabled:ET

"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Disabled:Google Talk

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting® -- (Microsoft Corporation)

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)

"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe

"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe

"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe

"C:\Program Files\America's Army\System\ArmyOps.exe" = C:\Program Files\America's Army\System\ArmyOps.exe:*:Disabled:ArmyOps

"D:\Tools\eMule\emule.exe" = D:\Tools\eMule\emule.exe:*:Disabled:eMule -- (http://www.emule-project.net)

"D:\tools\Skype\Phone\Skype.exe" = D:\tools\Skype\Phone\Skype.exe:*:Disabled:Skype

"D:\games\Warcraft III\war3.exe" = D:\games\Warcraft III\war3.exe:*:Disabled:Warcraft III -- (Blizzard Entertainment)

"C:\Program Files\LEA\SoftPlug\V3.1\SoftPlug.exe" = C:\Program Files\LEA\SoftPlug\V3.1\SoftPlug.exe:*:Enabled:SoftPlug -- (LEA)

"C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01958032-9877-4118-B87F-9EFA74B3F15F}" = Adobe Version Cue

"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow

"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA

"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery

"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig

"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help

"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11

"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8

"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK

"{31851B85-C98E-44DE-8750-9843BCD63963}" = Adobe After Effects 5.5

"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6

"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone

"{36D6F663-DF15-45BD-B0C6-4B909308E3B6}" = Informations sur votre PC

"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant

"{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}" = Macromedia Extension Manager

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}" = Adobe InDesign CS

"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1

"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Visionneuse Journal Windows Microsoft

"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm

"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840

"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant

"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService

"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder

"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0

"{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0

"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg

"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI

"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox

"{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Power Cinema

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA

"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme

"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Utilitaire de sauvegarde Windows

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI

"{7F34A21F-2DEB-4598-BB19-611D6BD24271}" = Managed DirectX (0901)

"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status

"{876D774C-04D0-4796-B6A0-B7945340847D}" = SoftPlug V3.1.0

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder

"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload

"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{9051040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003

"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}" = Adobe Illustrator CS

"{9421EB49-B1C8-496F-A307-FF0E4F43E6F5}" = SketchUp 4.0

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0 Professional - English, Français, Deutsch

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français

"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig

"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support

"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour

"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config

"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery

"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support

"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update

"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes

"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter

"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA

"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour

"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center

"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live

"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp

"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch

"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White

"{E61B400A-DE10-43E5-8F45-37DB764BFCFB}" = InstantCopy

"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" = Alcohol 120%

"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Medion Flash XL

"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1

"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan

"{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}" = Natural Color

"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA

"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations

"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA

"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update

"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer

"{FF70923C-8A51-47F4-A7E9-893C6D54EB68}" = TES Construction Set

"7-Zip" = 7-Zip 4.65

"AC3Filter_is1" = AC3Filter 1.63b

"AceHTML 5 Pro" = AceHTML 5 Pro

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop 6.0" = Adobe Photoshop 6.0

"Ad-Remover" = Ad-Remover par C_XX

"All Media Fixer_is1" = All Media Fixer 9.10

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Bass Audio Decoder" = Bass Audio Decoder (remove only)

"CCleaner" = CCleaner

"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)

"C-Media Audio" = C-Media 3D Audio

"Cubemaster_2000" = Cubemaster 2000 v3.0

"DCoder Image Source" = DCoder Image Source (remove only)

"DirectVobSub" = DirectVobSub (remove only)

"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders

"EPSON Printer and Utilities" = EPSON Logiciel imprimante

"ESET Online Scanner" = ESET Online Scanner v3

"Ethnos 3.5" = Ethnos 3.5

"EuroThink Adresses 2.30_is1" = EuroThink Adresses

"ffdshow_is1" = ffdshow [rev 3124] [2009-11-03]

"FFMPEG Core Files" = FFMPEG Core Files (remove only)

"FileZilla" = FileZilla (remove only)

"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)

"Glary Utilities_is1" = Glary Utilities 2.30.0.1066

"HaaliMkx" = Haali Media Splitter

"HijackThis" = HijackThis 2.0.2

"HP Document Viewer" = HP Document Viewer 7.0

"HP Imaging Device Functions" = HP Imaging Device Functions 7.0

"HP Photo & Imaging" = HP Photosmart Premier Software 6.5

"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0

"HPExtendedCapabilities" = HP Customer Participation Program 7.0

"HPOCR" = OCR Software by I.R.I.S 7.0

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie8" = Windows Internet Explorer 8

"Lucasarts_Collection_CD1_1.0" = Lucasarts Collection 1.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)

"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)

"Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Nikon FotoShare" = Nikon FotoShare

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers

"NVIDIA Display Driver" = NVIDIA Display Driver

"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)

"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)

"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)

"QuickSFV" = QuickSFV (Remove only)

"RealMedia" = RealMedia (remove only)

"RealPlayer 6.0" = RealOne Player

"RenMultiFiles Pro_is1" = RenMultiFiles Pro

"SFR_Kit" = SFR - Kit de connexion

"Shockwave" = Shockwave

"SHOUTcast Source" = SHOUTcast Source (remove only)

"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver

"ST6UNST #1" = Color Mixer

"VLC media player" = VLC media player 1.1.2

"Winamp" = Winamp (remove only)

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinPcapInst" = WinPcap 4.0.1

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"ZoomPlayer" = Zoom Player (remove only)

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

"Warcraft III" = Warcraft III: All Products

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 19/05/2011 21:56:56 | Computer Name = HERMES | Source = Application Error | ID = 1000

Description = Application défaillante mbam.exe, version 1.50.1.3, module défaillant

version.dll, version 5.1.2600.5512, adresse de défaillance 0x00001d22.

 

Error - 29/05/2011 20:46:18 | Computer Name = HERMES | Source = Application Error | ID = 1000

Description = Application défaillante mbam.exe, version 1.50.1.3, module défaillant

version.dll, version 5.1.2600.5512, adresse de défaillance 0x00001d22.

 

Error - 19/06/2011 06:13:54 | Computer Name = HERMES | Source = MBAMService | ID = 131073

Description =

 

Error - 19/06/2011 06:14:01 | Computer Name = HERMES | Source = MBAMService | ID = 131073

Description =

 

Error - 19/06/2011 06:14:05 | Computer Name = HERMES | Source = MBAMService | ID = 131073

Description =

 

Error - 02/07/2011 01:00:24 | Computer Name = HERMES | Source = Application Hang | ID = 1002

Description = Application bloquée firefox.exe, version 1.9.2.3855, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 02/07/2011 01:00:53 | Computer Name = HERMES | Source = Application Hang | ID = 1002

Description = Application bloquée firefox.exe, version 1.9.2.3855, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 08/07/2011 11:43:13 | Computer Name = HERMES | Source = Application Hang | ID = 1002

Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 06/08/2011 15:44:24 | Computer Name = HERMES | Source = WmiAdapter | ID = 4099

Description = Échec de l'ouverture de services.

 

Error - 14/08/2011 01:12:56 | Computer Name = HERMES | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

[ System Events ]

Error - 11/08/2011 01:46:05 | Computer Name = HERMES | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.

NtpClient

n'a pas de source de temps précis.

 

Error - 11/08/2011 11:44:36 | Computer Name = HERMES | Source = Service Control Manager | ID = 7000

Description = Le service General Purpose USB Driver (adildr.sys) n'a pas pu démarrer

en raison de l'erreur : %%1058

 

Error - 13/08/2011 01:54:41 | Computer Name = HERMES | Source = W32Time | ID = 39452689

Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de

la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient

va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération

a été tentée sur un hôte impossible à atteindre. (0x80072751)

 

Error - 13/08/2011 01:54:41 | Computer Name = HERMES | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.

NtpClient

n'a pas de source de temps précis.

 

Error - 13/08/2011 01:54:43 | Computer Name = HERMES | Source = W32Time | ID = 39452689

Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de

la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient

va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération

a été tentée sur un hôte impossible à atteindre. (0x80072751)

 

Error - 13/08/2011 01:54:43 | Computer Name = HERMES | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.

NtpClient

n'a pas de source de temps précis.

 

Error - 13/08/2011 01:54:45 | Computer Name = HERMES | Source = W32Time | ID = 39452689

Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de

la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient

va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération

a été tentée sur un hôte impossible à atteindre. (0x80072751)

 

Error - 13/08/2011 01:54:45 | Computer Name = HERMES | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.

NtpClient

n'a pas de source de temps précis.

 

Error - 13/08/2011 01:54:48 | Computer Name = HERMES | Source = W32Time | ID = 39452689

Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de

la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient

va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération

a été tentée sur un hôte impossible à atteindre. (0x80072751)

 

Error - 13/08/2011 01:54:48 | Computer Name = HERMES | Source = W32Time | ID = 39452701

Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps

à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement

accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.

NtpClient

n'a pas de source de temps précis.

 

 

< End of report >

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour,

 

OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Nico\Mes documents\Téléchargements

 

OTL n'était pas lancé depuis le Bureau comme demandé. Merci de le déplacer tout de suite. Relire attentivement la note "Très important!" dans mon 1er message et appliquer scrupuleusement les recommandations pour éviter tout problème à ton système.

 

 

>>> Correction OTL: Relancer OTL après l'avoir déplacé sur le Bureau.

Copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge.

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar_bak = http://81.211.105.9/search.php?v=1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page_bak = http://81.211.105.9/index.php?v=1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic_France Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}"

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF

[2011/02/15 09:02:26 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewi...oOnlineScan.cab (ewidoOnlineScan Control)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} DivX – Download DivX software (play AVI/MKV), play DivX video on TV | DivX.com (Reg Error: Key error.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)

O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O33 - MountPoints2\{3091d8b8-0c75-11dc-9a38-000c76678d6a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe

O33 - MountPoints2\{9e2fecec-613a-11db-9a03-000c76678d6a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe

O33 - MountPoints2\{b6d8940b-2ce9-11da-995f-000c76678d6a}\Shell\Setup\command - "" = C:\WINDOWS\System32\setup.exe -- [2008/04/14 04:34:21 | 000,023,040 | ---- | M] (Microsoft Corporation)

O33 - MountPoints2\{fc5b2ccd-1c8f-11de-90aa-000c76678d6a}\Shell\AutoRun\command - "" = H:\setupSNK.exe

[2010/08/13 07:59:49 | 000,001,212 | ---- | M] () -- C:\aaw7boot.log

[2011/06/23 04:43:06 | 000,006,582 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt

[2011/06/25 20:24:46 | 000,004,792 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt

[2011/06/27 08:07:06 | 000,004,858 | ---- | M] () -- C:\Ad-Report-CLEAN[3].txt

[2011/07/21 11:35:11 | 000,004,989 | ---- | M] () -- C:\Ad-Report-CLEAN[4].txt

[2011/06/22 12:07:15 | 000,012,484 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt

[2011/06/23 04:40:44 | 000,012,551 | ---- | M] () -- C:\Ad-Report-SCAN[2].txt

[2011/07/21 11:31:42 | 000,010,440 | ---- | M] () -- C:\Ad-Report-SCAN[3].txt

[2005/02/23 21:01:19 | 000,000,218 | ---- | M] () -- C:\Delme.bat

@Alternate Data Stream - 3636 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc

 

:Services

 

:Reg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"D:\Tools\Kazaa Lite K++\KazaaLite.kpp" = -

"D:\Tools\eMule\emule.exe" = -

"C:\tools\AVG Anti-Spyware 7.5\avgas.exe" = -

"C:\Program Files\AVG\AVG8\avgam.exe" = -

"C:\Program Files\AVG\AVG8\avgupd.exe" = -

"C:\Program Files\AVG\AVG8\avgnsx.exe" = -

 

:Files

ipconfig /flushdns /c

C:\WINDOWS\tasks\*.job

C:\*.sqm

C:\WINDOWS\System32\*.tmp

C:\WINDOWS\*.tmp

C:\Program Files\AVG

D:\Tools\Kazaa Lite K++

D:\Tools\eMule

C:\tools\AVG Anti-Spyware 7.5

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

Encore des soucis?

KS_Croc Power Member

KS_Croc

Posté(e)
  • Auteur
Posté(e)

Merci pour ta réponse.

j'ai l'impression qu'Internet est un peu plus rapide.

 

Rapport

____________________________

 

All processes killed

========== OTL ==========

Service HidServ stopped successfully!

Service HidServ deleted successfully!

Service AppMgmt stopped successfully!

Service AppMgmt deleted successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search bar| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar_bak| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page_bak| /E : value set successfully!

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

Prefs.js: "Softonic_France Customized Web Search" removed from browser.search.defaultthis.engineName

Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.

File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox not found.

File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF not found.

C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\searchplugin folder moved successfully.

C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\META-INF folder moved successfully.

C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\lib folder moved successfully.

C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\defaults folder moved successfully.

C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\components folder moved successfully.

C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\chrome folder moved successfully.

C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} folder moved successfully.

Starting removal of ActiveX control {193C772A-87BE-4B19-A7BB-445B226FE9A1}

Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\DownloadInformation\\INF .

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\ not found.

Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}

C:\WINDOWS\Downloaded Program Files\oscan8.inf moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.

Starting removal of ActiveX control {67DABFBF-D0AB-41FA-9C46-CC0F21721616}

C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.

Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}

C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}

C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}

Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\DownloadInformation\\INF .

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.

File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.

Starting removal of ActiveX control DirectAnimation Java Classes

Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.

File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.

Starting removal of ActiveX control Microsoft XML Parser for Java

Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3091d8b8-0c75-11dc-9a38-000c76678d6a}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3091d8b8-0c75-11dc-9a38-000c76678d6a}\ not found.

File H:\InstallTomTomHOME.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e2fecec-613a-11db-9a03-000c76678d6a}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9e2fecec-613a-11db-9a03-000c76678d6a}\ not found.

File H:\InstallTomTomHOME.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6d8940b-2ce9-11da-995f-000c76678d6a}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6d8940b-2ce9-11da-995f-000c76678d6a}\ not found.

C:\WINDOWS\system32\setup.exe moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc5b2ccd-1c8f-11de-90aa-000c76678d6a}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fc5b2ccd-1c8f-11de-90aa-000c76678d6a}\ not found.

File H:\setupSNK.exe not found.

C:\aaw7boot.log moved successfully.

C:\Ad-Report-CLEAN[1].txt moved successfully.

C:\Ad-Report-CLEAN[2].txt moved successfully.

C:\Ad-Report-CLEAN[3].txt moved successfully.

C:\Ad-Report-CLEAN[4].txt moved successfully.

C:\Ad-Report-SCAN[1].txt moved successfully.

C:\Ad-Report-SCAN[2].txt moved successfully.

C:\Ad-Report-SCAN[3].txt moved successfully.

C:\Delme.bat moved successfully.

ADS C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc deleted successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Tools\Kazaa Lite K++\KazaaLite.kpp deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Tools\eMule\emule.exe deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\tools\AVG Anti-Spyware 7.5\avgas.exe deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgam.exe deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgupd.exe deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgnsx.exe deleted successfully.

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de résolution DNS vidé.

C:\Documents and Settings\Nico\Bureau\cmd.bat deleted successfully.

C:\Documents and Settings\Nico\Bureau\cmd.txt deleted successfully.

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.

C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.

C:\WINDOWS\tasks\At1.job moved successfully.

C:\WINDOWS\tasks\At2.job moved successfully.

C:\WINDOWS\tasks\At3.job moved successfully.

C:\WINDOWS\tasks\GlaryInitialize.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1916744890-1713376151-1188671554-1006Core.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1916744890-1713376151-1188671554-1006UA.job moved successfully.

File\Folder C:\*.sqm not found.

C:\WINDOWS\System32\CONFIG.TMP moved successfully.

C:\WINDOWS\002496_.tmp moved successfully.

C:\WINDOWS\005728_.tmp moved successfully.

C:\WINDOWS\wininit.tmp moved successfully.

C:\Program Files\AVG\AVG8 folder moved successfully.

C:\Program Files\AVG folder moved successfully.

File\Folder D:\Tools\Kazaa Lite K++ not found.

D:\Tools\eMule\webserver folder moved successfully.

D:\Tools\eMule\Temp folder moved successfully.

D:\Tools\eMule\skins folder moved successfully.

D:\Tools\eMule\logs folder moved successfully.

D:\Tools\eMule\lang folder moved successfully.

D:\Tools\eMule\Incoming folder moved successfully.

D:\Tools\eMule\config folder moved successfully.

D:\Tools\eMule folder moved successfully.

C:\tools\AVG Anti-Spyware 7.5 folder moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrateur

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Flash cache emptied: 475 bytes

 

User: All Users

 

User: Autres

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Flash cache emptied: 475 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 475 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 32969 bytes

 

User: Michel

->Temp folder emptied: 249004 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 523 bytes

 

User: MLF

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Flash cache emptied: 475 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 873989 bytes

 

User: Nico

->Temp folder emptied: 13035046 bytes

->Temporary Internet Files folder emptied: 459154 bytes

->Java cache emptied: 1823818 bytes

->FireFox cache emptied: 78216992 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 1357752 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 255 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 129141972 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 696678 bytes

RecycleBin emptied: 164200 bytes

 

Total Files Cleaned = 216,00 mb

 

 

[EMPTYFLASH]

 

User: Administrateur

->Flash cache emptied: 0 bytes

 

User: All Users

 

User: Autres

->Flash cache emptied: 0 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: LocalService

 

User: Michel

->Flash cache emptied: 0 bytes

 

User: MLF

->Flash cache emptied: 0 bytes

 

User: NetworkService

 

User: Nico

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.26.5 log created on 08192011_093917

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Tant mieux :)

 

- Tu as 511,48 Mb mémoire et je pense ça ira mieux si tu peux aller jusqu'à 1 Giga (ou+).

 

- Désinstaller ESET Online Scanner v3

--

 

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC:

  • Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32bits pour toi): Téléchargements Java pour tous les systèmes d'exploitation.
     
    java.png


     
    Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
    Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".
    Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône java01.jpg.
    Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
    Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.
     

  • Ta version de Mozilla Thunderbird n'est pas à jour, installer la dernière version depuis ICI
     
  • Firefox: Lancer FF et cliquer sur le ? puis sur "Rechercher des mises à jour...". Suivre les indications. Ou le télécharger depuis ici

 

Pas eu de soucis avec ces MAJ?. La fin est pour le prochain post :)

KS_Croc Power Member

KS_Croc

Posté(e)
  • Auteur
Posté(e) (modifié)

Tout s'est bien passé, mais maintenant, c'est plus l'ordinateur qu'internet qui rame.

Le disque dur semble toujours en activité...

 

Edit : On dirait que j'ai un problème avec QuickTime, j'ai eu un message d'erreur le concernant... :-/

Modifié par KS_Croc

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...