Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Problème écran bleu de sécurité

Bernytou

Par Bernytou
dans Analyses et éradication malwares

 Partager

Messages recommandés

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonsoir et merci pour les détails :super:

 

Je ne suis pas sûr que ComboFix a bien fonctionné. On va le savoir tout de suite.

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Fermer toutes les applications et fenêtres ouvertes.

Double-cliquer sur OTL.exe et copier/ coller ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

 

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: "OTL.txt" (qui s'ouvre dans le bloc-note) et "Extras.txt" (qui sera minimisé dans la Barre des tâches).

Copier/ coller le contenu de chaque rapport dans une prochaine réponse, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Bernytou Member

Bernytou

Posté(e)
  • Auteur
Posté(e)

Bonjour

 

Merci Lance.

 

Il y a peut-etre eu effectivement un problème, Combo me "disait" qu'il n'etais pas à jour, bon maintenant il doit l'etre.

 

RAPPORT OTL.txt

 

OTL logfile created on: 31/08/2011 11:34:59 - Run 1

OTL by OldTimer - Version 3.2.26.7 Folder = C:\Documents and Settings\Compaq_Propriétaire\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

958,48 Mb Total Physical Memory | 376,57 Mb Available Physical Memory | 39,29% Memory free

2,26 Gb Paging File | 1,67 Gb Available in Paging File | 73,93% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 274,12 Gb Total Space | 183,34 Gb Free Space | 66,88% Space Free | Partition Type: NTFS

Drive D: | 5,32 Gb Total Space | 0,51 Gb Free Space | 9,60% Space Free | Partition Type: FAT32

 

Computer Name: NOM-EB85C523610 | User Name: Compaq_Propriétaire | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/08/31 11:33:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe

PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2011/05/26 11:29:03 | 000,800,768 | ---- | M] (Yuna Software) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

PRC - [2011/04/22 14:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

PRC - [2011/04/22 14:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2009/11/11 11:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

PRC - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

PRC - [2009/10/27 10:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

PRC - [2009/10/15 10:53:54 | 000,959,808 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe

PRC - [2009/05/29 13:41:26 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

PRC - [2008/04/18 10:55:31 | 000,607,576 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/02/15 11:49:40 | 000,155,648 | ---- | M] (Philips) -- C:\WINDOWS\VPro530.exe

PRC - [2007/06/11 11:25:42 | 006,731,312 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

PRC - [2007/05/30 14:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

PRC - [2007/03/16 11:45:30 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe

PRC - [2006/04/25 00:54:00 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

PRC - [2006/02/25 02:47:02 | 000,114,784 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe

PRC - [2006/02/25 02:47:00 | 000,266,338 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe

PRC - [2006/02/25 02:46:34 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerCinema\PCMService.exe

PRC - [2006/02/25 02:46:20 | 001,073,152 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe

PRC - [2006/01/07 03:36:10 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe

PRC - [2005/12/09 16:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe

PRC - [2005/12/09 16:32:18 | 000,225,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE

PRC - [2005/12/07 11:26:30 | 000,489,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe

PRC - [2005/10/28 15:12:04 | 000,155,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

PRC - [2005/09/24 07:42:32 | 000,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

PRC - [2004/11/01 18:22:22 | 000,262,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\ElkCtrl.exe

PRC - [2004/04/07 15:33:58 | 000,635,019 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2011/08/31 09:34:53 | 001,304,064 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11083100\algo.dll

MOD - [2011/08/30 22:05:05 | 000,208,544 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11083100\aswRep.dll

MOD - [2011/03/02 11:11:18 | 000,004,096 | ---- | M] () -- C:\Program Files\Yuna Software\Messenger Plus!\Detoured.dll

MOD - [2010/06/10 01:17:31 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2c9de181\mscorlib.dll

MOD - [2010/06/10 01:17:26 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_c9759525\system.drawing.dll

MOD - [2010/06/10 01:17:17 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_b3c0c1d5\system.xml.dll

MOD - [2010/06/10 01:17:09 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ded7c260\system.windows.forms.dll

MOD - [2010/06/10 01:16:58 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_31ea06df\system.dll

MOD - [2010/06/10 01:16:44 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll

MOD - [2009/09/04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll

MOD - [2008/08/12 11:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll

MOD - [2008/07/29 14:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll

MOD - [2008/07/29 14:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll

MOD - [2008/07/29 14:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll

MOD - [2008/07/29 14:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll

MOD - [2008/07/29 13:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll

MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2006/04/25 00:50:03 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqisrtb.resources.dll

MOD - [2006/04/25 00:50:03 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll

MOD - [2006/04/25 00:50:02 | 000,774,144 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll

MOD - [2006/04/25 00:50:02 | 000,249,856 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqbakup.resources.dll

MOD - [2006/04/25 00:49:58 | 001,044,480 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll

MOD - [2006/04/25 00:49:58 | 000,335,872 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqedit.resources.dll

MOD - [2006/04/25 00:49:56 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll

MOD - [2006/04/25 00:49:55 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll

MOD - [2006/04/25 00:49:55 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll

MOD - [2006/04/25 00:49:55 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll

MOD - [2006/04/25 00:49:55 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqprrsc.resources.dll

MOD - [2006/04/25 00:49:54 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll

MOD - [2006/04/25 00:49:54 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll

MOD - [2006/04/25 00:49:54 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll

MOD - [2006/04/25 00:49:54 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll

MOD - [2006/04/25 00:49:54 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll

MOD - [2006/04/25 00:49:54 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll

MOD - [2006/04/25 00:49:54 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll

MOD - [2006/04/25 00:49:53 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll

MOD - [2006/04/25 00:49:53 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll

MOD - [2006/04/25 00:49:53 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll

MOD - [2006/04/25 00:49:53 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll

MOD - [2006/04/25 00:49:53 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll

MOD - [2006/04/25 00:49:52 | 000,589,824 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll

MOD - [2006/04/25 00:49:52 | 000,512,000 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll

MOD - [2006/04/25 00:49:52 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll

MOD - [2006/04/25 00:49:52 | 000,368,640 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll

MOD - [2006/04/25 00:49:52 | 000,225,280 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll

MOD - [2006/04/25 00:49:52 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll

MOD - [2006/04/25 00:49:52 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqcc2.resources.dll

MOD - [2006/04/25 00:49:52 | 000,122,880 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqtray.resources.dll

MOD - [2006/04/25 00:49:52 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqcprsc.resources.dll

MOD - [2006/04/25 00:49:52 | 000,073,728 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll

MOD - [2006/04/25 00:49:52 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll

MOD - [2006/04/25 00:49:52 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll

MOD - [2006/04/25 00:49:52 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll

MOD - [2006/04/25 00:49:52 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqfmrsc.resources.dll

MOD - [2006/04/25 00:49:52 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll

MOD - [2006/04/25 00:49:52 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll

MOD - [2006/04/25 00:31:17 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll

MOD - [2006/04/25 00:31:17 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll

MOD - [2006/04/25 00:31:17 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll

MOD - [2006/04/25 00:30:35 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\mscorlib.resources.dll

MOD - [2006/04/25 00:30:34 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_fr_b77a5c561934e089\system.resources.dll

MOD - [2006/04/25 00:29:54 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll

MOD - [2006/02/25 02:47:12 | 000,225,384 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapEngine.dll

MOD - [2006/02/25 02:47:12 | 000,065,634 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSchMgr.dll

MOD - [2006/02/25 02:47:12 | 000,032,768 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvcps.dll

MOD - [2006/02/25 02:47:12 | 000,024,576 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSchedps.dll

MOD - [2006/02/25 02:47:02 | 000,114,784 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe

MOD - [2006/02/25 02:47:00 | 000,266,338 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe

MOD - [2006/01/07 03:36:10 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe

MOD - [2004/04/19 12:31:42 | 000,204,948 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\PCDLaunchSysX.syx

MOD - [2004/04/07 15:36:30 | 000,463,004 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistacameraUploadSysx.syx

MOD - [2004/04/07 15:34:38 | 000,106,631 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpri40.dll

MOD - [2004/04/07 15:28:52 | 000,028,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCameraUploadCamBack.dll

MOD - [2003/12/13 15:11:24 | 000,278,666 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\cameratodos.syx

MOD - [2003/12/13 14:56:26 | 000,389,257 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaEmail.dll

MOD - [2003/12/13 14:55:00 | 000,970,892 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.dll

MOD - [2003/12/13 14:53:50 | 000,061,574 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll

MOD - [2003/12/13 14:51:34 | 000,295,053 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll

MOD - [2003/12/13 14:35:12 | 000,569,484 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.dll

MOD - [2003/12/13 14:16:54 | 000,229,512 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll

MOD - [2003/12/13 14:04:54 | 000,356,479 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll

MOD - [2003/12/13 13:49:46 | 000,040,960 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll

MOD - [2003/12/13 13:38:40 | 000,028,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCameratodosCamBack.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- -- (navapsvc)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2011/04/22 14:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2009/05/29 13:41:26 | 000,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2008/06/25 19:37:09 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)

SRV - [2008/04/18 10:55:31 | 000,607,576 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)

SRV - [2007/05/30 14:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)

SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2006/02/25 02:47:02 | 000,114,784 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)

SRV - [2006/02/25 02:47:00 | 000,266,338 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)

SRV - [2006/02/25 02:46:20 | 001,073,152 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)

SRV - [2006/01/06 23:25:12 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)

SRV - [2005/12/09 16:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2005/11/24 17:03:22 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)

SRV - [2005/11/24 16:57:44 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

SRV - [2005/11/24 16:47:30 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)

SRV - [2004/10/22 10:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/07/04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/07/04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)

DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008/05/21 14:30:28 | 000,486,912 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SPC530.sys -- (SPC530)

DRV - [2008/05/21 14:30:28 | 000,007,680 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SPC530m.sys -- (SPC530m)

DRV - [2008/05/07 11:40:04 | 000,088,704 | R--- | M] (Philips Applied Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\phaudlwr.sys -- (phaudlwr)

DRV - [2007/05/30 14:10:42 | 000,011,000 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver)

DRV - [2007/05/30 14:10:42 | 000,010,872 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln)

DRV - [2006/04/04 22:58:44 | 001,536,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2006/03/13 16:50:08 | 000,085,696 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300obex.sys -- (w300obex)

DRV - [2006/03/13 16:50:06 | 000,087,824 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300mgmt.sys -- (w300mgmt) Sony Ericsson W300 USB WMC Device Management Drivers (WDM)

DRV - [2006/03/13 16:50:02 | 000,096,352 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300mdm.sys -- (w300mdm)

DRV - [2006/03/13 16:50:00 | 000,009,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300mdfl.sys -- (w300mdfl)

DRV - [2006/03/13 16:49:54 | 000,060,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300bus.sys -- (w300bus) Sony Ericsson W300 Driver driver (WDM)

DRV - [2006/01/24 00:41:52 | 004,145,152 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtkhdaud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005/12/12 18:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ps2.sys -- (Ps2)

DRV - [2005/12/09 16:37:42 | 002,400,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvmvdrv.sys -- (lvmvdrv)

DRV - [2005/12/09 16:37:42 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvprcmon.sys -- (LVPrcMon)

DRV - [2005/12/09 16:35:54 | 002,174,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvckap.sys -- (Lvckap)

DRV - [2005/12/06 05:30:19 | 000,916,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302av.sys -- (PID_08A0) QuickCam IM(PID_08A0)

DRV - [2005/12/06 05:27:04 | 000,007,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)

DRV - [2005/12/06 05:26:16 | 000,039,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvusbsta.sys -- (LVUSBSta)

DRV - [2005/11/19 03:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)

DRV - [2005/09/30 20:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtnicxp.sys -- (RTL8023xp)

DRV - [2004/08/04 01:46:46 | 000,607,452 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)

DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Server Error

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Le Repaire des Motards : actualités essais reportages guides moto

IE - HKCU\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"

FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="

FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"

FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com"

FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q="

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"

FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Live Search"

FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://redirecterror.sfr.fr/?q="

 

FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2240: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2298: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1348: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/07/05 08:43:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/30 19:02:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/30 19:02:52 | 000,000,000 | ---D | M]

 

[2011/01/02 11:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Extensions

[2011/01/02 11:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Extensions\home2@tomtom.com

[2010/09/06 19:01:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\91ovqxel.default\extensions

[2009/11/28 13:21:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\91ovqxel.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2008/12/17 14:23:16 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\91ovqxel.default\searchplugins\live-search.xml

[2007/04/13 13:06:16 | 000,001,830 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\91ovqxel.default\searchplugins\LiveSearch.xml

[2011/08/30 19:01:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/05/16 10:32:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/09 18:01:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/11/09 13:11:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/08 23:19:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/03/09 20:20:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/06/09 19:09:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011/08/30 15:55:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011/08/30 19:02:52 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ_PROPRIéTAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\91OVQXEL.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}

[2010/05/16 10:31:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/08/30 19:02:31 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll

[2011/08/30 19:02:31 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll

[2011/08/30 19:02:31 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll

[2011/08/30 19:02:34 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll

[2011/08/30 19:02:34 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll

[2011/07/19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2007/11/20 17:52:00 | 002,884,992 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll

[2011/08/30 19:02:51 | 000,001,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2011/08/30 19:02:51 | 000,001,072 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2011/08/30 19:02:51 | 000,000,760 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml

[2011/08/30 19:02:51 | 000,001,441 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2011/08/30 19:02:51 | 000,000,664 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2011/08/29 13:51:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll (Conduit Ltd.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll (Conduit Ltd.)

O4 - HKLM..\Run: [!AVG Anti-Spyware] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (GRISOFT s.r.o.)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe (Logitech Inc.)

O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)

O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe (Logitech Inc.)

O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)

O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\Run: [ssAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()

O4 - HKLM..\Run: [sunJavaUpdateSched] File not found

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)

O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)

O4 - HKCU..\Run: [Philips Intelligent Agent] C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe (Philips Consumer Electronics)

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\VPro530.lnk = C:\WINDOWS\VPro530.exe (Philips)

O4 - Startup: C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage\Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_27.dll (Sun Microsystems, Inc.)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O9 - Extra 'Tools' menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab (CKAVWebScan Object)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (HpProductDetection Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://webcam.asf.fr/AxisCamControl.ocx (CamImage Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} Reg Error: Value error. (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab (IWinAmpActiveX Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/11/23 16:21:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - File not found

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/08/31 11:33:41 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe

[2011/08/31 10:44:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2011/08/31 03:00:01 | 000,000,000 | --SD | C] -- C:\ComboFix

[2011/08/30 19:05:19 | 014,100,808 | ---- | C] (Mozilla) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Firefox Setup 6.0.exe

[2011/08/30 18:25:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2011/08/30 17:31:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas

[2011/08/30 17:31:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr

[2011/08/30 17:31:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2011/08/30 17:17:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2011/08/30 17:17:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome

[2011/08/30 17:07:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2011/08/30 15:55:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/08/30 15:55:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/08/30 15:55:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/08/29 13:10:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2011/08/29 13:10:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2011/08/29 13:10:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2011/08/29 13:10:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2011/08/29 13:10:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2011/08/29 13:09:59 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011/08/29 13:09:02 | 004,190,333 | R--- | C] (Swearware) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe

[2011/08/29 12:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

[2011/08/25 22:36:20 | 000,000,000 | ---D | C] -- C:\ZHP

[2011/08/24 10:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/08/15 15:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\JRE

[2008/09/23 13:20:38 | 000,486,912 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SPC530.sys

[2008/09/23 13:20:38 | 000,007,680 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SPC530m.sys

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/08/31 11:44:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5031A966-9768-4D5A-971D-D5A905446C79}.job

[2011/08/31 11:40:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/08/31 11:33:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe

[2011/08/31 10:53:24 | 000,002,623 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Microsoft Office Outlook 2007.lnk

[2011/08/31 10:50:01 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/08/31 10:43:00 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat

[2011/08/31 10:37:18 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{916F5C74-7BBD-498F-9D18-87B22B1BF578}.job

[2011/08/31 10:35:24 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/08/31 10:33:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/08/31 10:33:51 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys

[2011/08/31 02:59:22 | 004,190,333 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe

[2011/08/30 19:05:57 | 014,100,808 | ---- | M] (Mozilla) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Firefox Setup 6.0.exe

[2011/08/30 18:24:58 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/08/30 18:24:13 | 000,353,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/08/30 17:24:01 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2011/08/30 01:08:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2011/08/29 23:00:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/08/29 18:00:03 | 000,879,028 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\SecurityCheck.exe

[2011/08/29 13:51:26 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2011/08/29 12:59:50 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

[2011/08/29 12:59:50 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

[2011/08/29 12:59:50 | 000,000,669 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

[2011/08/29 12:39:31 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\Microsoft Office Word 2007.lnk

[2011/08/27 11:56:56 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/08/25 23:12:47 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage\Outil de détection de support de Cyber-shot Viewer.lnk

[2011/08/24 10:06:34 | 002,546,898 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ZHPDiag2.zip

[2011/08/22 00:43:59 | 160,419,840 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

[2011/08/19 10:26:16 | 000,613,539 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\DSC00189 p.JPG

[2011/08/19 10:18:41 | 000,134,656 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/08/16 17:26:31 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2011/08/16 10:23:18 | 000,437,171 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110819-082203.backup

[2011/08/16 09:51:50 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/08/31 11:40:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/08/29 18:00:01 | 000,879,028 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\SecurityCheck.exe

[2011/08/29 13:10:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011/08/29 13:10:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011/08/29 13:10:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011/08/29 13:10:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011/08/29 13:10:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011/08/29 12:59:50 | 000,000,681 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

[2011/08/29 12:59:50 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

[2011/08/29 12:59:50 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

[2011/08/25 22:44:31 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/08/24 10:06:34 | 002,546,898 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\ZHPDiag2.zip

[2011/08/19 10:23:48 | 000,613,539 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\DSC00189 p.JPG

[2011/08/14 07:51:44 | 1005,113,344 | -HS- | C] () -- C:\hiberfil.sys

[2011/04/20 15:08:39 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll

[2010/08/22 10:54:49 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat

[2009/12/22 01:30:34 | 000,501,760 | ---- | C] () -- C:\WINDOWS\System32\Deutz Engine.exe

[2009/06/10 15:30:58 | 000,067,208 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2008/10/21 23:22:59 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\satsukidecodersettings.ini

[2008/05/29 19:31:15 | 000,000,015 | ---- | C] () -- C:\WINDOWS\sudoku2.ini

[2008/02/16 11:21:11 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe

[2008/02/16 11:21:11 | 000,003,471 | ---- | C] () -- C:\WINDOWS\unins000.dat

[2008/02/13 12:59:04 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2008/01/09 16:01:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe

[2008/01/09 16:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

[2007/12/15 15:58:32 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll

[2007/12/12 02:07:56 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat

[2007/12/06 00:41:37 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config

[2007/12/04 14:04:00 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2007/12/02 21:46:22 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2007/12/02 01:55:26 | 000,013,126 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2007/12/02 01:49:46 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini

[2007/12/01 20:27:15 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\fusioncache.dat

[2007/08/17 18:38:59 | 000,000,024 | ---- | C] () -- C:\WINDOWS\sudoku.ini

[2007/08/15 17:43:39 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI

[2007/04/13 15:19:52 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe

[2006/11/10 14:39:47 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2006/10/02 14:44:00 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2006/09/18 18:50:42 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006/09/06 16:24:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI

[2006/08/20 12:41:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini

[2006/08/20 00:36:03 | 000,002,942 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2006/08/18 09:10:31 | 000,000,181 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2006/08/11 20:47:41 | 000,000,575 | ---- | C] () -- C:\WINDOWS\BEL2K.INI

[2006/08/07 21:32:52 | 000,000,314 | ---- | C] () -- C:\WINDOWS\FurtherTime.ini

[2006/08/07 20:16:53 | 000,000,142 | ---- | C] () -- C:\WINDOWS\funcrd.ini

[2006/08/07 20:16:01 | 000,000,047 | ---- | C] () -- C:\WINDOWS\Progs_.ini

[2006/08/07 20:13:57 | 000,000,019 | ---- | C] () -- C:\WINDOWS\KNP.INI

[2006/08/07 19:58:00 | 000,044,546 | ---- | C] () -- C:\WINDOWS\Sbuninst.exe

[2006/08/07 19:45:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\bombgolf.ini

[2006/08/07 19:22:44 | 000,007,359 | ---- | C] () -- C:\WINDOWS\ENGINEEXT.INI

[2006/08/06 20:09:55 | 000,134,656 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/08/06 18:53:43 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2006/08/04 14:40:25 | 000,000,400 | ---- | C] () -- C:\WINDOWS\RPCD.ini

[2006/08/04 11:37:09 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Compaq_Propriétaire.ini

[2006/08/04 10:38:03 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2006/08/03 20:25:00 | 000,012,954 | ---- | C] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat

[2006/04/25 01:25:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006/04/25 01:06:48 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys

[2006/04/25 01:02:59 | 000,013,065 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS

[2006/04/25 01:02:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll

[2006/04/25 00:57:28 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll

[2006/04/25 00:55:12 | 000,000,158 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2006/04/25 00:49:26 | 000,088,027 | ---- | C] () -- C:\WINDOWS\hpqins69.dat

[2006/04/25 00:48:28 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2006/04/25 00:45:20 | 000,125,796 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2006/04/25 00:32:07 | 000,000,880 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2006/04/25 00:28:47 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll

[2006/04/25 00:28:47 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll

[2006/04/25 00:28:25 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll

[2005/12/09 23:03:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2005/12/09 16:37:42 | 002,400,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvmvdrv.sys

[2005/12/09 16:37:42 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvprcmon.sys

[2005/12/09 16:35:54 | 002,174,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvckap.sys

[2004/11/23 16:29:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2004/11/23 16:26:54 | 000,514,962 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2004/11/23 16:26:54 | 000,445,684 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004/11/23 16:26:54 | 000,086,622 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2004/11/23 16:26:54 | 000,072,890 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/11/23 16:25:00 | 000,353,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2004/11/23 16:21:24 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/11/23 16:19:12 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2004/08/05 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/08/05 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2004/08/05 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/08/05 06:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2004/08/05 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/08/05 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/08/05 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/08/05 06:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2004/08/05 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/08/05 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2004/07/26 23:17:16 | 000,000,659 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2001/08/24 00:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2001/08/24 00:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll

[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2004/11/23 16:21:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2007/12/01 20:25:29 | 000,000,218 | RHS- | M] () -- C:\BOOT.BAK

[2007/12/01 20:32:23 | 000,000,298 | RHS- | M] () -- C:\boot.ini

[2004/08/04 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2004/08/04 23:00:00 | 000,263,488 | RHS- | M] () -- C:\cmldr

[2011/08/30 11:34:02 | 000,016,135 | ---- | M] () -- C:\ComboFix.txt

[2004/11/23 16:21:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2010/04/14 10:10:46 | 000,000,372 | ---- | M] () -- C:\content_update_notification.xml

[2006/08/09 17:05:52 | 000,015,029 | ---- | M] () -- C:\debug8.txt

[2006/09/27 20:57:34 | 000,099,064 | ---- | M] () -- C:\EasyShare.dmp

[2011/08/31 10:33:51 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys

[2004/11/23 16:21:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2006/08/04 10:38:56 | 000,000,632 | -H-- | M] () -- C:\IPH.PH

[2011/03/31 17:07:48 | 000,000,127 | ---- | M] () -- C:\mbam-error.txt

[2004/11/23 16:21:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/04 23:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2011/08/30 17:24:01 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2011/08/31 10:33:49 | 1509,949,440 | -HS- | M] () -- C:\pagefile.sys

[2011/08/27 11:56:56 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/08/31 11:40:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2008/05/21 14:38:16 | 000,005,704 | ---- | M] () -- C:\rapport.txt

[2006/08/04 14:42:24 | 000,000,217 | ---- | M] () -- C:\rpcddx.txt

[2008/08/26 13:28:42 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm

[2008/08/26 13:29:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm

[2007/06/21 07:01:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm

[2007/06/21 22:27:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm

[2007/07/22 06:46:00 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm

[2007/08/21 17:05:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm

[2007/09/05 10:21:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm

[2007/12/01 22:26:53 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm

[2008/02/12 08:55:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm

[2008/02/27 09:14:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm

[2008/03/12 14:30:21 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm

[2008/03/26 22:46:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm

[2008/05/11 01:09:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm

[2008/08/06 00:33:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm

[2008/08/06 13:35:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm

[2008/08/06 18:59:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm

[2008/08/07 09:08:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm

[2008/08/08 00:28:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm

[2008/08/26 13:25:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm

[2008/08/26 13:25:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm

[2008/08/26 13:28:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2008/08/26 13:29:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2007/06/21 07:01:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm

[2007/06/21 22:27:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm

[2007/07/22 06:46:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm

[2007/08/21 17:05:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm

[2007/09/05 10:21:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm

[2007/12/01 22:26:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm

[2008/02/12 08:55:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm

[2008/02/27 09:14:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm

[2008/03/12 14:30:21 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm

[2008/03/26 22:46:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm

[2008/05/11 01:09:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm

[2008/08/06 00:33:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm

[2008/08/06 13:35:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm

[2008/08/06 18:59:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm

[2008/08/07 09:08:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm

[2008/08/08 00:28:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm

[2008/08/26 13:25:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm

[2008/08/26 13:25:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2004/11/23 17:11:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2004/11/23 17:11:52 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

 

< %systemroot%\system32\drivers\*.sys /90 >

[2011/07/04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys

[2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys

[2011/07/04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys

[2011/07/04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys

[2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys

[2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys

[2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys

[2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys

[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys

[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-16 15:32:13

 

< End of report >

 

 

Et la suite.../...

Bernytou Member

Bernytou

Posté(e)
  • Auteur
Posté(e)

.../...

 

RAPPORT Extras.txt

 

OTL Extras logfile created on: 31/08/2011 11:34:59 - Run 1

OTL by OldTimer - Version 3.2.26.7 Folder = C:\Documents and Settings\Compaq_Propriétaire\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

958,48 Mb Total Physical Memory | 376,57 Mb Available Physical Memory | 39,29% Memory free

2,26 Gb Paging File | 1,67 Gb Available in Paging File | 73,93% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 274,12 Gb Total Space | 183,34 Gb Free Space | 66,88% Space Free | Partition Type: NTFS

Drive D: | 5,32 Gb Total Space | 0,51 Gb Free Space | 9,60% Space Free | Partition Type: FAT32

 

Computer Name: NOM-EB85C523610 | User Name: Compaq_Propriétaire | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AAW2007] -- C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe /scanfolder "%1" (Lavasoft AB)

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe" = C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema -- (CyberLink Corp.)

"C:\Program Files\CyberLink\PowerCinema\PCMService.exe" = C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program -- (CyberLink Corp.)

"C:\kav\kav7.0\french\setup.exe" = C:\kav\kav7.0\french\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0 -- (Kaspersky Lab)

"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)

"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)

"C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" = C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe:*:Enabled:Philips Intelligent Agent -- (Philips Consumer Electronics)

"C:\Program Files\ITN Converter\ITNConv.exe" = C:\Program Files\ITN Converter\ITNConv.exe:*:Enabled:Itinerary Converter & Planner -- (Benichou Software)

"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{06012FA4-5EFF-4756-AF55-005C3A2463D7}_is1" = 3nity Media Player 2.1.0.8

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Panneau de contrôle ATI

"{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)

"{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar)

"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1

"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Amélioration de nos services

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2

"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations

"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 27

"{27EF2C1C-A7D2-4E31-8F90-8F29E423B169}_is1" = InazuLogMV 0.87

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder

"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel

"{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV

"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer

"{3D988525-4090-4A3F-A2B9-171DD2A7B462}" = LockXLS Runtime

"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap

"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm

"{427CF73D-0CC0-424F-BDA9-3FADE240902A}" = LockXLS Runtime Update 3.8.1

"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 1.0

"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer

"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig

"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1

"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder

"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{5ED9E38C-9A96-49D8-89B3-92E278003FCF}" = TRS2006

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler

"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69D598A7-A9C5-4396-8C92-39465FF2C874}" = Philips SPC530NC Webcam

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6D7F8D4B-D1A4-402A-973E-31E90940E585}" = OneCare Advisor (Windows Live Toolbar)

"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution

"{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1

"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK

"{7E0610A2-E336-40B3-B685-C4905E97EC9A}" = OpenOffice.org 3.3

"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig

"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Connexion Facile à Internet

"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007

"{90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour

"{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar

"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental

"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works

"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.4

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)

"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Edition Découverte 3.2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio

"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Français

"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy

"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call

"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3

"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C0F89603-69E7-4408-8D9C-35256481D785}" = Philips SPC530NC Webcam

"{C191BE7C-8542-4A61-973A-714EF76C5995}" = Logiciel QuickCam de Logitech

"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery

"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CFB17307-B244-4EAD-AE8E-CDAF440477C2}" = OpenMG Secure Module 4.4.00

"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility

"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari

"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007

"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8

"{EA57A1B9-0DD2-44DD-9B70-64E8DA553F6F}" = Philips VLounge

"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS

"{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes

"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner

"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone

"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices

"05B59228C7E1C21DFBE89260F879BD95880548D8" = Package de pilotes Windows - Nokia Modem (10/05/2009 4.2)

"4DF2FC2746A5836BEBDF1850FF4983FB4E9192D5" = Package de pilotes Windows - Philips USB (02/27/2008 1.00.4.6100)

"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"55D5CDE7F2833CC4A2AAF96249CE79DDFC71E592" = Package de pilotes Windows - Philips CL (phaudlwr) MEDIA (05/07/2008 1.0.5.12)

"756BFB266C8760D1D00122B70966CA693484E29B" = Package de pilotes Windows - Philips (SPC530) Image (02/27/2008 1.00.4.6100)

"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.4)

"A2F03250749AF7ECADB8B8894CA30D5E0AD9CBEF" = Package de pilotes Windows - Philips CL (phaudlwr) MEDIA (02/19/2008 1.0.2.9)

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe® Photoshop® Album Edition Découverte 3.2" = Adobe® Photoshop® Album Edition Découverte 3.2

"ATI Display Driver" = ATI Display Driver

"avast" = avast! Free Antivirus

"AVGAntiSpyware75" = AVG Anti-Spyware 7.5

"Bus Driver Simulator_is1" = Bus Driver Simulator

"Defraggler" = Defraggler

"Deutz Engine" = Deutz Engine

"ENTERPRISE" = Microsoft Office Enterprise 2007

"F83654168F2669A249A823C6255ACB1405E1E04E" = Package de pilotes Windows - Philips (SPC530) Image (05/21/2008 1.01.3.6650)

"FA64675F2B582DB559A1BE34C9F1F0208D44A7FE" = Package de pilotes Windows - Philips USB (05/21/2008 1.01.3.6650)

"Guitar Pro 5_is1" = Guitar Pro 5.0

"Horaires SNCF_is1" = Programme Horaires V4.85, HIVER PH-150910, ETE VE-070910

"HP Imaging Device Functions" = HP Imaging Device Functions 6.0

"HP Photo & Imaging" = HP Photosmart Premier Software 6.0

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"Inca Ball ScreenSaver" = Inca Ball Cave ScreenSaver

"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Amélioration de nos services

"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Connexion Facile à Internet

"InstallShield_{CFB17307-B244-4EAD-AE8E-CDAF440477C2}" = OpenMG Secure Module 4.4.00

"ITN Converter_is1" = ITN Converter 1.78

"Kaspersky Online Scanner" = Kaspersky Online Scanner

"Kaspersky On-line Scanner" = Kaspersky On-line Scanner

"LiveUpdate" = LiveUpdate 2.7 (Symantec Corporation)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800

"Messenger Plus!" = Messenger Plus! 5

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MSNINST" = MSN

"NeroMultiInstaller!UninstallKey" = Nero Suite

"Neuf_TV_PC" = TV sur PC

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Nokia PC Suite" = Nokia PC Suite

"OpenMG HotFix4.4-05-12-06-01" = OpenMG Limited Patch 4.4-06-13-19-01

"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows

"Philips Intelligent Agent_is1" = Philips Intelligent Agent

"PS2" = PS2

"Python 2.2.3" = Python 2.2.3

"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)

"QcDrv" = Programme de gestion Camera de Logitech®

"RealPlayer 6.0" = RealPlayer

"Satsuki Decoder Pack" = Satsuki Decoder Pack

"SFR_Kit" = SFR - Kit de connexion

"SopCast" = SopCast 3.0.3

"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20

"TerraExplorer" = TerraExplorer

"TomTom HOME" = TomTom HOME 2.8.2.2264

"VLC media player" = VLC media player 1.1.10

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WIC" = Windows Imaging Component

"Winamp" = Winamp

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wondershare Photo Recovery_is1" = Wondershare Photo Recovery(build 2.1.0)

"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5

"Yahoo! Companion" = Yahoo! Toolbar

"ZHPDiag_is1" = ZHPDiag 1.28

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 21/01/2008 13:34:05 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 07/04/2008 09:01:08 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 22/04/2008 05:56:53 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 22/04/2008 05:56:57 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 22/04/2008 06:01:45 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 22/04/2008 06:02:59 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 22/04/2008 06:50:25 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 05/11/2009 18:15:35 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 05/11/2009 18:36:11 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

Error - 05/11/2009 18:42:03 | Computer Name = NOM-EB85C523610 | Source = avast! | ID = 33554522

Description =

 

[ Application Events ]

Error - 19/08/2011 02:40:28 | Computer Name = NOM-EB85C523610 | Source = Application Hang | ID = 1002

Description = Application bloquée SpybotSD.exe, version 1.6.2.46, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 19/08/2011 02:40:46 | Computer Name = NOM-EB85C523610 | Source = Application Hang | ID = 1001

Description = Détecteur d'erreurs 1116954496.

 

Error - 21/08/2011 18:29:10 | Computer Name = NOM-EB85C523610 | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 22/08/2011 03:57:10 | Computer Name = NOM-EB85C523610 | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 22/08/2011 12:13:33 | Computer Name = NOM-EB85C523610 | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 22/08/2011 18:50:04 | Computer Name = NOM-EB85C523610 | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 24/08/2011 04:43:31 | Computer Name = NOM-EB85C523610 | Source = Userenv | ID = 1512

Description = Windows ne peut pas décharger votre fichier Registre. La mémoire utilisée

par le Registre n'a pas été libérée. Cela est souvent dû à des services qui s'exécutent

sous un compte d'utilisateur ; essayez de configurer les services pour qu'ils s'exécutent

sous le compte LocalService ou NetworkService. Si ce problème persiste, contactez

votre administrateur. DÉTAIL - Ressources système insuffisantes pour terminer le

service demandé.

 

Error - 25/08/2011 18:57:13 | Computer Name = NOM-EB85C523610 | Source = Application Error | ID = 1000

Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module

défaillant sdhelper.dll, version 1.6.2.14, adresse de défaillance 0x000051a0.

 

Error - 26/08/2011 19:57:54 | Computer Name = NOM-EB85C523610 | Source = Application Error | ID = 1000

Description = Application défaillante kbd.exe, version 1.0.2.2, module défaillant

ntdll.dll, version 5.1.2600.3520, adresse de défaillance 0x00018af2.

 

Error - 29/08/2011 06:55:55 | Computer Name = NOM-EB85C523610 | Source = Application Error | ID = 1000

Description = Application défaillante kbd.exe, version 1.0.2.2, module défaillant

ntdll.dll, version 5.1.2600.3520, adresse de défaillance 0x00018af2.

 

[ OSession Events ]

Error - 06/05/2009 15:25:04 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 06/05/2009 15:25:08 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 06/05/2009 15:25:12 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 18/07/2009 20:45:22 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 270

seconds with 180 seconds of active time. This session ended with a crash.

 

Error - 19/11/2009 14:55:44 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2832

seconds with 300 seconds of active time. This session ended with a crash.

 

Error - 21/05/2010 04:50:27 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 948

seconds with 120 seconds of active time. This session ended with a crash.

 

Error - 25/09/2010 05:11:07 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 25/09/2010 05:11:27 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 16/01/2011 10:41:45 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 520

seconds with 240 seconds of active time. This session ended with a crash.

 

Error - 12/06/2011 18:10:59 | Computer Name = NOM-EB85C523610 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 9946

seconds with 480 seconds of active time. This session ended with a crash.

 

[ System Events ]

Error - 30/08/2011 10:04:19 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7009

Description = Délai (30000 millisecondes) d'attente pour une connexion du service

Google Update Service (gupdate1c9f8cf1ef85b22).

 

Error - 30/08/2011 10:04:19 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate1c9f8cf1ef85b22) n'a pas

pu démarrer en raison de l'erreur : %%1053

 

Error - 30/08/2011 10:04:19 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7000

Description = Le service Service Norton AntiVirus Auto-Protect n'a pas pu démarrer

en raison de l'erreur : %%3

 

Error - 30/08/2011 12:26:33 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7009

Description = Délai (30000 millisecondes) d'attente pour une connexion du service

Google Update Service (gupdate1c9f8cf1ef85b22).

 

Error - 30/08/2011 12:26:33 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate1c9f8cf1ef85b22) n'a pas

pu démarrer en raison de l'erreur : %%1053

 

Error - 30/08/2011 12:26:33 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7000

Description = Le service Service Norton AntiVirus Auto-Protect n'a pas pu démarrer

en raison de l'erreur : %%3

 

Error - 30/08/2011 20:57:19 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7034

Description = Le service Logitech Process Monitor s'est terminé de façon inattendue

pour la 1ème fois.

 

Error - 31/08/2011 04:34:46 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7009

Description = Délai (30000 millisecondes) d'attente pour une connexion du service

Google Update Service (gupdate1c9f8cf1ef85b22).

 

Error - 31/08/2011 04:34:46 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7000

Description = Le service Google Update Service (gupdate1c9f8cf1ef85b22) n'a pas

pu démarrer en raison de l'erreur : %%1053

 

Error - 31/08/2011 04:34:46 | Computer Name = NOM-EB85C523610 | Source = Service Control Manager | ID = 7000

Description = Le service Service Norton AntiVirus Auto-Protect n'a pas pu démarrer

en raison de l'erreur : %%3

 

 

< End of report >

 

 

Ca en fait des lignes a lire, lol.

 

Merci

 

Berny

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

.../...

Ca en fait des lignes a lire, lol.

Et l'intérêt de la chose est quand tu mets le doigt sur le seul grain de sable qui bloque le reste :)

--

 

Bonjour,

 

>>> Correction OTL: Fermer toutes les applications et fenêtres en cours et désactiver les programmes de protection (antivirus etc...).

 

Lancer OTL et copier/ coller la liste suivante (commençant par :OTL) dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très importants, merci de vérifier).

 

:OTL

SRV - File not found [Auto | Stopped] -- -- (navapsvc)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Server Error

IE - HKCU\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"

FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="

FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"

FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com"

FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q="

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"

FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Live Search"

FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://redirecterror.sfr.fr/?q="

FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ_PROPRIéTAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\91OVQXEL.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}

O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.

O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll (Conduit Ltd.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll (Conduit Ltd.)

O4 - HKLM..\Run: [!AVG Anti-Spyware] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (GRISOFT s.r.o.)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)

O4 - HKLM..\Run: [sunJavaUpdateSched] File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

 

:Services

 

:Reg

 

:Files

ipconfig /flushdns /c

C:\*.sqm

C:\WINDOWS\System32\*.tmp

C:\WINDOWS\*.tmp

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\ConduitEngine

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France

c:\program files\Messenger_Plus_Live_France

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM34.zip

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM58.zip

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDelfwsg1.zip

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26094

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.52051

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.56685

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.74214

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP684\A0162348.exe

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\17\2f7fa3d1-4ad235b9

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\2\78b6da42-6148ed69

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\28\12eb175c-63a8f9ad

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\35\362cfe3-1cba5a85

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\36\1ac8b764-106d0725

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\42\2a06cd6a-40d03407

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur "Oui".

A la fin un rapport s'ouvre dans le bloc-note. Copier et le coller son contenu dans une nouvelle réponse. Fermer le rapport et OTL.

 

>>> Programmes de protection:

 

  • Tes rapports montrent que tu as 3 antispyware:
    - (Spybot - Search & Destroy
    - Lavasoft-Ad-Aware 2007 <= largement dépassé
    - AVG Anti-Spyware 7.5 <= non seulement dépassé mais n'existe plus
     
    Je te suggère donc de désinstaller d'office AVG depuis "Ajout/ suppression des programmes" et de garder un seul parmi les deux autres en le mettant à jour.
     
    Pour les analyses occasionnelles, tu peux utiliser Malware Bytes Anti-Malware.
     
  • Un pare-feu est le 1er rempart contre les intrusions et ton système ne semble pas en avoir un installé. D'autrepart celui qui est inclus dans Windows XP ne contrôle pas le flux sortant d'Internet d'où l'utilité d'en installer un autre.
    Choisir un parmi ceux-ci ( tous gratuits): Online Armor Firewall, Outpost Firewall FREE.

 

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC.

Les versions des programmes suivants ne sont pas à jour. Suivre les indications pour chacun pour corriger le problème.

  • Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (le tien est un 32bits): Téléchargements Java pour tous les systèmes d'exploitation.
     
    java.png


     
    Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
    Cliquer sur "Démarrer" => "Panneau de configuration" => "Ajout/ Suppression de Programmes".
    Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône java01.jpg.
    Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
    Quand il n'y en a plus, fermer tout et installer la nouvelle version en cliquant sur le fichier que vous avez téléchargé.
     

  • Firefox: Lancer FF et cliquer sur le ? puis sur "Rechercher des mises à jour...". Suivre les indications. Ou le télécharger depuis ici.

 

 

Rapports demandés:

  • OTL.txt

Pas eu de soucis avec ces MAJ?.

Bernytou Member

Bernytou

Posté(e)
  • Auteur
Posté(e)

Bonjour

 

Bien, par où je commence ?

 

Ca dois pas etre facile de trouver le grain, mais ca doit etre un sacré défi a chercher ( interressant, je sais pas ? ). :super:

 

Donc :

 

- supprimé Ad aware et Avg.

 

- Java est a jour.

 

- Armor est téléchargé.

 

- pour info, les MAJ windows sont aux nombres de 120 ( a peu pres ) depuis hier .... :chpas:

 

- Et enfin le rapport Olt :

 

All processes killed

========== OTL ==========

Service navapsvc stopped successfully!

Service navapsvc deleted successfully!

Service AppMgmt stopped successfully!

Service AppMgmt deleted successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.

C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll moved successfully.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

Prefs.js: "SweetIM Search" removed from browser.search.defaultenginename

Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from browser.search.defaulturl

Prefs.js: "SweetIM Search" removed from browser.search.selectedEngine

Prefs.js: "http://home.sweetim.com" removed from browser.startup.homepage

Prefs.js: "http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q=" removed from keyword.URL

Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.browser.search.defaultenginename

Prefs.js: "Live Search" removed from sweetim.toolbar.previous.browser.search.selectedEngine

Prefs.js: "http://fr.msn.com/" removed from browser.startup.homepage

Prefs.js: "http://redirecterror.sfr.fr/?q=" removed from sweetim.toolbar.previous.keyword.URL

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\FireFox\Profiles\91ovqxel.default\user.js moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.

File C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.

File C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{59994074-C06D-4A75-9768-49E5A8C21264} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-C06D-4A75-9768-49E5A8C21264}\ not found.

File C:\Program Files\Messenger_Plus_Live_France\tbMes2.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\!AVG Anti-Spyware deleted successfully.

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.

C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Photo Downloader deleted successfully.

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PlusService deleted successfully.

C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de résolution DNS vidé.

C:\Documents and Settings\Compaq_Propriétaire\Bureau\cmd.bat deleted successfully.

C:\Documents and Settings\Compaq_Propriétaire\Bureau\cmd.txt deleted successfully.

C:\sqmdata00.sqm moved successfully.

C:\sqmdata01.sqm moved successfully.

C:\sqmdata02.sqm moved successfully.

C:\sqmdata03.sqm moved successfully.

C:\sqmdata04.sqm moved successfully.

C:\sqmdata05.sqm moved successfully.

C:\sqmdata06.sqm moved successfully.

C:\sqmdata07.sqm moved successfully.

C:\sqmdata08.sqm moved successfully.

C:\sqmdata09.sqm moved successfully.

C:\sqmdata10.sqm moved successfully.

C:\sqmdata11.sqm moved successfully.

C:\sqmdata12.sqm moved successfully.

C:\sqmdata13.sqm moved successfully.

C:\sqmdata14.sqm moved successfully.

C:\sqmdata15.sqm moved successfully.

C:\sqmdata16.sqm moved successfully.

C:\sqmdata17.sqm moved successfully.

C:\sqmdata18.sqm moved successfully.

C:\sqmdata19.sqm moved successfully.

C:\sqmnoopt00.sqm moved successfully.

C:\sqmnoopt01.sqm moved successfully.

C:\sqmnoopt02.sqm moved successfully.

C:\sqmnoopt03.sqm moved successfully.

C:\sqmnoopt04.sqm moved successfully.

C:\sqmnoopt05.sqm moved successfully.

C:\sqmnoopt06.sqm moved successfully.

C:\sqmnoopt07.sqm moved successfully.

C:\sqmnoopt08.sqm moved successfully.

C:\sqmnoopt09.sqm moved successfully.

C:\sqmnoopt10.sqm moved successfully.

C:\sqmnoopt11.sqm moved successfully.

C:\sqmnoopt12.sqm moved successfully.

C:\sqmnoopt13.sqm moved successfully.

C:\sqmnoopt14.sqm moved successfully.

C:\sqmnoopt15.sqm moved successfully.

C:\sqmnoopt16.sqm moved successfully.

C:\sqmnoopt17.sqm moved successfully.

C:\sqmnoopt18.sqm moved successfully.

C:\sqmnoopt19.sqm moved successfully.

C:\WINDOWS\System32\ConduitEngine.tmp moved successfully.

C:\WINDOWS\System32\CONFIG.TMP moved successfully.

C:\WINDOWS\System32\SET92.tmp moved successfully.

C:\WINDOWS\System32\SET94.tmp moved successfully.

C:\WINDOWS\System32\SETA0.tmp moved successfully.

C:\WINDOWS\002969_.tmp moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\ConduitEngine\Logs folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\ConduitEngine folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\UserDefinedItems folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\SearchInNewTab folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\Repository\conduit_CT2567681_fr-fr\ToolbarTranslation folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\Repository\conduit_CT2567681_fr-fr folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\Repository\conduit_CT2567681_CT2567681\ToolbarSettings folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\Repository\conduit_CT2567681_CT2567681\ToolbarLogin folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\Repository\conduit_CT2567681_CT2567681\AppsMetaData folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\Repository\conduit_CT2567681_CT2567681 folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\Repository folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\RadioPlayer\Skins folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\RadioPlayer folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0 folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B} folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\plugins folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\Logs folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\ExternalComponent folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\EmailNotifier folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France\CacheIcons folder moved successfully.

c:\documents and settings\Invité.NOM-EB85C523610\Local Settings\Application Data\Messenger_Plus_Live_France folder moved successfully.

c:\program files\Messenger_Plus_Live_France folder moved successfully.

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM34.zip moved successfully.

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM58.zip moved successfully.

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDelfwsg1.zip moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26094 moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.52051 moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.56685 moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.74214 moved successfully.

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP684\A0162348.exe moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\17\2f7fa3d1-4ad235b9 moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\2\78b6da42-6148ed69 moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\28\12eb175c-63a8f9ad moved successfully.

File\Folder C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\35\362cfe3-1cba5a85 not found.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\36\1ac8b764-106d0725 moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\42\2a06cd6a-40d03407 moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrateur

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Administrateur.NOM-EB85C523610

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: All Users

 

User: Compaq_Propriétaire

->Temp folder emptied: 11512592 bytes

->Temporary Internet Files folder emptied: 251958003 bytes

->Java cache emptied: 22822489 bytes

->FireFox cache emptied: 76198921 bytes

->Google Chrome cache emptied: 422873582 bytes

->Apple Safari cache emptied: 14336 bytes

->Flash cache emptied: 2165474 bytes

 

User: Compaq_Propri�taire

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32969 bytes

->Flash cache emptied: 41 bytes

 

User: Invité

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 78991 bytes

->FireFox cache emptied: 7122779 bytes

 

User: Invité.NOM-EB85C523610

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 5616786 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 456 bytes

 

User: LocalService

->Temp folder emptied: 65748 bytes

->Temporary Internet Files folder emptied: 49286 bytes

 

User: MesCadrans

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 114822 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 3766240 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 39686644 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 908064 bytes

 

Total Files Cleaned = 806,00 mb

 

 

[EMPTYFLASH]

 

User: Administrateur

 

User: Administrateur.NOM-EB85C523610

 

User: All Users

 

User: Compaq_Propriétaire

->Flash cache emptied: 0 bytes

 

User: Compaq_Propri�taire

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Invité

 

User: Invité.NOM-EB85C523610

->Flash cache emptied: 0 bytes

 

User: LocalService

 

User: MesCadrans

 

User: NetworkService

 

Total Flash Files Cleaned = 0,00 mb

 

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.26.7 log created on 08312011_173703

 

Files\Folders moved on Reboot...

C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UIJMOOW\api[3].htm moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UIJMOOW\api[4].htm moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UIJMOOW\background-banner-middle-v45[1].jpg moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UIJMOOW\list-item-plus[1].png moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4583978E\background-banner-right-v45[1].jpg moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4583978E\background_banner_green_50_v45[1].jpg moved successfully.

C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4583978E\background_button_green_full[1].png moved successfully.

 

Registry entries deleted on Reboot...

 

 

Ca fait du nombre quand même.

 

Merci Lance

 

Berny

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Tout bon! :super:

 

Certains points de ce qui suit ont été traités et d'autres peuvent ne pas s'appliquer à ton système, il faut juste les ignorer),

 

>>> Supprimer les utilitaires:

- Lancer OTL et cliquer sur Purge outils. Laisser faire et redémarrer le PC quand c'est demandé.

- Pour supprimer les autres utilitaires et leur rapports (sur le Bureau et/ou à la racine de la partition système), cliquer-droit dessus => "Supprimer".

 

 

>>> Ré-initialiser les Points de Restauration parce qu'elles peuvent contenir des traces d'infection:

Cliquer-droit sur "Poste de travail" => "Propriétés" => "Restauration Système". Cocher la case "désactiver..." et cliquer sur "appliquer".

Quand c'est prêt, décocher cette même case => "OK" et redémarrer le PC. Un nouveau point de restauration sera créé automatiquement.

 

 

>>> Protéger/ Sécuriser: UN SEUL antivirus + UN SEUL pare-feu + UN SEUL antispyware.

  • Y a-t-il un Pare-feu dans la machine? Un pare-feu est le 1er rempart contre les intrusions.
    - Ceux de Vista et Windows 7 peuvent suffire. Ils sont là et autant s'en servir au moins par gain de place et de ressources. Juste contrôler et activer si nécessaire depuis le "Centre de sécurité".
    - Celui inclus dans Windows XP ne contrôle pas le flux sortant d'Internet d'où l'importance d'en installer un autre.
    Vérifier et choisir, si nécessaire, un parmi ceux-ci (gratuits): Online Armor Firewall, , Outpost Firewall FREE.
  • Contrôler et configurer les mises à jour Windows: Cliquer sur "Démarrer" => "Tous les programmes" => "Windows update" et installer toutes les Mises à jour critiques après avoir accepté l'installation de l'ActiveX (si proposé).
    - Windows XP: Cliquer sur "Démarrer" => "Panneau de configuration" => "Mises à jour automatiques" et choisir "Installation automatique (recommandé)". Préférer "tous les jours" à une heur où le PC est allumé.
    - Windows Vista/W7: Cliquer sur "Démarrer" => "Tous les programmes" => "Windows Update". Cliquer sur "Modifier les paramètres" => "Installer les mises à jour automatiquement (recommandé)". Préférer "tous les jours" à une heure où le PC est allumé.
  • Installer PSI de Secunia pour surveiller les MAJ logiciels.
  • Utiliser Mes drivers pour les MAJ des pilotes (cliquer sur Lancer la détection
  • Sauvegarder le Registre avec Erunt.
    Pour des raisons évidentes, garder les copies de sauvegarde sur un support autre que le disque système.
  • Immunisez votre machine avec Spyware Blaster, compatible avec Toutes les versions de Windows 32bit et 64bit et peut s'installer en même temps qu'autre antispyware. Tuto.
  • Vaccinez votre machine et vos médias amovibles (clés USB...) avec MKV contre les "vers" (Autorun worms). Juste brancher tous les médias amovibles, lancer le programme et cliquer sur le bouton Vaccination (l'action est réversible en cliquant sur "Supprimer la vaccination".
  • Opter pour Firefox ou Opera pour la navigation de tous les jours et réserver Internet Explorer pour les Mises à jour et les cas bien spécifiques.
  • Nettoyer (CCleaner) et dé-fragmenter (Defraggler), régulièrement, les Partitions/ Disques.

 

>>> ÉVITER ABSOLUMENT:

  • Crack et Cie:
    - Un peu de lecture pour mieux comprendre tout ce qui tourne autour de ces programmes:
    Warez ; Crack ; keygen.
    - Il faut absolument arrêter de croire que ces programmes sont là juste pour faire plaisir ou rendre service.
    Bien au contraire ils sont devenus de vraies bombes pour les machines et les documents personnels et/ou confidentiels. Ils sont le gagne-pain de leurs développeurs et le malware qu'ils renferment devient de plus en plus vicieux et difficile à détecter.
    Il n'y a qu'à parcourir les Forums pour voir le nombre de PC victimes de ces programmes.
    - Parce qu'il existe toujours un programme/logiciel gratuit et légal pour pratiquement tout ce qu'on veut, rester à l'écart de tout ceci et désinstaller tout programme illégal déjà installé, vider les dossiers qui contiennent ce type de programmes.
     
  • Réseaux/Programmes P2P: Tout ce qui est lié aux applications type "P2P/ Torrent" devient de plus en plus dangereux pour les machines et les documents personnels et/ ou confidentiels qui y sont stockés.
    Fini le partage entre des gens honnêtes. Les pirates, aussi, veulent partager avec le maximum d'internautes et mettent à disposition leurs applications partout où ils peuvent sous de faux noms aussi attractifs que possibles.
    En plus le principe même de ce type de réseau n'est en rien bénéfique. Bien au contraire, vous autoriser tout le monde à utiliser votre bande passante et communiquer avec votre machine ce qui peut ralentir considérablement votre système et/ou peut faciliter la tâche aux intrus.
    En adhérant à ce type de réseaux, non seulement, vous ouvrez délibérément des portes à tout et n'importe quoi mais aussi, vous forcez votre pare-feu et antivirus à les tolérer (c'est compris dans la procédure d'installation quand vous configurez les ports à eMule par exemple). On s'étonne après de ce qui nous arrive ou on accuse son antivirus.
    Prendre la sage décision de désinstaller tout programme de ce type.

>>> Ajouter Résolu: Merci d'éditer ton 1er post pour ajouter [Résolu] à la fin du titre après avoir cliqué sur les boutons "Modifier" => "Utiliser l'éditeur complet".

 

Bonne chance!

Bernytou Member

Bernytou

Posté(e)
  • Auteur
Posté(e)

Re

 

Juste une chose avant de fermer.

 

J'ai eu un nouveau message d'erreur écran bleu, avec le texte suivant : LVPr C mon.sys.

 

Donc j'ai rouvert en mode sans echec et supprimé le dernier programme qui est : cnet_OnlineArmorSetup_exe.

 

Me serais-je trompé de support a télécharger pour le pare-feu ?

 

Merci Lance

 

Berny

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour,

 

Si c'est plutôt "LVPrCmon.sys", il s'agirait d'un fichier appartenant à Logitech, probablement pour une caméra ou tout autre appareillage de cette marque. Désinstalle le programme du même nom et réinstalle-le (selon que tu as toujours ou pas le matériel).

 

Concernant "cnet_OnlineArmorSetup_exe", je ne sais pas du tout ce que fait CNET avec le pare-feu Armor. J'ai vérifié le lien que je t'ai donné et je n'ai trouvé aucun problème.

le fait de supprimer le fichier t'a apporté quelque chose?

Bernytou Member

Bernytou

Posté(e)
  • Auteur
Posté(e)

Bonjour

 

Oui, en supprimant, je n'ai plus de page de sécurité.

 

Un grand Merci Lance, je vois ca demain ( me sauve là ), vais rééssayer, supprimer aussi logitech, et si ca va, pour clore le sujet.

 

Berny

Bernytou Member

Bernytou

Posté(e)
  • Auteur
Posté(e)

Bonjour

 

Donc, j'ai mis le deuxieme ( outpost security ), viré Logotech ( je ne m'en servai plus ) et tout fonctionne normalement.

 

Un grand merci Lance et à tous sur Zebulon.

 

:super:

 

Berny

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...