Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Désinfecter hkey_local_machine_sam

filasconi

Par filasconi
dans Analyses et éradication malwares

 Partager

Messages recommandés

filasconi Power Member

filasconi

Posté(e)
Posté(e)

bonjour, depuis quelque semaines mon ordi ram et ma connection internet s'arrete souvent.j'ai lancé un scan avec avast mais il n'a rien trouvé pareil avec malware,j' ai donc essayé avec gmer et il m'a sorti toute une page complete en gras mais rien en rouge.puis dans registre, dans hkeylocalmachine /sam les fichiers sont en rouge pareil pour le fichier security je ne sais pas quoi faire quelqu'un peu m'aider? merci.

bernard53 Godlike Member

bernard53

Posté(e)
Posté(e)

Bonsoir

 

Déjà ne touche pas au registre s.t.p.

Fait ceci pour voir plus.

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs

hklm\software\clients\startmenuinternet|command /rs

hklm\software\clients\startmenuinternet|command /64 /rs

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 /s

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s

%temp%\smtmp\1\*.* /s

%temp%\smtmp\2\*.* /s

%temp%\smtmp\4\*.* /s

nslookup Google /c

SAVEMBR:0

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Accueil de Cjoint.com

ou.

Envoyez et partagez vos fichiers

filasconi Power Member

filasconi

Posté(e)
  • Auteur
Posté(e)

Bonjour et merci de m'aider. voici le rapport :

 

OTL logfile created on: 19/12/2012 08:39:36 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nom\Mes documents\Téléchargements

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1014,42 Mb Total Physical Memory | 456,63 Mb Available Physical Memory | 45,01% Memory free

1,65 Gb Paging File | 0,54 Gb Available in Paging File | 32,88% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 88,31 Gb Free Space | 59,25% Space Free | Partition Type: NTFS

 

Computer Name: WINDOWSXP | User Name: Nom | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\Nom\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files\Xeester\mysql\bin\mysqld-xeester.exe ()

PRC - C:\Program Files\Hercules\Hercules Optical Glass\XtrCtrlEx.exe (Guillemot Corporation S.A.)

PRC - C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

PRC - C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)

PRC - C:\WINDOWS\system32\DVAPTray.exe (Chicony Electronics Co., Ltd.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

PRC - C:\WINDOWS\UMStor\Res.exe (ali)

PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Program Files\AVAST Software\Avast\defs\12121801\algo.dll ()

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()

MOD - C:\Program Files\Xeester\mysql\bin\mysqld-xeester.exe ()

MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\Hercules\Hercules Optical Glass\highgui110.dll ()

MOD - C:\Program Files\Hercules\Hercules Optical Glass\cv110.dll ()

MOD - C:\Program Files\Hercules\Hercules Optical Glass\cxcore110.dll ()

 

 

========== Services (SafeList) ==========

 

SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe File not found

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe File not found

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (Mysql Xeester) -- C:\Program Files\Xeester\mysql\bin\mysqld-xeester.exe ()

SRV - (PCToolsFirewallPlus) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)

SRV - (ACDaemon) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (LightScribeService) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (WDICA) -- File not found

DRV - (uwldypob) -- C:\DOCUME~1\Nom\LOCALS~1\Temp\uwldypob.sys File not found

DRV - (smwdm) -- system32\drivers\smwdm.sys File not found

DRV - (PDRFRAME) -- File not found

DRV - (PDRELI) -- File not found

DRV - (PDFRAME) -- File not found

DRV - (PDCOMP) -- File not found

DRV - (PCIDump) -- File not found

DRV - (lbrtfdc) -- File not found

DRV - (i2omgmt) -- File not found

DRV - (dgderdrv) -- System32\drivers\dgderdrv.sys File not found

DRV - (Changer) -- File not found

DRV - (bdfdll) -- C:\Program Files\Softwin\BitDefender9\bdfdll.sys File not found

DRV - (aeaudio) -- system32\drivers\aeaudio.sys File not found

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)

DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)

DRV - (ssudserd) -- C:\WINDOWS\system32\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV - (FlashUSB) -- C:\WINDOWS\system32\drivers\FlashUSB.sys (Danish Wireless Design A/S)

DRV - (PCTAppEvent) -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools)

DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)

DRV - (pctplfw) -- C:\WINDOWS\system32\drivers\pctplfw.sys (PC Tools)

DRV - (PCTFW-PacketFilter) -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys (PC Tools)

DRV - (pctNdisMP) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)

DRV - (pctNdis) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)

DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD)

DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)

DRV - (ltmodem5) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys (LT)

DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)

DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)

DRV - (N100) -- C:\WINDOWS\system32\drivers\n100325.sys (Compaq Computer Corporation)

DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)

DRV - (nv4) -- C:\WINDOWS\system32\drivers\nv4.sys (NVIDIA Corporation)

DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing

IE - HKCU\..\SearchScopes\{2AC914FB-D5AE-456E-87F7-B98CF36C8949}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10398&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABW&apn_dtid=^YYYYYY^YY^FR&apn_uid=706eb559-c1db-432d-be34-734a4a579bba&apn_sauid=2E938334-6F85-4C14-94A9-EC4D5B95CFA1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - prefs.js..network.proxy.type: 4

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/19 13:19:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/17 08:02:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/17 08:02:25 | 000,000,000 | ---D | M]

 

[2011/03/10 13:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nom\Application Data\Mozilla\Extensions

[2012/12/04 20:00:34 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\Nom\Application Data\Mozilla\Firefox\Profiles\r7vhj6xc.default-1354636498832\searchplugins\google-default.xml

[2012/12/10 18:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/12/10 18:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2012/12/10 18:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2012/12/10 18:09:02 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/10 18:08:57 | 000,001,729 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2012/12/10 18:08:57 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/10 18:08:57 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2012/12/10 18:08:57 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2012/12/10 18:08:57 | 000,001,639 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2012/12/10 18:08:57 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2012/12/09 09:21:56 | 000,444,940 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 15282 more lines...

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (no name) - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} - No CLSID value found.

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.

O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.

O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [CamserviceOG] C:\Program Files\Hercules\Hercules Optical Glass\XtrCtrlEx.exe (Guillemot Corporation S.A.)

O4 - HKLM..\Run: [DVAPTray] C:\WINDOWS\system32\DVAPTray.exe (Chicony Electronics Co., Ltd.)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKLM..\Run: [POEngine] File not found

O4 - HKLM..\Run: [setRefresh] C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe ()

O4 - HKLM..\Run: [uSB Storage Toolbox] C:\WINDOWS\UMStor\Res.exe (ali)

O4 - HKCU..\Run: [DriverFinder] C:\Program Files\DriverFinder\DriverFinder.exe File not found

O4 - HKCU..\Run: [Memory Optimizer] File not found

O4 - HKCU..\Run: [POEngine5] File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = -1

O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe File not found

O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe File not found

O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160490755500 (WUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab ("Ma-Config.com control)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15861A35-D9BE-4DF5-9436-8338D99A646E}: DhcpNameServer = 192.168.210.2 192.168.210.254 192.168.110.213 192.168.110.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{289CEDFE-D08A-4263-9043-3CE1F3445528}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B2B6A41-5933-4962-80E9-274287CF1639}: DhcpNameServer = 192.168.200.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5268C52-B833-4EF2-826A-44A3DB1AC9EB}: DhcpNameServer = 192.168.200.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAF82E9D-D46F-4A58-98B2-E3BD691EE310}: DhcpNameServer = 192.168.200.254 192.168.110.213 192.168.110.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB7D6E91-BF59-49B5-AF23-5692FBB09F69}: DhcpNameServer = 192.168.210.254 192.168.110.213 192.168.110.254

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Nom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{b80f4940-167a-11e1-8129-0019db88f081}\Shell - "" = AutoRun

O33 - MountPoints2\{b80f4940-167a-11e1-8129-0019db88f081}\Shell\AutoRun\command - "" = E:\Startme.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: uploadmgr - File not found

 

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

MsConfig - StartUpReg: CamserviceOG - hkey= - key= - C:\Program Files\Hercules\Hercules Optical Glass\XtrCtrlEx.exe (Guillemot Corporation S.A.)

MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

 

SafeBootMin: 08086988.sys - Driver

SafeBootMin: 18773973.sys - Driver

SafeBootMin: 56332834.sys - Driver

SafeBootMin: 81261026.sys - Driver

SafeBootMin: 97592840.sys - Driver

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: hitmanpro36 - Reg Error: Value error.

SafeBootMin: hitmanpro36.sys - Reg Error: Value error.

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: 08086988.sys - Driver

SafeBootNet: 18773973.sys - Driver

SafeBootNet: 56332834.sys - Driver

SafeBootNet: 81261026.sys - Driver

SafeBootNet: 97592840.sys - Driver

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: hitmanpro36 - Reg Error: Value error.

SafeBootNet: hitmanpro36.sys - Reg Error: Value error.

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: UploadMgr - Service

SafeBootNet: vga.sys - Driver

SafeBootNet: vsmon - Service

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4d64f3ba-f112-4efe-a02e-96680859937c} - KB918899

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5b7bf89d-d196-4c32-a303-a57b8ab7f18d} - KB918439

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash

ActiveX: {dd772a76-bef3-44d7-8b39-502c8504c1f1} - KB925486

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/12/18 14:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro

[2012/12/18 13:36:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro

[2012/12/17 08:01:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime

[2012/12/17 08:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2012/12/12 19:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\BarrierePoker.fr

[2012/12/12 19:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\BarrierePoker.fr

[2012/12/11 20:21:18 | 016,363,960 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe

[2012/12/10 18:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012/12/10 06:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\BarrierePoker.fr - History

[2012/12/09 07:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\BarrierePoker.fr

[2012/12/08 20:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters

[2012/12/08 20:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\Fighters

[2012/12/08 20:14:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fighters

[2012/12/08 19:53:06 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012/12/08 17:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012/12/08 14:12:53 | 000,589,824 | ---- | C] (Guillemot Corporation S.A.) -- C:\WINDOWS\System32\HWLMSET2.exe

[2012/12/08 14:05:53 | 001,493,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe

[2012/12/08 13:48:36 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll

[2012/12/08 13:48:16 | 000,000,000 | ---D | C] -- C:\Intel

[2012/12/08 13:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ma-config.com

[2012/12/08 12:43:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\DriverFinder

[2012/12/08 12:28:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Mes documents\Downloads

[2012/12/08 12:28:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\PCCUStubInstaller

[2012/12/08 12:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Local Settings\Application Data\PC_Drivers_Headquarters

[2012/12/07 18:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\Malwarebytes

[2012/12/07 18:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware

[2012/12/07 18:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2012/12/07 18:43:12 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012/12/07 18:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012/12/07 11:06:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Menu Démarrer\Programmes\Xeester

[2012/12/04 09:37:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nom\Recent

[2012/11/30 19:27:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\LavasoftStatistics

[2012/11/30 19:25:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\Ad-Aware Antivirus

[2012/11/30 10:46:16 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.166b.deleteme

[2012/11/30 10:32:19 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.7f1d.deleteme

[2012/11/19 13:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus

[2012/11/19 13:20:35 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2012/11/19 13:20:35 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2012/11/19 13:20:30 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2012/11/19 13:20:30 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2012/11/19 13:20:27 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2012/11/19 13:20:23 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2012/11/19 13:20:23 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2012/11/19 13:20:02 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2012/11/19 13:19:37 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2012/11/19 13:19:36 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2012/11/19 13:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2012/11/19 13:19:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2010/06/02 04:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012/12/19 08:41:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2012/12/19 08:20:04 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/12/19 07:03:53 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/12/19 07:03:46 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012/12/18 12:52:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/12/18 12:52:28 | 1063,768,064 | -HS- | M] () -- C:\hiberfil.sys

[2012/12/17 07:42:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012/12/17 00:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

[2012/12/16 02:27:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\File Helper.job

[2012/12/14 17:32:37 | 000,095,232 | ---- | M] () -- C:\Documents and Settings\Nom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/12/12 19:20:32 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\BarrierePoker.fr.lnk

[2012/12/12 08:53:35 | 000,310,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012/12/12 08:50:48 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012/12/12 08:49:59 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012/12/12 08:49:58 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012/12/11 21:21:29 | 016,363,960 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe

[2012/12/09 09:21:56 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2012/12/09 09:16:26 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk

[2012/12/09 09:16:20 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012/12/08 19:00:44 | 000,001,441 | ---- | M] () -- C:\scu.dat

[2012/12/07 11:07:15 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\Nom\Bureau\Lancer Xeester.lnk

[2012/12/05 10:50:10 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121209-092156.backup

[2012/12/04 16:29:12 | 000,579,096 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2012/12/04 16:29:12 | 000,505,608 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012/12/04 16:29:12 | 000,106,526 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2012/12/04 16:29:12 | 000,089,454 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012/12/04 14:35:22 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121205-105010.backup

[2012/12/02 13:28:00 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121204-143522.backup

[2012/12/02 13:27:05 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121202-132800.backup

[2012/11/30 10:46:05 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.166b.deleteme

[2012/11/30 10:31:43 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.7f1d.deleteme

[2012/11/29 19:31:10 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121202-132705.backup

[2012/11/29 19:29:47 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121129-193110.backup

[2012/11/24 12:12:26 | 000,444,890 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121129-192947.backup

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012/12/19 08:41:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2012/12/12 19:20:31 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\BarrierePoker.fr.lnk

[2012/12/12 08:48:21 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2012/12/09 09:16:26 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk

[2012/12/08 19:00:43 | 000,001,441 | ---- | C] () -- C:\scu.dat

[2012/12/08 14:12:53 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\HWLMSET2PS.dll

[2012/12/08 14:05:47 | 000,025,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT

[2012/12/08 13:48:41 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5016.dll

[2012/12/07 11:07:15 | 000,001,565 | ---- | C] () -- C:\Documents and Settings\Nom\Bureau\Lancer Xeester.lnk

[2012/11/19 13:20:03 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012/11/11 21:13:50 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2012/11/06 12:09:15 | 000,239,616 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll

[2012/11/06 12:09:15 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll

[2012/11/06 12:09:15 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys

[2012/11/06 12:09:15 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini

[2012/10/30 10:22:27 | 000,292,942 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2012/09/24 10:00:40 | 003,248,128 | ---- | C] () -- C:\WINDOWS\System32\DVAPfg.exe

[2012/08/25 06:26:44 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Nom\.jmf-resource

[2011/12/13 19:35:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/11/21 16:13:40 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Nom\.recently-used.xbel

[2011/11/21 09:40:07 | 000,082,432 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_mod_fts3.dll

[2011/11/21 09:40:07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_mod_rtree.dll

[2011/11/21 09:40:07 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_mod_impexp.dll

[2011/11/21 09:40:07 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_mod_extfunc.dll

[2011/11/08 13:53:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2011/10/29 09:13:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Nom\Application Data\$_hpcst$.hpc

[2011/10/24 14:10:25 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat

[2011/10/01 20:45:15 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Nom\Local Settings\Application Data\fusioncache.dat

[2011/10/01 14:18:07 | 000,000,752 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2011/07/03 06:51:57 | 000,004,106 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf

[2011/06/07 17:24:44 | 000,000,037 | ---- | C] () -- C:\Documents and Settings\Nom\.mjsync_fr_FR

[2011/05/24 20:03:05 | 000,016,973 | ---- | C] () -- C:\Documents and Settings\Nom\Menu Démarrer.rar

[2011/05/06 17:32:29 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2011/05/06 15:48:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2011/04/07 07:23:47 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Nom\default.pls

[2011/03/11 15:17:36 | 000,146,682 | ---- | C] () -- C:\WINDOWS\hpoins44.dat

[2011/03/11 15:17:36 | 000,000,512 | ---- | C] () -- C:\WINDOWS\hpomdl44.dat

[2011/03/04 15:20:33 | 000,095,232 | ---- | C] () -- C:\Documents and Settings\Nom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/03/02 18:25:25 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2011/01/29 17:00:22 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll

[2011/01/29 17:00:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll

[2011/01/29 17:00:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll

[2011/01/29 17:00:22 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll

[2010/06/02 04:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab

[2010/06/02 04:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab

[2010/06/02 04:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab

[2010/06/02 04:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab

[2010/06/02 04:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab

[2010/06/02 04:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab

[2010/06/02 04:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab

[2010/06/02 04:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab

[2010/06/02 04:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab

[2010/06/02 04:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab

[2010/06/02 04:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab

[2010/06/02 04:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab

[2010/06/02 04:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab

[2010/06/02 04:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab

[2010/06/02 04:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab

[2010/06/02 04:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab

[2010/06/02 04:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab

[2010/06/02 04:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab

[2010/06/02 04:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab

[2010/06/02 04:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab

[2010/06/02 04:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab

[2010/06/02 04:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab

[2010/06/02 04:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab

[2010/06/02 04:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab

[2010/06/02 04:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab

[2010/06/02 04:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab

[2010/06/02 04:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab

[2010/06/02 04:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab

[2010/06/02 04:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab

[2010/06/02 04:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab

[2010/06/02 04:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab

[2010/06/02 04:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab

[2010/06/02 04:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab

[2010/06/02 04:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab

[2010/06/02 04:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab

[2010/06/02 04:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab

[2010/06/02 04:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab

[2010/06/02 04:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab

[2010/06/02 04:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab

[2010/06/02 04:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab

[2010/06/02 04:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab

[2010/06/02 04:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab

[2010/06/02 04:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab

[2010/06/02 04:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab

[2010/06/02 04:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab

[2010/06/02 04:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab

[2010/06/02 04:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x86.cab

[2010/06/02 04:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x64.cab

[2010/06/02 04:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x64.cab

[2010/06/02 04:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x86.cab

[2010/06/02 04:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab

[2010/06/02 04:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab

[2010/06/02 04:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab

[2010/06/02 04:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab

[2010/06/02 04:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab

[2010/06/02 04:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab

[2010/06/02 04:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab

[2010/06/02 04:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab

[2010/06/02 04:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab

[2010/06/02 04:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab

[2010/06/02 04:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab

[2010/06/02 04:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab

[2010/06/02 04:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab

[2010/06/02 04:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab

[2010/06/02 04:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab

[2010/06/02 04:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab

[2010/06/02 04:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab

[2010/06/02 04:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab

[2010/06/02 04:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab

[2010/06/02 04:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab

[2010/06/02 04:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab

[2010/06/02 04:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab

[2010/06/02 04:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab

[2010/06/02 04:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab

[2010/06/02 04:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab

[2010/06/02 04:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab

[2010/06/02 04:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab

[2010/06/02 04:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab

[2010/06/02 04:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x86.cab

[2010/06/02 04:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x64.cab

[2010/06/02 04:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x64.cab

[2010/06/02 04:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x86.cab

[2010/06/02 04:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab

[2010/06/02 04:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab

[2010/06/02 04:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab

[2010/06/02 04:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab

[2010/06/02 04:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab

[2010/06/02 04:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab

[2010/06/02 04:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab

[2010/06/02 04:22:02 | 001,801,048 | ---- | C] () -- C:\Program Files\dsetup32.dll

[2010/06/02 04:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab

[2010/06/02 04:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab

[2010/06/02 04:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab

[2010/06/02 04:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab

[2010/06/02 04:22:02 | 000,537,432 | ---- | C] () -- C:\Program Files\DXSETUP.exe

[2010/06/02 04:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab

[2010/06/02 04:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab

[2010/06/02 04:22:02 | 000,094,011 | ---- | C] () -- C:\Program Files\dxupdate.cab

[2010/06/02 04:22:02 | 000,042,410 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab

[2010/06/02 04:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab

[2010/06/02 04:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab

[2010/06/02 04:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab

[2010/06/02 04:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x64.cab

[2010/06/02 04:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x86.cab

[2010/06/02 04:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab

[2010/06/02 04:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab

[2010/06/02 04:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x64.cab

[2010/06/02 04:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x86.cab

[2010/06/02 04:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab

[2010/06/02 04:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab

[2010/06/02 04:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab

[2010/06/02 04:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab

[2010/06/02 04:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab

[2010/06/02 04:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab

[2010/06/02 04:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab

[2010/06/02 04:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab

[2010/06/02 04:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab

[2010/06/02 04:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab

[2010/06/02 04:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab

[2010/06/02 04:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab

[2010/06/02 04:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab

[2010/06/02 04:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab

[2010/06/02 04:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab

[2010/06/02 04:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab

[2010/06/02 04:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab

[2010/06/02 04:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab

[2010/06/02 04:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab

[2010/06/02 04:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab

[2010/06/02 04:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab

[2010/06/02 04:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab

[2010/06/02 04:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab

[2010/06/02 04:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab

[2010/06/02 04:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab

[2010/06/02 04:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab

[2010/06/02 04:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab

[2010/06/02 04:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab

[2010/06/02 04:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab

[2010/06/02 04:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab

[2010/06/02 04:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab

[2010/06/02 04:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab

[2010/06/02 04:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab

[2010/06/02 04:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab

[2010/06/02 04:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab

[2010/06/02 04:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab

[2010/06/02 04:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab

[2010/06/02 04:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab

[2010/06/02 04:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab

[2010/06/02 04:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab

[2010/06/02 04:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab

[2010/06/02 04:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab

[2010/06/02 04:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab

[2010/06/02 04:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab

[2010/06/02 04:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab

[2010/06/02 04:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab

[2010/06/02 04:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab

[2010/06/02 04:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab

 

========== ZeroAccess Check ==========

 

[2011/03/03 09:45:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\System32\shdocvw.dll -- [2008/04/14 03:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== Custom Scans ==========

 

< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\Skype.exe: 10001

 

< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

 

< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

 

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE"

 

< hklm\software\clients\startmenuinternet|command /64 /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE"

 

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >

"timer" = timer.drv -- [2001/08/28 15:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation)

 

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >

"wdmaud.drv" = Périphérique audio USB

"msaud32.acm" = Windows Media Audio Codec

"sl_anet.acm" = Sipro Lab Telecom Audio Codec

"ir50_32.dll" = Indeo® video 5.10

"C:\WINDOWS\System32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec

"L3CODECA.ACM" = Fraunhofer IIS MPEG Layer-3 Codec

"C:\WINDOWS\system32\iac25_32.ax" = Indeo® audio software

"vfwwdm32.dll" = WDM Video For Windows Capture Driver (Win32)

"mciavi32.dll" = mciavi32.dll -- [2008/04/14 03:33:28 | 000,085,504 | ---- | M] (Microsoft Corporation)

"mcicda.dll" = mcicda.dll -- [2001/08/28 15:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation)

"mciseq.dll" = mciseq.dll -- [2011/10/14 15:47:41 | 000,023,040 | ---- | M] (Microsoft Corporation)

"mciwave.dll" = mciwave.dll -- [2008/04/14 03:33:28 | 000,023,552 | ---- | M] (Microsoft Corporation)

"mciqtz32.dll" = mciqtz32.dll -- [2008/04/14 03:33:28 | 000,035,328 | ---- | M] (Microsoft Corporation)

"midimap.dll" = midimap.dll -- [2008/04/14 03:33:29 | 000,018,944 | ---- | M] (Microsoft Corporation)

"imaadp32.acm" = imaadp32.acm -- [2008/04/14 03:31:33 | 000,016,384 | ---- | M] (Microsoft Corporation)

"msadp32.acm" = msadp32.acm -- [2008/04/14 03:31:51 | 000,014,848 | ---- | M] (Microsoft Corporation)

"msg711.acm" = msg711.acm -- [2001/08/28 15:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation)

"msgsm32.acm" = msgsm32.acm -- [2001/08/28 15:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation)

"tssoft32.acm" = tssoft32.acm -- [2001/08/28 15:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.)

"iccvid.dll" = iccvid.dll -- [2010/06/17 15:03:10 | 000,080,384 | ---- | M] (Radius Inc.)

"msh263.drv" = msh263

"ir32_32.dll" = ir32_32.dll -- [2001/08/28 15:00:00 | 000,199,168 | ---- | M] ()

"ir41_32.ax" = ir41_32.ax -- [2008/04/14 03:34:31 | 000,848,384 | ---- | M] (Intel Corporation)

"iyuv_32.dll" = iyuv_32.dll -- [2009/11/27 17:08:47 | 000,048,128 | ---- | M] (Microsoft Corporation)

"msrle32.dll" = msrle32.dll -- [2009/11/27 17:08:47 | 000,011,264 | ---- | M] (Microsoft Corporation)

"msvidc32.dll" = msvidc32.dll -- [2009/11/27 17:08:47 | 000,028,672 | ---- | M] (Microsoft Corporation)

"msyuv.dll" = msyuv.dll -- [2009/11/27 18:13:13 | 000,017,920 | ---- | M] (Microsoft Corporation)

"tsbyuv.dll" = tsbyuv.dll -- [2009/11/27 17:08:47 | 000,008,704 | ---- | M] (Microsoft Corporation)

"msacm32.drv" = msacm32 -- [2008/04/14 03:33:30 | 000,072,192 | ---- | M] (Microsoft Corporation)

"msg723.acm" = msg723.acm -- [2001/08/28 15:00:00 | 000,118,784 | ---- | M] (Microsoft Corporation)

"msh261.drv" = msh261

 

< %temp%\smtmp\1\*.* /s >

 

< %temp%\smtmp\2\*.* /s >

 

< %temp%\smtmp\4\*.* /s >

 

< nslookup Google /c >

No captured output from command...

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B0A96209

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

 

< End of report >

 

puis l'autre :

 

 

 

 

OTL Extras logfile created on: 19/12/2012 08:39:36 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nom\Mes documents\Téléchargements

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1014,42 Mb Total Physical Memory | 456,63 Mb Available Physical Memory | 45,01% Memory free

1,65 Gb Paging File | 0,54 Gb Available in Paging File | 32,88% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 88,31 Gb Free Space | 59,25% Space Free | Partition Type: NTFS

 

Computer Name: WINDOWSXP | User Name: Nom | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"UpdatesDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring" = 1

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp

"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)

"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox

"{30D1B542-44E0-44F0-8A31-2A101CB626B5}" = DVAPTray

"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{36BD0774-6CD6-4FF9-A148-83CA09AC123E}" = Intel® PROSafe for Wired Connections

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{403EF592-953B-4794-BCEF-ECAB835C2095}" = Intel® PROSafe for Wired Connections

"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CAF09A9-9F84-4ED4-81E8-E9039ABA7D90}" = Ma-Config.com

"{552C83B7-0013-42EA-B285-1997D129DD53}" = SA31xx Device Manager & Media Converter

"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE

"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6BF1C07F-FD52-C5B0-CC93-493B0E2931AA}" = BarrierePoker.fr

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes

"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{92C5DB3D-9D6F-4324-BB11-57825F4C2635}" = DVD Decoder Pak for Windows XP

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Français

"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3

"{BF5EE349-90CD-4422-A43B-661778180173}" = USB Disk Win98 Driver

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C3C44248-B8F7-4B20-A5C7-994870B60F55}" = Hercules Webcam Station Evolution SE

"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1

"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}" = Hercules Optical Glass

"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype 6.0

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F5242227-2051-4158-AC42-0F2BAA3CD3D6}" = HP SetRefresh

"{F70AE624-2B41-476F-BC9C-0A7F158C3F15}" = SweetIM for Messenger 3.4

"{FF96AABE-C905-DD5F-5BE1-B846EE36E11C}" = Winamax Poker

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"AIDA32_is1" = AIDA32 v3.93

"avast" = avast! Free Antivirus

"CCleaner" = CCleaner

"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.0.7

"ESET Online Scanner" = ESET Online Scanner v3

"fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1" = BarrierePoker.fr

"HDMI" = Intel® Graphics Media Accelerator Driver

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"LHTTSFRF" = L&H TTS3000 Français

"Macromedia Shockwave Player" = Macromedia Shockwave Player

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA

"Mozilla Firefox 16.0.2 (x86 fr)" = Mozilla Firefox 16.0.2 (x86 fr)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"PC Tools Firewall Plus" = PC Tools Firewall Plus 7.0

"PhotoScape" = PhotoScape

"PROSet" = Intel® PRO Network Connections Drivers

"PROSetDX" = Intel® PRO Network Connections Drivers

"VLC media player" = VLC media player 1.1.8

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"WinRAR archiver" = WinRAR 4.00 (32 bits)

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"Xeester" = Xeester

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"MyFreeCodec" = MyFreeCodec

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'threads' has the wrong structure

 

For

more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'events_waits_summary_by_thread_by_event_name'

has the wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'events_waits_summary_by_instance'

has the wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'events_waits_summary_global_by_event_name'

has the wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'file_summary_by_event_name' has

the wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'file_summary_by_instance' has the

wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'mutex_instances' has the wrong

structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'rwlock_instances' has the wrong

structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'cond_instances' has the wrong structure

 

For

more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'file_instances' has the wrong structure

 

For

more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

[ System Events ]

Error - 11/12/2012 19:04:39 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 12/12/2012 03:54:27 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 12/12/2012 05:05:49 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 17/12/2012 16:27:36 | Computer Name = WINDOWSXP | Source = sr | ID = 1

Description = Le filtre de restauration du système à rencontré l'erreur inattendue

'0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'.

Ceci a entraîné l'arrêt de la surveillance du volume.

 

Error - 17/12/2012 16:27:58 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 17/12/2012 16:27:58 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7026

Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se

charger : agp440 IntelIde

 

Error - 18/12/2012 02:12:25 | Computer Name = WINDOWSXP | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.1.2 pour la carte réseau dont l'adresse

réseau est 0019DB88F081 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a

envoyé un message DHCPNACK).

 

Error - 18/12/2012 02:12:54 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 18/12/2012 07:53:10 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 18/12/2012 07:54:22 | Computer Name = WINDOWSXP | Source = atapi | ID = 262153

Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai

imparti.

 

 

< End of report >

filasconi Power Member

filasconi

Posté(e)
  • Auteur
Posté(e)

Bonjour et merci de m'aider. voici le rapport :

 

OTL logfile created on: 19/12/2012 08:39:36 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nom\Mes documents\Téléchargements

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1014,42 Mb Total Physical Memory | 456,63 Mb Available Physical Memory | 45,01% Memory free

1,65 Gb Paging File | 0,54 Gb Available in Paging File | 32,88% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 88,31 Gb Free Space | 59,25% Space Free | Partition Type: NTFS

 

Computer Name: WINDOWSXP | User Name: Nom | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\Nom\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files\Xeester\mysql\bin\mysqld-xeester.exe ()

PRC - C:\Program Files\Hercules\Hercules Optical Glass\XtrCtrlEx.exe (Guillemot Corporation S.A.)

PRC - C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

PRC - C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)

PRC - C:\WINDOWS\system32\DVAPTray.exe (Chicony Electronics Co., Ltd.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

PRC - C:\WINDOWS\UMStor\Res.exe (ali)

PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Program Files\AVAST Software\Avast\defs\12121801\algo.dll ()

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()

MOD - C:\Program Files\Xeester\mysql\bin\mysqld-xeester.exe ()

MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\Hercules\Hercules Optical Glass\highgui110.dll ()

MOD - C:\Program Files\Hercules\Hercules Optical Glass\cv110.dll ()

MOD - C:\Program Files\Hercules\Hercules Optical Glass\cxcore110.dll ()

 

 

========== Services (SafeList) ==========

 

SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe File not found

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe File not found

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (Mysql Xeester) -- C:\Program Files\Xeester\mysql\bin\mysqld-xeester.exe ()

SRV - (PCToolsFirewallPlus) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)

SRV - (ACDaemon) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (LightScribeService) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (WDICA) -- File not found

DRV - (uwldypob) -- C:\DOCUME~1\Nom\LOCALS~1\Temp\uwldypob.sys File not found

DRV - (smwdm) -- system32\drivers\smwdm.sys File not found

DRV - (PDRFRAME) -- File not found

DRV - (PDRELI) -- File not found

DRV - (PDFRAME) -- File not found

DRV - (PDCOMP) -- File not found

DRV - (PCIDump) -- File not found

DRV - (lbrtfdc) -- File not found

DRV - (i2omgmt) -- File not found

DRV - (dgderdrv) -- System32\drivers\dgderdrv.sys File not found

DRV - (Changer) -- File not found

DRV - (bdfdll) -- C:\Program Files\Softwin\BitDefender9\bdfdll.sys File not found

DRV - (aeaudio) -- system32\drivers\aeaudio.sys File not found

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)

DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)

DRV - (ssudserd) -- C:\WINDOWS\system32\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV - (FlashUSB) -- C:\WINDOWS\system32\drivers\FlashUSB.sys (Danish Wireless Design A/S)

DRV - (PCTAppEvent) -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools)

DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)

DRV - (pctplfw) -- C:\WINDOWS\system32\drivers\pctplfw.sys (PC Tools)

DRV - (PCTFW-PacketFilter) -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys (PC Tools)

DRV - (pctNdisMP) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)

DRV - (pctNdis) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)

DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD)

DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)

DRV - (ltmodem5) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys (LT)

DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)

DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)

DRV - (N100) -- C:\WINDOWS\system32\drivers\n100325.sys (Compaq Computer Corporation)

DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)

DRV - (nv4) -- C:\WINDOWS\system32\drivers\nv4.sys (NVIDIA Corporation)

DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing

IE - HKCU\..\SearchScopes\{2AC914FB-D5AE-456E-87F7-B98CF36C8949}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10398&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABW&apn_dtid=^YYYYYY^YY^FR&apn_uid=706eb559-c1db-432d-be34-734a4a579bba&apn_sauid=2E938334-6F85-4C14-94A9-EC4D5B95CFA1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - prefs.js..network.proxy.type: 4

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/19 13:19:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/17 08:02:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/17 08:02:25 | 000,000,000 | ---D | M]

 

[2011/03/10 13:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nom\Application Data\Mozilla\Extensions

[2012/12/04 20:00:34 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\Nom\Application Data\Mozilla\Firefox\Profiles\r7vhj6xc.default-1354636498832\searchplugins\google-default.xml

[2012/12/10 18:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/12/10 18:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2012/12/10 18:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2012/12/10 18:09:02 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/10 18:08:57 | 000,001,729 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2012/12/10 18:08:57 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/10 18:08:57 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2012/12/10 18:08:57 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2012/12/10 18:08:57 | 000,001,639 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2012/12/10 18:08:57 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2012/12/09 09:21:56 | 000,444,940 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 15282 more lines...

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (no name) - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} - No CLSID value found.

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.

O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.

O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [CamserviceOG] C:\Program Files\Hercules\Hercules Optical Glass\XtrCtrlEx.exe (Guillemot Corporation S.A.)

O4 - HKLM..\Run: [DVAPTray] C:\WINDOWS\system32\DVAPTray.exe (Chicony Electronics Co., Ltd.)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKLM..\Run: [POEngine] File not found

O4 - HKLM..\Run: [setRefresh] C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe ()

O4 - HKLM..\Run: [uSB Storage Toolbox] C:\WINDOWS\UMStor\Res.exe (ali)

O4 - HKCU..\Run: [DriverFinder] C:\Program Files\DriverFinder\DriverFinder.exe File not found

O4 - HKCU..\Run: [Memory Optimizer] File not found

O4 - HKCU..\Run: [POEngine5] File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = -1

O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe File not found

O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe File not found

O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160490755500 (WUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_2.cab ("Ma-Config.com control)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15861A35-D9BE-4DF5-9436-8338D99A646E}: DhcpNameServer = 192.168.210.2 192.168.210.254 192.168.110.213 192.168.110.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{289CEDFE-D08A-4263-9043-3CE1F3445528}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B2B6A41-5933-4962-80E9-274287CF1639}: DhcpNameServer = 192.168.200.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5268C52-B833-4EF2-826A-44A3DB1AC9EB}: DhcpNameServer = 192.168.200.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAF82E9D-D46F-4A58-98B2-E3BD691EE310}: DhcpNameServer = 192.168.200.254 192.168.110.213 192.168.110.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB7D6E91-BF59-49B5-AF23-5692FBB09F69}: DhcpNameServer = 192.168.210.254 192.168.110.213 192.168.110.254

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Nom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{b80f4940-167a-11e1-8129-0019db88f081}\Shell - "" = AutoRun

O33 - MountPoints2\{b80f4940-167a-11e1-8129-0019db88f081}\Shell\AutoRun\command - "" = E:\Startme.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: uploadmgr - File not found

 

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

MsConfig - StartUpReg: CamserviceOG - hkey= - key= - C:\Program Files\Hercules\Hercules Optical Glass\XtrCtrlEx.exe (Guillemot Corporation S.A.)

MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

 

SafeBootMin: 08086988.sys - Driver

SafeBootMin: 18773973.sys - Driver

SafeBootMin: 56332834.sys - Driver

SafeBootMin: 81261026.sys - Driver

SafeBootMin: 97592840.sys - Driver

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: hitmanpro36 - Reg Error: Value error.

SafeBootMin: hitmanpro36.sys - Reg Error: Value error.

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: 08086988.sys - Driver

SafeBootNet: 18773973.sys - Driver

SafeBootNet: 56332834.sys - Driver

SafeBootNet: 81261026.sys - Driver

SafeBootNet: 97592840.sys - Driver

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: hitmanpro36 - Reg Error: Value error.

SafeBootNet: hitmanpro36.sys - Reg Error: Value error.

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: UploadMgr - Service

SafeBootNet: vga.sys - Driver

SafeBootNet: vsmon - Service

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4d64f3ba-f112-4efe-a02e-96680859937c} - KB918899

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5b7bf89d-d196-4c32-a303-a57b8ab7f18d} - KB918439

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash

ActiveX: {dd772a76-bef3-44d7-8b39-502c8504c1f1} - KB925486

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/12/18 14:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro

[2012/12/18 13:36:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro

[2012/12/17 08:01:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime

[2012/12/17 08:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2012/12/12 19:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\BarrierePoker.fr

[2012/12/12 19:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\BarrierePoker.fr

[2012/12/11 20:21:18 | 016,363,960 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe

[2012/12/10 18:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012/12/10 06:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\BarrierePoker.fr - History

[2012/12/09 07:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\BarrierePoker.fr

[2012/12/08 20:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters

[2012/12/08 20:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\Fighters

[2012/12/08 20:14:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fighters

[2012/12/08 19:53:06 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012/12/08 17:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012/12/08 14:12:53 | 000,589,824 | ---- | C] (Guillemot Corporation S.A.) -- C:\WINDOWS\System32\HWLMSET2.exe

[2012/12/08 14:05:53 | 001,493,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe

[2012/12/08 13:48:36 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll

[2012/12/08 13:48:16 | 000,000,000 | ---D | C] -- C:\Intel

[2012/12/08 13:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ma-config.com

[2012/12/08 12:43:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\DriverFinder

[2012/12/08 12:28:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Mes documents\Downloads

[2012/12/08 12:28:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\PCCUStubInstaller

[2012/12/08 12:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Local Settings\Application Data\PC_Drivers_Headquarters

[2012/12/07 18:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\Malwarebytes

[2012/12/07 18:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware

[2012/12/07 18:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2012/12/07 18:43:12 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012/12/07 18:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012/12/07 11:06:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Menu Démarrer\Programmes\Xeester

[2012/12/04 09:37:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nom\Recent

[2012/11/30 19:27:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\LavasoftStatistics

[2012/11/30 19:25:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nom\Application Data\Ad-Aware Antivirus

[2012/11/30 10:46:16 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.166b.deleteme

[2012/11/30 10:32:19 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.7f1d.deleteme

[2012/11/19 13:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus

[2012/11/19 13:20:35 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2012/11/19 13:20:35 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2012/11/19 13:20:30 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2012/11/19 13:20:30 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2012/11/19 13:20:27 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2012/11/19 13:20:23 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2012/11/19 13:20:23 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2012/11/19 13:20:02 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2012/11/19 13:19:37 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2012/11/19 13:19:36 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2012/11/19 13:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2012/11/19 13:19:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2010/06/02 04:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012/12/19 08:41:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2012/12/19 08:20:04 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/12/19 07:03:53 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/12/19 07:03:46 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012/12/18 12:52:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/12/18 12:52:28 | 1063,768,064 | -HS- | M] () -- C:\hiberfil.sys

[2012/12/17 07:42:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012/12/17 00:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

[2012/12/16 02:27:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\File Helper.job

[2012/12/14 17:32:37 | 000,095,232 | ---- | M] () -- C:\Documents and Settings\Nom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/12/12 19:20:32 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\BarrierePoker.fr.lnk

[2012/12/12 08:53:35 | 000,310,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012/12/12 08:50:48 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012/12/12 08:49:59 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012/12/12 08:49:58 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012/12/11 21:21:29 | 016,363,960 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe

[2012/12/09 09:21:56 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2012/12/09 09:16:26 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk

[2012/12/09 09:16:20 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012/12/08 19:00:44 | 000,001,441 | ---- | M] () -- C:\scu.dat

[2012/12/07 11:07:15 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\Nom\Bureau\Lancer Xeester.lnk

[2012/12/05 10:50:10 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121209-092156.backup

[2012/12/04 16:29:12 | 000,579,096 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2012/12/04 16:29:12 | 000,505,608 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012/12/04 16:29:12 | 000,106,526 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2012/12/04 16:29:12 | 000,089,454 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012/12/04 14:35:22 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121205-105010.backup

[2012/12/02 13:28:00 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121204-143522.backup

[2012/12/02 13:27:05 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121202-132800.backup

[2012/11/30 10:46:05 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.166b.deleteme

[2012/11/30 10:31:43 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.7f1d.deleteme

[2012/11/29 19:31:10 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121202-132705.backup

[2012/11/29 19:29:47 | 000,444,940 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121129-193110.backup

[2012/11/24 12:12:26 | 000,444,890 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121129-192947.backup

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012/12/19 08:41:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2012/12/12 19:20:31 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\BarrierePoker.fr.lnk

[2012/12/12 08:48:21 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2012/12/09 09:16:26 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk

[2012/12/08 19:00:43 | 000,001,441 | ---- | C] () -- C:\scu.dat

[2012/12/08 14:12:53 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\HWLMSET2PS.dll

[2012/12/08 14:05:47 | 000,025,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT

[2012/12/08 13:48:41 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5016.dll

[2012/12/07 11:07:15 | 000,001,565 | ---- | C] () -- C:\Documents and Settings\Nom\Bureau\Lancer Xeester.lnk

[2012/11/19 13:20:03 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012/11/11 21:13:50 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2012/11/06 12:09:15 | 000,239,616 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll

[2012/11/06 12:09:15 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll

[2012/11/06 12:09:15 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys

[2012/11/06 12:09:15 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini

[2012/10/30 10:22:27 | 000,292,942 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2012/09/24 10:00:40 | 003,248,128 | ---- | C] () -- C:\WINDOWS\System32\DVAPfg.exe

[2012/08/25 06:26:44 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Nom\.jmf-resource

[2011/12/13 19:35:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/11/21 16:13:40 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Nom\.recently-used.xbel

[2011/11/21 09:40:07 | 000,082,432 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_mod_fts3.dll

[2011/11/21 09:40:07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_mod_rtree.dll

[2011/11/21 09:40:07 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_mod_impexp.dll

[2011/11/21 09:40:07 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_mod_extfunc.dll

[2011/11/08 13:53:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2011/10/29 09:13:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Nom\Application Data\$_hpcst$.hpc

[2011/10/24 14:10:25 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat

[2011/10/01 20:45:15 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Nom\Local Settings\Application Data\fusioncache.dat

[2011/10/01 14:18:07 | 000,000,752 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2011/07/03 06:51:57 | 000,004,106 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf

[2011/06/07 17:24:44 | 000,000,037 | ---- | C] () -- C:\Documents and Settings\Nom\.mjsync_fr_FR

[2011/05/24 20:03:05 | 000,016,973 | ---- | C] () -- C:\Documents and Settings\Nom\Menu Démarrer.rar

[2011/05/06 17:32:29 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2011/05/06 15:48:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2011/04/07 07:23:47 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Nom\default.pls

[2011/03/11 15:17:36 | 000,146,682 | ---- | C] () -- C:\WINDOWS\hpoins44.dat

[2011/03/11 15:17:36 | 000,000,512 | ---- | C] () -- C:\WINDOWS\hpomdl44.dat

[2011/03/04 15:20:33 | 000,095,232 | ---- | C] () -- C:\Documents and Settings\Nom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/03/02 18:25:25 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2011/01/29 17:00:22 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll

[2011/01/29 17:00:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll

[2011/01/29 17:00:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll

[2011/01/29 17:00:22 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll

[2010/06/02 04:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab

[2010/06/02 04:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab

[2010/06/02 04:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab

[2010/06/02 04:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab

[2010/06/02 04:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab

[2010/06/02 04:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab

[2010/06/02 04:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab

[2010/06/02 04:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab

[2010/06/02 04:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab

[2010/06/02 04:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab

[2010/06/02 04:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab

[2010/06/02 04:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab

[2010/06/02 04:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab

[2010/06/02 04:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab

[2010/06/02 04:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab

[2010/06/02 04:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab

[2010/06/02 04:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab

[2010/06/02 04:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab

[2010/06/02 04:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab

[2010/06/02 04:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab

[2010/06/02 04:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab

[2010/06/02 04:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab

[2010/06/02 04:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab

[2010/06/02 04:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab

[2010/06/02 04:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab

[2010/06/02 04:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab

[2010/06/02 04:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab

[2010/06/02 04:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab

[2010/06/02 04:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab

[2010/06/02 04:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab

[2010/06/02 04:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab

[2010/06/02 04:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab

[2010/06/02 04:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab

[2010/06/02 04:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab

[2010/06/02 04:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab

[2010/06/02 04:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab

[2010/06/02 04:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab

[2010/06/02 04:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab

[2010/06/02 04:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab

[2010/06/02 04:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab

[2010/06/02 04:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab

[2010/06/02 04:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab

[2010/06/02 04:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab

[2010/06/02 04:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab

[2010/06/02 04:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab

[2010/06/02 04:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab

[2010/06/02 04:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x86.cab

[2010/06/02 04:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x64.cab

[2010/06/02 04:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x64.cab

[2010/06/02 04:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x86.cab

[2010/06/02 04:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab

[2010/06/02 04:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab

[2010/06/02 04:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab

[2010/06/02 04:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab

[2010/06/02 04:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab

[2010/06/02 04:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab

[2010/06/02 04:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab

[2010/06/02 04:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab

[2010/06/02 04:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab

[2010/06/02 04:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab

[2010/06/02 04:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab

[2010/06/02 04:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab

[2010/06/02 04:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab

[2010/06/02 04:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab

[2010/06/02 04:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab

[2010/06/02 04:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab

[2010/06/02 04:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab

[2010/06/02 04:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab

[2010/06/02 04:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab

[2010/06/02 04:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab

[2010/06/02 04:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab

[2010/06/02 04:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab

[2010/06/02 04:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab

[2010/06/02 04:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab

[2010/06/02 04:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab

[2010/06/02 04:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab

[2010/06/02 04:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab

[2010/06/02 04:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab

[2010/06/02 04:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x86.cab

[2010/06/02 04:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x64.cab

[2010/06/02 04:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x64.cab

[2010/06/02 04:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x86.cab

[2010/06/02 04:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab

[2010/06/02 04:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab

[2010/06/02 04:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab

[2010/06/02 04:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab

[2010/06/02 04:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab

[2010/06/02 04:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab

[2010/06/02 04:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab

[2010/06/02 04:22:02 | 001,801,048 | ---- | C] () -- C:\Program Files\dsetup32.dll

[2010/06/02 04:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab

[2010/06/02 04:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab

[2010/06/02 04:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab

[2010/06/02 04:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab

[2010/06/02 04:22:02 | 000,537,432 | ---- | C] () -- C:\Program Files\DXSETUP.exe

[2010/06/02 04:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab

[2010/06/02 04:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab

[2010/06/02 04:22:02 | 000,094,011 | ---- | C] () -- C:\Program Files\dxupdate.cab

[2010/06/02 04:22:02 | 000,042,410 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab

[2010/06/02 04:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab

[2010/06/02 04:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab

[2010/06/02 04:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab

[2010/06/02 04:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x64.cab

[2010/06/02 04:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x86.cab

[2010/06/02 04:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab

[2010/06/02 04:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab

[2010/06/02 04:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x64.cab

[2010/06/02 04:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x86.cab

[2010/06/02 04:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab

[2010/06/02 04:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab

[2010/06/02 04:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab

[2010/06/02 04:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab

[2010/06/02 04:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab

[2010/06/02 04:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab

[2010/06/02 04:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab

[2010/06/02 04:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab

[2010/06/02 04:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab

[2010/06/02 04:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab

[2010/06/02 04:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab

[2010/06/02 04:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab

[2010/06/02 04:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab

[2010/06/02 04:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab

[2010/06/02 04:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab

[2010/06/02 04:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab

[2010/06/02 04:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab

[2010/06/02 04:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab

[2010/06/02 04:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab

[2010/06/02 04:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab

[2010/06/02 04:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab

[2010/06/02 04:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab

[2010/06/02 04:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab

[2010/06/02 04:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab

[2010/06/02 04:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab

[2010/06/02 04:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab

[2010/06/02 04:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab

[2010/06/02 04:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab

[2010/06/02 04:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab

[2010/06/02 04:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab

[2010/06/02 04:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab

[2010/06/02 04:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab

[2010/06/02 04:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab

[2010/06/02 04:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab

[2010/06/02 04:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab

[2010/06/02 04:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab

[2010/06/02 04:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab

[2010/06/02 04:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab

[2010/06/02 04:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab

[2010/06/02 04:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab

[2010/06/02 04:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab

[2010/06/02 04:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab

[2010/06/02 04:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab

[2010/06/02 04:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab

[2010/06/02 04:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab

[2010/06/02 04:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab

[2010/06/02 04:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab

[2010/06/02 04:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab

 

========== ZeroAccess Check ==========

 

[2011/03/03 09:45:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\System32\shdocvw.dll -- [2008/04/14 03:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== Custom Scans ==========

 

< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\Skype.exe: 10001

 

< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

 

< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

 

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE"

 

< hklm\software\clients\startmenuinternet|command /64 /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/12/10 18:08:56 | 000,892,176 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/12/10 18:09:01 | 000,916,960 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE"

 

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >

"timer" = timer.drv -- [2001/08/28 15:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation)

 

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >

"wdmaud.drv" = Périphérique audio USB

"msaud32.acm" = Windows Media Audio Codec

"sl_anet.acm" = Sipro Lab Telecom Audio Codec

"ir50_32.dll" = Indeo® video 5.10

"C:\WINDOWS\System32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec

"L3CODECA.ACM" = Fraunhofer IIS MPEG Layer-3 Codec

"C:\WINDOWS\system32\iac25_32.ax" = Indeo® audio software

"vfwwdm32.dll" = WDM Video For Windows Capture Driver (Win32)

"mciavi32.dll" = mciavi32.dll -- [2008/04/14 03:33:28 | 000,085,504 | ---- | M] (Microsoft Corporation)

"mcicda.dll" = mcicda.dll -- [2001/08/28 15:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation)

"mciseq.dll" = mciseq.dll -- [2011/10/14 15:47:41 | 000,023,040 | ---- | M] (Microsoft Corporation)

"mciwave.dll" = mciwave.dll -- [2008/04/14 03:33:28 | 000,023,552 | ---- | M] (Microsoft Corporation)

"mciqtz32.dll" = mciqtz32.dll -- [2008/04/14 03:33:28 | 000,035,328 | ---- | M] (Microsoft Corporation)

"midimap.dll" = midimap.dll -- [2008/04/14 03:33:29 | 000,018,944 | ---- | M] (Microsoft Corporation)

"imaadp32.acm" = imaadp32.acm -- [2008/04/14 03:31:33 | 000,016,384 | ---- | M] (Microsoft Corporation)

"msadp32.acm" = msadp32.acm -- [2008/04/14 03:31:51 | 000,014,848 | ---- | M] (Microsoft Corporation)

"msg711.acm" = msg711.acm -- [2001/08/28 15:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation)

"msgsm32.acm" = msgsm32.acm -- [2001/08/28 15:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation)

"tssoft32.acm" = tssoft32.acm -- [2001/08/28 15:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.)

"iccvid.dll" = iccvid.dll -- [2010/06/17 15:03:10 | 000,080,384 | ---- | M] (Radius Inc.)

"msh263.drv" = msh263

"ir32_32.dll" = ir32_32.dll -- [2001/08/28 15:00:00 | 000,199,168 | ---- | M] ()

"ir41_32.ax" = ir41_32.ax -- [2008/04/14 03:34:31 | 000,848,384 | ---- | M] (Intel Corporation)

"iyuv_32.dll" = iyuv_32.dll -- [2009/11/27 17:08:47 | 000,048,128 | ---- | M] (Microsoft Corporation)

"msrle32.dll" = msrle32.dll -- [2009/11/27 17:08:47 | 000,011,264 | ---- | M] (Microsoft Corporation)

"msvidc32.dll" = msvidc32.dll -- [2009/11/27 17:08:47 | 000,028,672 | ---- | M] (Microsoft Corporation)

"msyuv.dll" = msyuv.dll -- [2009/11/27 18:13:13 | 000,017,920 | ---- | M] (Microsoft Corporation)

"tsbyuv.dll" = tsbyuv.dll -- [2009/11/27 17:08:47 | 000,008,704 | ---- | M] (Microsoft Corporation)

"msacm32.drv" = msacm32 -- [2008/04/14 03:33:30 | 000,072,192 | ---- | M] (Microsoft Corporation)

"msg723.acm" = msg723.acm -- [2001/08/28 15:00:00 | 000,118,784 | ---- | M] (Microsoft Corporation)

"msh261.drv" = msh261

 

< %temp%\smtmp\1\*.* /s >

 

< %temp%\smtmp\2\*.* /s >

 

< %temp%\smtmp\4\*.* /s >

 

< nslookup Google /c >

No captured output from command...

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B0A96209

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

 

< End of report >

 

puis l'autre :

 

 

 

 

OTL Extras logfile created on: 19/12/2012 08:39:36 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nom\Mes documents\Téléchargements

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1014,42 Mb Total Physical Memory | 456,63 Mb Available Physical Memory | 45,01% Memory free

1,65 Gb Paging File | 0,54 Gb Available in Paging File | 32,88% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149,05 Gb Total Space | 88,31 Gb Free Space | 59,25% Space Free | Partition Type: NTFS

 

Computer Name: WINDOWSXP | User Name: Nom | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"UpdatesDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring" = 1

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp

"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)

"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox

"{30D1B542-44E0-44F0-8A31-2A101CB626B5}" = DVAPTray

"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{36BD0774-6CD6-4FF9-A148-83CA09AC123E}" = Intel® PROSafe for Wired Connections

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{403EF592-953B-4794-BCEF-ECAB835C2095}" = Intel® PROSafe for Wired Connections

"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CAF09A9-9F84-4ED4-81E8-E9039ABA7D90}" = Ma-Config.com

"{552C83B7-0013-42EA-B285-1997D129DD53}" = SA31xx Device Manager & Media Converter

"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE

"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6BF1C07F-FD52-C5B0-CC93-493B0E2931AA}" = BarrierePoker.fr

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes

"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{92C5DB3D-9D6F-4324-BB11-57825F4C2635}" = DVD Decoder Pak for Windows XP

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Français

"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3

"{BF5EE349-90CD-4422-A43B-661778180173}" = USB Disk Win98 Driver

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C3C44248-B8F7-4B20-A5C7-994870B60F55}" = Hercules Webcam Station Evolution SE

"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1

"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}" = Hercules Optical Glass

"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype 6.0

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F5242227-2051-4158-AC42-0F2BAA3CD3D6}" = HP SetRefresh

"{F70AE624-2B41-476F-BC9C-0A7F158C3F15}" = SweetIM for Messenger 3.4

"{FF96AABE-C905-DD5F-5BE1-B846EE36E11C}" = Winamax Poker

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"AIDA32_is1" = AIDA32 v3.93

"avast" = avast! Free Antivirus

"CCleaner" = CCleaner

"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.0.7

"ESET Online Scanner" = ESET Online Scanner v3

"fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1" = BarrierePoker.fr

"HDMI" = Intel® Graphics Media Accelerator Driver

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"LHTTSFRF" = L&H TTS3000 Français

"Macromedia Shockwave Player" = Macromedia Shockwave Player

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA

"Mozilla Firefox 16.0.2 (x86 fr)" = Mozilla Firefox 16.0.2 (x86 fr)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"PC Tools Firewall Plus" = PC Tools Firewall Plus 7.0

"PhotoScape" = PhotoScape

"PROSet" = Intel® PRO Network Connections Drivers

"PROSetDX" = Intel® PRO Network Connections Drivers

"VLC media player" = VLC media player 1.1.8

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"WinRAR archiver" = WinRAR 4.00 (32 bits)

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"Xeester" = Xeester

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"MyFreeCodec" = MyFreeCodec

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'threads' has the wrong structure

 

For

more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'events_waits_summary_by_thread_by_event_name'

has the wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'events_waits_summary_by_instance'

has the wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'events_waits_summary_global_by_event_name'

has the wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'file_summary_by_event_name' has

the wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'file_summary_by_instance' has the

wrong structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'mutex_instances' has the wrong

structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'rwlock_instances' has the wrong

structure For more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

 

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'cond_instances' has the wrong structure

 

For

more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

Error - 19/12/2012 02:07:30 | Computer Name = WINDOWSXP | Source = MySQL | ID = 100

Description = Native table 'performance_schema'.'file_instances' has the wrong structure

 

For

more information, see Help and Support Center at MySQL :: The world's most popular open source database

 

[ System Events ]

Error - 11/12/2012 19:04:39 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 12/12/2012 03:54:27 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 12/12/2012 05:05:49 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 17/12/2012 16:27:36 | Computer Name = WINDOWSXP | Source = sr | ID = 1

Description = Le filtre de restauration du système à rencontré l'erreur inattendue

'0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'.

Ceci a entraîné l'arrêt de la surveillance du volume.

 

Error - 17/12/2012 16:27:58 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 17/12/2012 16:27:58 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7026

Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se

charger : agp440 IntelIde

 

Error - 18/12/2012 02:12:25 | Computer Name = WINDOWSXP | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.1.2 pour la carte réseau dont l'adresse

réseau est 0019DB88F081 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a

envoyé un message DHCPNACK).

 

Error - 18/12/2012 02:12:54 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 18/12/2012 07:53:10 | Computer Name = WINDOWSXP | Source = Service Control Manager | ID = 7000

Description = Le service Java Quick Starter n'a pas pu démarrer en raison de l'erreur :

%%3

 

Error - 18/12/2012 07:54:22 | Computer Name = WINDOWSXP | Source = atapi | ID = 262153

Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai

imparti.

 

 

< End of report >

 

s'il vous plait j'ai besoin d'aide merci!!!!!

bernard53 Godlike Member

bernard53

Posté(e)
Posté(e)

Ceci s.t.p

.* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL

DRV - (uwldypob) -- C:\DOCUME~1\Nom\LOCALS~1\Temp\uwldypob.sys File not found

DRV - (bdfdll) -- C:\Program Files\Softwin\BitDefender9\bdfdll.sys File not found

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.

O2 - BHO: (no name) - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} - No CLSID value found.

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.

O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.

O4 - HKLM\..\Run: [NPSStartup] File not found

O4 - HKLM\..\Run: [POEngine] File not found

O4 - HKCU\..\Run: [DriverFinder] C:\Program Files\DriverFinder\DriverFinder.exe File not found

O4 - HKCU\..\Run: [Memory Optimizer] File not found

O4 - HKCU\..\Run: [POEngine5] File not found

O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe File not found

O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe File not found

O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

[2012/11/30 10:46:16 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.166b.deleteme

[2012/11/30 10:32:19 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.7f1d.deleteme

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B0A96209

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

:Commands

[emptytemp]

[createrestorepoint]

* Cliques sur l'icône Correction (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport s'ouvrir "OTL.log"

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Accueil de Cjoint.com

ou.

Envoyez et partagez vos fichiers

 

 

Puis ceci.

 

Démarrer > Exécuter > tapes cmd Ensuite, tout dépend de la version de votre système d'exploitation :

 

Puis dans le fenêtre DOS : tapes ces commandes.

Sous Windows XP (service pack 1) :

netsh int ip reset all
(reset de la couche TCP)

Sous XP (service pack 2 et 3) / Vista :

netsh int ip reset all
(dans un premier temps) puis
netsh winsock reset catalog

(Réinitialisation du socket correspondant).

Ces commandes nécessitent toutes les deux un redémarrage de l'ordinateur pour être prises en compte.

 

 

ATTENTION je te mets des liens pour mettre les rapports en ligne, fait le s.t.p sinon trop de ligne et tu va planter ton post.

filasconi Power Member

filasconi

Posté(e)
  • Auteur
Posté(e)

merci . voila le rapport, désolé si je vous l'envoie ici car je n'arrive pas a utiliser les liens citées.

 

 

 

All processes killed

========== OTL ==========

Error: No service named uwldypob was found to stop!

Service\Driver key uwldypob not found.

File C:\DOCUME~1\Nom\LOCALS~1\Temp\uwldypob.sys File not found not found.

Service bdfdll stopped successfully!

Service bdfdll deleted successfully!

File C:\Program Files\Softwin\BitDefender9\bdfdll.sys File not found not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.

C:\Program Files\Spybot - Search & Destroy\SDHelper.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ not found.

Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90EAE591-7E7E-434a-8E28-ECFD00071806}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\ not found.

File C:\Program Files\Spybot - Search & Destroy\SDHelper.dll not found.

C:\WINDOWS\system32\mfevtps.exe.166b.deleteme moved successfully.

C:\WINDOWS\system32\mfevtps.exe.7f1d.deleteme moved successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:B0A96209 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6 deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 58264 bytes

 

User: gaëtan laurynne loïc

->Temp folder emptied: 396121 bytes

->Temporary Internet Files folder emptied: 1575384 bytes

->Java cache emptied: 12929 bytes

->FireFox cache emptied: 282811133 bytes

->Flash cache emptied: 108232 bytes

 

User: Invité

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 508306 bytes

->Java cache emptied: 41507 bytes

->FireFox cache emptied: 103932792 bytes

->Flash cache emptied: 3896 bytes

 

User: LocalService

->Temp folder emptied: 2178284 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: malbaraise loveeuse

->Temp folder emptied: 4098220 bytes

->Temporary Internet Files folder emptied: 125432176 bytes

->Java cache emptied: 4032521 bytes

->FireFox cache emptied: 545662068 bytes

->Flash cache emptied: 78912 bytes

 

User: NetworkService

->Temp folder emptied: 2112284 bytes

->Temporary Internet Files folder emptied: 3908173 bytes

 

User: Nom

->Temp folder emptied: 33051 bytes

->Temporary Internet Files folder emptied: 2695265 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 83395278 bytes

->Flash cache emptied: 59255 bytes

 

User: postgres

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56468 bytes

 

User: thomas

->Temp folder emptied: 448204 bytes

->Temporary Internet Files folder emptied: 4622903 bytes

->Java cache emptied: 164736 bytes

->FireFox cache emptied: 446306473 bytes

->Flash cache emptied: 23387 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 99840 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 483 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 31552572 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 50773 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 1 570,00 mb

 

Restore point Set: OTL Restore Point

 

OTL by OldTimer - Version 3.2.69.0 log created on 12192012_134016

 

Files\Folders moved on Reboot...

File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

filasconi Power Member

filasconi

Posté(e)
  • Auteur
Posté(e)

quand je tape netsh int ip reset all rien ne se passe par contre pour l'autre (netsh winsock reset catalog ) il me demande de redemarer est-ce normal?

bernard53 Godlike Member

bernard53

Posté(e)
Posté(e)

juste ceci.

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL

 

O4 - HKLM\..\Run: [NPSStartup] File not found

O4 - HKLM\..\Run: [POEngine] File not found

O4 - HKU\S-1-5-21-1801674531-1390067357-839522115-1003\..\Run: [Memory Optimizer] File not found

O4 - HKU\S-1-5-21-1801674531-1390067357-839522115-1003\..\Run: [POEngine5] File not found

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

 

:Commands

[emptytemp]

 

* Cliques sur l'icône Correction (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport s'ouvrir "OTL.log"

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Accueil de Cjoint.com

ou.

Envoyez et partagez vos fichiers

 

Comment va ton pc?

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...