[Résolu] Virus V9 Portal Site [1]

[bert34]

Bonjour,

 

Je n'arrive pas à me débarraser de V9 portal

Merci d'avance pour votre aide

Voici le lien à donner à vos correspondants afin que ces derniers puissent accéder au document partagé :

 

pjjoint.malekal.com - Submit a file

 

Cordialement

[bernard53]

Bonjour

Ceci s.t.p.

* Copie le tout le texte à télécharger ici: © CJoint.com, 2012

 

(tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

 

 

Puis Lance ZHPFix depuis le raccourci du bureau.

 

-> laisse travailler l'outil et ne touche à rien ...

 

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

 

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

 

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !

 

Ensuite:

 

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

 

Téléchargements - Outils de Xplode - AdwCleaner

 

 

 

- Lances le en mode normal , puis cliques sur [suppression]

- Lorsque le message indiquant qu'AdwCleaner a détecté une variante spécifique d'adware s'affiche , cliquez sur [OK]

 

- L'ordinateur va redémarrer tout seul. Redémarre-le en mode normal.

- AdwCleaner s'ouvrira normalement, avec comme seul choix possible [suppression]

 

- Cliquez dessus, puis patientes pendant la suppression.

- Une fois la suppression effectuée, AdwCleaner vous invitera à redémarrer l'ordinateur

 

- Au redémarrage, un rapport s'ouvrira. Postes le sur le forum.

 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[s1].txt

 

Ensuite: mets bien à jour Malwarebytes et fait juste un scan rapide .

Modifié le 30 mai 2013 par bernard53

[bert34]

Bonjour Bernard 53.

Merci pour ton aide.

J'ai suivi tes conseils mais apparemment j’ai toujours ce V9 portal lorsque j’ouvre Internet avec explorer ou Mozilla.

Je ne serai pas là de la journée, peut être à ce soir.

Voici le rapport AdwCleaner :

 

 

Arrêté & Supprimé : eSafeSvc

 

***** [Fichiers / Dossiers] *****

 

Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon

Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\eSafe

Dossier Supprimé : C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}

 

***** [Registre] *****

 

Clé Supprimée : HKCU\Software\IM

Clé Supprimée : HKCU\Software\ImInstaller

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lollipop

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Clé Supprimée : HKLM\Software\ImInstaller

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\eSafeSecControl

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

Clé Supprimée : HKLM\SOFTWARE\Software

Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v7.0.6000.21335

 

Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://en.v9.com/?utm_source=b&utm_medium=update&from=update&uid=WDCXWD1200UE-22KVT0_WD-WXE90618138581385&ts=1369828477 --> hxxp://www.google.com

 

-\\ Mozilla Firefox v21.0 (fr)

 

Fichier : C:\Documents and Settings\bernard\Application Data\Mozilla\Firefox\Profiles\k8gi5mym.default\prefs.js

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

Fichier : C:\Documents and Settings\bernard\Application Data\Mozilla\Firefox\Profiles\of6hn1pp.default\prefs.js

 

Supprimée : user_pref("CT2724386.oldAppsList", "200,129248981533442178,129248981533598429,129251218914197895,100[...]

 

*************************

 

AdwCleaner[s1].txt - [3052 octets] - [30/05/2013 09:02:05]

 

########## EOF - C:\AdwCleaner[s1].txt - [3112 octets] ##########

[bernard53]

Tu as bien passé ZHPFix

Si oui ceci an plus .

 

Réinitialisation de tes navigateurs.

Réinitialiser son navigateur

Modifier son moteur de recherche.

Changer son moteur de recherche

[bert34]

Bonsoir,

 

Oui, j'ai passé ZHPFix.

J'ai réinitier le navigateur d'Internet Explorer mais impossible de se débarasser de cette page d'ouverture :

 

V9 Portal Site – My Homepage – The best and most complete navigation site of the US!

 

De m^me pour Mozilla Firefox alors que la page d'accueil dans option est bien : Actualité - Midi Libre !!!!!

 

Merci de ton aide ca me permet de me perfectionner dans l'informatique.

Cordialement

Bernard

[bernard53]

Ceci comme autre rapport s.t.p.

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs

hklm\software\clients\startmenuinternet|command /rs

hklm\software\clients\startmenuinternet|command /64 /rs

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 /s

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s

%temp%\smtmp\1\*.* /s

%temp%\smtmp\2\*.* /s

%temp%\smtmp\4\*.* /s

nslookup Google /c

SAVEMBR:0

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Accueil de Cjoint.com

ou.

Envoyez et partagez vos fichiers

[bert34]

Bonjour,

 

Je vous envoies les deux rapports mais je pense que le problème est résolu, il devait rester des résidus que j'ai pu éliminer.

Pour Explorer : c'est le raccourci qui m'ouvrai la page, je l'ai mis à la poubelle et ouvre par un nouveau chemin : plus de problème !

Pour Mozilla : j'ai cliqué droit sur icone puis propriété puis onglet raccourci et cible : j'ai éliminé tout ce qu'il y avait après "C:\Program Files\Mozilla Firefox\firefox.exe" et depuis plus de problème !

 

Qu'en pensez vous ?

Cordialement

Bernard 34

 

 

 

 

 

OTL logfile created on: 31/05/2013 13:40:25 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\bernard\Mes documents\Téléchargements

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1022,11 Mb Total Physical Memory | 232,00 Mb Available Physical Memory | 22,70% Memory free

2,40 Gb Paging File | 1,44 Gb Available in Paging File | 59,91% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 53,19 Gb Total Space | 15,95 Gb Free Space | 29,99% Space Free | Partition Type: FAT32

Drive D: | 53,69 Gb Total Space | 6,79 Gb Free Space | 12,65% Space Free | Partition Type: FAT32

 

Computer Name: VALUED-12EF4461 | User Name: bernard | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\bernard\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe (SFR)

PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)

PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )

PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)

PRC - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()

PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (Acer Inc.)

PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)

PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c73ac0ffec7d226ca3dac70df184f18\System.ServiceModel.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f56869ede7c0fddb751c39e050dd62a8\System.Runtime.DurableInstancing.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ba4bc24df463a622c0e918d8c49672ed\SMDiagnostics.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll ()

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()

MOD - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_59a8299f\mscorlib.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_bbbfd5e3\system.drawing.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_784c7621\system.xml.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_bf82bb0a\system.windows.forms.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_727d3e92\system.dll ()

MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()

MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()

MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()

MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll ()

MOD - C:\WINDOWS\system32\pdf995mon.dll ()

MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()

MOD - C:\WINDOWS\system32\msdmo.dll ()

MOD - C:\Acer\Empowering Technology\eSettings\CPUID.dll ()

MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()

MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll ()

MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll ()

MOD - c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll ()

MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\mscorlib.resources.dll ()

MOD - c:\windows\assembly\gac\system.resources\1.0.5000.0_fr_b77a5c561934e089\system.resources.dll ()

MOD - c:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\system.serviceprocess.resources.dll ()

MOD - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()

MOD - c:\Acer\Empowering Technology\eNet\eNet.dll ()

MOD - c:\Acer\Empowering Technology\eDataSecurity\eDSCS2CClassLib.dll ()

MOD - C:\Program Files\Intel\Wireless\Bin\Libeay32.dll ()

MOD - C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll ()

MOD - C:\Program Files\Intel\Wireless\Bin\IntStngs.dll ()

MOD - C:\Acer\Empowering Technology\ePower\DialogDLL.dll ()

MOD - C:\Acer\Empowering Technology\ePower\SysHook.dll ()

 

 

========== Services (SafeList) ==========

 

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)

SRV - (SFR.DashBoard.Service) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe (SFR)

SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)

SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()

SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )

SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (Acer Inc.)

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE (Symantec Corporation)

SRV - (Planificateur LiveUpdate automatique) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)

SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (rpcapd) -- C:\Program Files\WinPCap\rpcapd.exe (CACE Technologies)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (WDICA) -- File not found

DRV - (Wbutton) -- C:\WINDOWS\system32\drivers\Wbutton.sys File not found

DRV - (PDRFRAME) -- File not found

DRV - (PDRELI) -- File not found

DRV - (PDFRAME) -- File not found

DRV - (PDCOMP) -- File not found

DRV - (PCIDump) -- File not found

DRV - (mailKmd) -- File not found

DRV - (lbrtfdc) -- File not found

DRV - (dnckku) -- System32\drivers\pimvtpea.sys File not found

DRV - (Changer) -- File not found

DRV - (AgereSoftModem) -- system32\DRIVERS\AGRSM.sys File not found

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)

DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)

DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)

DRV - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()

DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()

DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (MBB Incorporated)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (ZTEusbvoice) -- C:\WINDOWS\system32\drivers\ZTEusbvoice.sys (ZTE Incorporated)

DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)

DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)

DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)

DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)

DRV - (s0017mdm) -- C:\WINDOWS\system32\drivers\s0017mdm.sys (MCCI Corporation)

DRV - (s0017unic) -- C:\WINDOWS\system32\drivers\s0017unic.sys (MCCI Corporation)

DRV - (s0017mgmt) -- C:\WINDOWS\system32\drivers\s0017mgmt.sys (MCCI Corporation)

DRV - (s0017obex) -- C:\WINDOWS\system32\drivers\s0017obex.sys (MCCI Corporation)

DRV - (s0017bus) -- C:\WINDOWS\system32\drivers\s0017bus.sys (MCCI Corporation)

DRV - (s0017nd5) -- C:\WINDOWS\system32\drivers\s0017nd5.sys (MCCI Corporation)

DRV - (s0017mdfl) -- C:\WINDOWS\system32\drivers\s0017mdfl.sys (MCCI Corporation)

DRV - (tvicport) -- C:\WINDOWS\system32\drivers\TVicPort.sys (EnTech Taiwan)

DRV - (int15) -- C:\WINDOWS\system32\drivers\int15.sys ()

DRV - (zntport) -- C:\WINDOWS\system32\drivers\zntport.sys (Zeal SoftStudio)

DRV - (APL531) -- C:\WINDOWS\system32\drivers\ov550i.sys (Omnivision Technologies, Inc.)

DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)

DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)

DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)

DRV - (w39n51) -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel® Corporation)

DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)

DRV - (EpmShd) -- C:\WINDOWS\system32\drivers\epm-shd.sys (Acer Value Labs, USA)

DRV - (EpmPsd) -- C:\WINDOWS\system32\drivers\epm-psd.sys (Acer Value Labs, USA)

DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)

DRV - (Hotkey) -- C:\WINDOWS\System32\drivers\HOTKEY.sys ()

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Recherche Google

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Recherche Google

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: true*/*/

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 50323

FF - prefs.js..network.proxy.type: 1

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\adslTV\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/27 12:35:48 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/20 22:09:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/20 22:09:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/05/14 21:32:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2013/03/17 12:26:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\bernard\Application Data\Mozilla\Extensions

[2011/03/22 16:15:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\bernard\Application Data\Mozilla\Firefox\Profiles\of6hn1pp.default\extensions

[2011/03/22 16:15:38 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\bernard\Application Data\Mozilla\Firefox\Profiles\of6hn1pp.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}

[2013/05/29 14:01:30 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\bernard\Application Data\Mozilla\Firefox\Profiles\of6hn1pp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011/08/13 08:49:26 | 000,168,614 | ---- | M] () (No name found) -- C:\Documents and Settings\bernard\Application Data\Mozilla\Firefox\Profiles\of6hn1pp.default\extensions\{e411bb40-b04c-11d8-92e7-00d09e0179f2}.xpi

[2013/05/09 14:15:44 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\bernard\Application Data\Mozilla\Firefox\Profiles\of6hn1pp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013/05/20 22:09:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/05/20 22:10:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2013/05/20 22:10:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

 

========== Chrome ==========

 

 

O1 HOSTS File: ([2004/08/10 05:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)

O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10r_ActiveX.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1369843233953 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFB92B4C-1ACB-4A3F-AAA0-D23D7034E4A4}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Ma page Accueil) - About:Home

O24 - Desktop Components:1 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\bernard\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\bernard\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2013/04/30 14:00:24 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ FAT32 ]

O33 - MountPoints2\{24c873f6-f339-11e0-b7c7-0016d34c7534}\Shell - "" = AutoRun

O33 - MountPoints2\{24c873f6-f339-11e0-b7c7-0016d34c7534}\Shell\AutoRun\command - "" = F:\SFR_Setup.exe

O33 - MountPoints2\{e0f4d5bc-bdcd-11e0-b784-0016d34c7534}\Shell - "" = AutoRun

O33 - MountPoints2\{e0f4d5bc-bdcd-11e0-b784-0016d34c7534}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found

MsConfig - StartUpReg: eMuleAutoStart - hkey= - key= - C:\Program Files\eMule\emule.exe (http://www.emule-project.net'>http://www.emule-project.net)

MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found

MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)

ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {29A43E48-B726-47B6-9EAC-AA2B7B48E133} - Microsoft .NET Framework 1.0 Security Update (KB2698035)

ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597)

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser

ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)

ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider

ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {DE895E98-54B2-4180-91E1-7A0020EDF577} - Microsoft .NET Framework 1.0 Security Update (KB2742607)

ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3

ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework

ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013/05/31 09:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google

[2013/05/31 09:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome

[2013/05/31 08:58:15 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2013/05/30 23:28:29 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2013/05/29 17:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2013/05/29 17:20:15 | 000,000,000 | ---D | C] -- C:\ZHP

[2013/05/25 10:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller

[2013/05/25 10:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bernard\Application Data\player

[2013/05/25 09:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\Omiga Plus

[2013/05/25 09:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bernard\Application Data\Omiga Plus

[2013/05/25 09:39:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2013/05/25 09:19:19 | 000,000,000 | ---D | C] -- C:\Kreapixel

[2013/05/20 22:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/05/18 11:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bernard\Application Data\YouSendIt

[2013/05/14 21:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2013/05/31 13:44:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2013/05/31 13:24:04 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013/05/31 12:57:02 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/05/31 09:22:16 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\bernard\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013/05/31 09:22:16 | 000,001,721 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk

[2013/05/31 09:06:00 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk

[2013/05/31 08:12:18 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2013/05/31 08:12:18 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job

[2013/05/31 08:12:14 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013/05/31 08:12:14 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2733383575-177607150-2720733002-1005.job

[2013/05/31 08:12:10 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys

[2013/05/31 08:12:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/05/30 23:28:32 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2013/05/30 21:55:04 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2733383575-177607150-2720733002-1005.job

[2013/05/30 09:00:46 | 000,632,031 | ---- | M] () -- C:\Documents and Settings\bernard\.homeplayer\Bureau\adwcleaner.exe

[2013/05/29 19:28:26 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2013/05/29 19:25:16 | 000,000,258 | ---- | M] () -- C:\Documents and Settings\bernard\.homeplayer\Bureau\Mes documents.lnk

[2013/05/29 19:20:42 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

[2013/05/29 19:20:42 | 000,001,431 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

[2013/05/29 19:20:42 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

[2013/05/29 18:12:06 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/05/29 17:06:18 | 000,706,708 | ---- | M] () -- C:\Documents and Settings\bernard\.homeplayer\Bureau\delfix.exe

[2013/05/29 13:54:42 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\bernard\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk

[2013/05/29 13:54:42 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\bernard\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013/05/29 11:15:34 | 001,314,542 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00725.JPG

[2013/05/29 11:14:56 | 001,183,025 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00724.JPG

[2013/05/28 00:12:22 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk

[2013/05/27 19:31:16 | 000,310,579 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\tract_reclasses.pdf

[2013/05/27 10:50:52 | 001,288,451 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00723.JPG

[2013/05/27 10:50:32 | 001,299,836 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00722.JPG

[2013/05/27 10:50:16 | 001,383,098 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00721.JPG

[2013/05/27 08:16:40 | 000,049,269 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\FO reclasses 16 mai 2013.pdf

[2013/05/26 15:46:02 | 000,578,392 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2013/05/26 15:46:02 | 000,504,496 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/05/26 15:46:02 | 000,106,098 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2013/05/26 15:46:02 | 000,089,350 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/05/26 08:37:16 | 000,259,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/05/25 10:18:28 | 000,000,830 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog

[2013/05/25 09:28:54 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc

[2013/05/24 14:43:12 | 005,528,989 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\anti fugue.pdf

[2013/05/18 10:48:54 | 000,200,495 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\contrat clim2.pdf

[2013/05/18 10:48:26 | 000,309,189 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\contrat clim1.pdf

[2013/05/18 10:47:06 | 000,339,131 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\contrat clim.pdf

[2013/05/17 08:23:10 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013/05/17 08:23:10 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013/05/16 00:37:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/05/10 21:16:50 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk

[2013/05/09 17:10:36 | 001,068,003 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00718.JPG

[2013/05/08 11:46:18 | 000,997,914 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00714.JPG

[2013/05/08 11:45:42 | 000,984,545 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00713.JPG

[2013/05/08 11:22:04 | 000,940,960 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00712.JPG

[2013/05/08 11:21:34 | 001,161,542 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00711.JPG

[2013/05/08 11:21:20 | 001,051,572 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00710.JPG

[2013/05/07 10:01:34 | 001,130,049 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00709.JPG

[2013/05/05 07:40:20 | 000,240,640 | ---- | M] () -- C:\Documents and Settings\bernard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/05/02 17:21:12 | 001,146,074 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00705.JPG

[2013/05/02 16:27:44 | 000,640,277 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00704.JPG

[2013/05/02 16:26:26 | 001,007,422 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00703.JPG

[2013/05/02 16:21:06 | 001,069,021 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00702.JPG

[2013/05/02 16:20:10 | 001,194,069 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00701.JPG

[2013/05/02 16:19:36 | 001,021,765 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00700.JPG

[2013/05/02 16:11:08 | 000,810,315 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00699.JPG

[2013/05/02 16:05:10 | 000,829,525 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00698.JPG

[2013/05/01 15:31:52 | 001,110,534 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00697.JPG

[2013/05/01 15:31:12 | 001,467,857 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00696.JPG

[2013/05/01 15:30:50 | 001,303,806 | ---- | M] () -- C:\Documents and Settings\bernard\Mes documents\DSC00695.JPG

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2013/05/31 13:44:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2013/05/31 09:43:56 | 001,872,135 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\google 27 juillet 2012.JPG

[2013/05/31 09:22:15 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\bernard\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013/05/31 09:22:15 | 000,001,721 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk

[2013/05/30 10:02:43 | 001,314,542 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00725.JPG

[2013/05/30 10:02:41 | 001,183,025 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00724.JPG

[2013/05/30 09:00:51 | 000,632,031 | ---- | C] () -- C:\Documents and Settings\bernard\.homeplayer\Bureau\adwcleaner.exe

[2013/05/29 19:25:15 | 000,000,258 | ---- | C] () -- C:\Documents and Settings\bernard\.homeplayer\Bureau\Mes documents.lnk

[2013/05/29 19:20:41 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

[2013/05/29 19:20:40 | 000,001,536 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

[2013/05/29 19:20:40 | 000,001,431 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

[2013/05/29 17:43:17 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2013/05/29 17:06:14 | 000,706,708 | ---- | C] () -- C:\Documents and Settings\bernard\.homeplayer\Bureau\delfix.exe

[2013/05/28 00:12:19 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk

[2013/05/27 19:31:13 | 000,310,579 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\tract_reclasses.pdf

[2013/05/27 13:47:13 | 001,288,451 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00723.JPG

[2013/05/27 13:47:11 | 001,299,836 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00722.JPG

[2013/05/27 13:47:08 | 001,383,098 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00721.JPG

[2013/05/27 13:47:02 | 001,068,003 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00718.JPG

[2013/05/27 08:16:37 | 000,049,269 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\FO reclasses 16 mai 2013.pdf

[2013/05/26 00:13:47 | 000,265,638 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2013/05/25 09:54:47 | 000,000,830 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog

[2013/05/24 14:43:08 | 005,528,989 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\anti fugue.pdf

[2013/05/18 10:48:53 | 000,200,495 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\contrat clim2.pdf

[2013/05/18 10:48:23 | 000,309,189 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\contrat clim1.pdf

[2013/05/18 10:47:04 | 000,339,131 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\contrat clim.pdf

[2013/05/09 11:07:54 | 000,997,914 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00714.JPG

[2013/05/09 11:07:52 | 000,984,545 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00713.JPG

[2013/05/09 11:07:51 | 000,940,960 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00712.JPG

[2013/05/09 11:07:49 | 001,161,542 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00711.JPG

[2013/05/09 11:07:47 | 001,051,572 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00710.JPG

[2013/05/09 11:07:45 | 001,130,049 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00709.JPG

[2013/05/09 11:07:39 | 001,146,074 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00705.JPG

[2013/05/09 11:07:37 | 000,640,277 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00704.JPG

[2013/05/09 11:07:36 | 001,007,422 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00703.JPG

[2013/05/09 11:07:34 | 001,069,021 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00702.JPG

[2013/05/09 11:07:32 | 001,194,069 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00701.JPG

[2013/05/09 11:07:30 | 001,021,765 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00700.JPG

[2013/05/09 11:07:28 | 000,810,315 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00699.JPG

[2013/05/09 11:07:27 | 000,829,525 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00698.JPG

[2013/05/09 11:07:25 | 001,110,534 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00697.JPG

[2013/05/09 11:07:22 | 001,467,857 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00696.JPG

[2013/05/09 11:07:20 | 001,303,806 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00695.JPG

[2013/05/09 11:07:18 | 001,073,061 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00694.JPG

[2013/05/09 11:07:14 | 001,255,814 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00692.JPG

[2013/05/09 11:07:12 | 000,861,181 | ---- | C] () -- C:\Documents and Settings\bernard\Mes documents\DSC00691.JPG

[2013/02/06 14:46:54 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\bernard\Application Data\.backup.dm

[2012/10/20 12:03:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini

[2012/10/20 12:01:30 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv

[2012/10/20 12:01:29 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll

[2012/06/10 17:40:37 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc

[2012/04/30 13:40:07 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI

[2012/02/16 12:05:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/04 08:19:51 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/09/06 18:21:37 | 000,025,601 | ---- | C] () -- C:\WINDOWS\CSTBox.INI

[2011/05/27 12:27:22 | 000,021,752 | ---- | C] () -- C:\Documents and Settings\bernard\Application Data\7B6D.C2C

[2011/04/24 20:07:57 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\bernard\Application Data\Sys2662.Config.Repository.bin

[2011/04/09 12:25:25 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\bernard\Application Data\$_hpcst$.hpc

[2011/04/04 10:44:07 | 000,000,292 | ---- | C] () -- C:\Documents and Settings\bernard\Mxcdr.ini

[2011/03/22 16:07:51 | 000,240,640 | ---- | C] () -- C:\Documents and Settings\bernard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/03/22 10:40:41 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\bernard\Local Settings\Application Data\fusioncache.dat

 

========== ZeroAccess Check ==========

 

[2005/04/15 14:43:34 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 03:33:42 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:56 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== Custom Scans ==========

 

< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\gamelogin.exe: 7000

 

< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

 

< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

 

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/05/20 22:10:08 | 000,868,096 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/05/20 22:10:08 | 000,868,096 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/05/20 22:10:08 | 000,868,096 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/05/20 22:10:24 | 000,920,472 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/05/20 22:10:24 | 000,920,472 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/05/20 22:10:24 | 000,920,472 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/05/23 07:44:10 | 000,825,808 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/05/23 07:44:10 | 000,825,808 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/05/23 07:44:10 | 000,825,808 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/05/23 07:44:10 | 000,825,808 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/04/13 01:28:08 | 000,070,656 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/04/13 01:28:08 | 000,070,656 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/04/13 01:28:08 | 000,070,656 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/04/05 00:34:40 | 000,643,200 | ---- | M] (Microsoft Corporation)

 

< hklm\software\clients\startmenuinternet|command /64 /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/05/20 22:10:08 | 000,868,096 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/05/20 22:10:08 | 000,868,096 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/05/20 22:10:08 | 000,868,096 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2013/05/20 22:10:24 | 000,920,472 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013/05/20 22:10:24 | 000,920,472 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013/05/20 22:10:24 | 000,920,472 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/05/23 07:44:10 | 000,825,808 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/05/23 07:44:10 | 000,825,808 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/05/23 07:44:10 | 000,825,808 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/05/23 07:44:10 | 000,825,808 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/04/13 01:28:08 | 000,070,656 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/04/13 01:28:08 | 000,070,656 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/04/13 01:28:08 | 000,070,656 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/04/05 00:34:40 | 000,643,200 | ---- | M] (Microsoft Corporation)

 

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >

"timer" = timer.drv -- [2004/08/10 05:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation)

 

< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >

"msaud32.acm" = Windows Media Audio

"sl_anet.acm" = Sipro Lab Telecom Audio Codec

"C:\WINDOWS\system32\iac25_32.ax" = Indeo® audio software

"ir50_32.dll" = Indeo® video 5.10

"C:\WINDOWS\system32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec

"wdmaud.drv" = Realtek High Definition Audio

"mpg4c32.dll" = Microsoft MPEG-4 Video Codec

"vfwwdm32.dll" = Vidéo WDM pour le pilote de capture Windows (Win32)

 

< %temp%\smtmp\1\*.* /s >

 

< %temp%\smtmp\2\*.* /s >

 

< %temp%\smtmp\4\*.* /s >

 

< nslookup Google /c >

No captured output from command...

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< End of report >

 

 

 

 

 

 

 

OTL Extras logfile created on: 31/05/2013 13:40:25 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\bernard\Mes documents\Téléchargements

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

1022,11 Mb Total Physical Memory | 232,00 Mb Available Physical Memory | 22,70% Memory free

2,40 Gb Paging File | 1,44 Gb Available in Paging File | 59,91% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 53,19 Gb Total Space | 15,95 Gb Free Space | 29,99% Space Free | Partition Type: FAT32

Drive D: | 53,69 Gb Total Space | 6,79 Gb Free Space | 12,65% Space Free | Partition Type: FAT32

 

Computer Name: VALUED-12EF4461 | User Name: bernard | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htafile [open] -- "%1" %*

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\adslTV\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\adslTV\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"4672:UDP" = 4672:UDP:*:Enabled:emule

"4662:TCP" = 4662:TCP:*:Enabled:emule

"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"31163:TCP" = 31163:TCP:*:Enabled:Tornado

"31163:UDP" = 31163:UDP:*:Enabled:Tornado

"31166:TCP" = 31166:TCP:*:Enabled:Tornado

"31166:UDP" = 31166:UDP:*:Enabled:Tornado

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\SAGENT4.EXE" = C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\SAGENT4.EXE:*:Enabled:SAgent4 -- (SEIKO EPSON CORPORATION)

"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)

"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)

"C:\Documents and Settings\BERNARD\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\BERNARD\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)

"C:\Program Files\HomePlayer\HomePlayer.exe" = C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer -- ()

"C:\Program Files\HomePlayer\vlc\vlc.exe" = C:\Program Files\HomePlayer\vlc\vlc.exe:*:Enabled:VLC HomePlayer -- ()

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{078A8C00-412A-45C2-8A44-49DD736D3318}_is1" = Objectif Tarot 4

"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management

"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 24

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{6B566EFE-DC1D-471F-93DD-84832663F140}" = OVT Scanner X86

"{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{7E0610A2-E336-40B3-B685-C4905E97EC9A}" = OpenOffice.org 3.3

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage

"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology

"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Français

"{B06B842F-2450-494F-BBDE-217CDC151A37}" = NTI Backup NOW! 4.5

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer

"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox 4.1

"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management

"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.1.0.3

"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore

"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.0.6.8

"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.015

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA

"{FC48747D-095F-4CF6-B54E-37D4F4738A15}_is1" = Gestionnaire de Connexion SFR 3.2

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"AlauxSoft Comptes et Budget Free V5.0_is1" = AlauxSoft Comptes et Budget Free V5.0

"Avira AntiVir Desktop" = Avira Free Antivirus

"BlazePhoto 2.0_is1" = BlazePhoto 2.0

"Calendrier 2000_is1" = Calendrier Xtra v12.010

"CCleaner" = CCleaner

"CloneSpy" = CloneSpy 2.62

"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition

"eMule" = eMule

"EPSON Printer and Utilities" = EPSON Logiciel imprimante

"ERUNT_is1" = ERUNT 1.1j

"Free Tarot" = Free Tarot

"Glary Utilities_is1" = Glary Utilities 2.33.0.1158

"Google Chrome" = Google Chrome

"GridVista" = Acer GridVista

"HomePlayer" = HomePlayer 1.5.9e

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.3076

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)

"MAGIX Audio Cleanic SE F" = MAGIX Audio Cleanic SE 9.0.2.0 (F)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Mozilla Firefox 21.0 (x86 fr)" = Mozilla Firefox 21.0 (x86 fr)

"Mozilla Thunderbird 17.0.6 (x86 fr)" = Mozilla Thunderbird 17.0.6 (x86 fr)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NVIDIA Drivers" = NVIDIA Drivers

"OVH hubiC-browser" = OVH hubiC-browser

"OVT Scanner" = Uninstall OVT Scanner

"Pdf995" = Pdf995

"PhotoFiltre" = PhotoFiltre

"Picasa 3" = Picasa 3

"ProInst" = Logiciel Intel® PROSet/Wireless

"RealPlayer 12.0" = RealPlayer

"Recuva" = Recuva

"Simple PDF_is1" = Simple PDF

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Uniblue RegistryBooster" = Uniblue RegistryBooster

"Unlocker" = Unlocker 1.9.1

"VisiPics_is1" = VisiPics V1.30

"VLC media player" = VLC media player 2.0.6

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WebTarot_is1" = WebTarot 1.33

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WinRAR archiver" = WinRAR 4.01 (32-bit)

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"ZHPDiag_is1" = ZHPDiag 2013

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"WinDirStat" = WinDirStat 1.1.2

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 29/05/2013 13:09:14 | Computer Name = VALUED-12EF4461 | Source = Application Hang | ID = 1002

Description = Application bloquée ZHPDiag.exe, version 2013.5.25.152, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 29/05/2013 13:24:22 | Computer Name = VALUED-12EF4461 | Source = Application Hang | ID = 1002

Description = Application bloquée ZHPDiag.exe, version 2013.5.29.157, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 29/05/2013 13:24:35 | Computer Name = VALUED-12EF4461 | Source = Application Hang | ID = 1002

Description = Application bloquée ZHPDiag.exe, version 2013.5.29.157, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 29/05/2013 13:24:41 | Computer Name = VALUED-12EF4461 | Source = Application Hang | ID = 1002

Description = Application bloquée ZHPDiag.exe, version 2013.5.29.157, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 30/05/2013 02:37:06 | Computer Name = VALUED-12EF4461 | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

 

Error - 30/05/2013 03:05:08 | Computer Name = VALUED-12EF4461 | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

 

Error - 30/05/2013 17:05:29 | Computer Name = VALUED-12EF4461 | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

 

Error - 31/05/2013 02:12:22 | Computer Name = VALUED-12EF4461 | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

 

Error - 31/05/2013 02:12:22 | Computer Name = VALUED-12EF4461 | Source = PerfNet | ID = 2004

Description = Impossible d'ouvrir le Service serveur. Les données de performance

du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD

0.

 

Error - 31/05/2013 03:18:12 | Computer Name = VALUED-12EF4461 | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 7.0.6000.21335, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

[ System Events ]

Error - 28/05/2013 02:07:59 | Computer Name = VALUED-12EF4461 | Source = WPDMTPDriver | ID = 80836

Description = MTP WPD Driver has failed to start. Error 0x80070005.

 

Error - 28/05/2013 03:55:18 | Computer Name = VALUED-12EF4461 | Source = Service Control Manager | ID = 7022

Description = Le service eSafe Service est en attente de démarrage.

 

Error - 28/05/2013 06:45:49 | Computer Name = VALUED-12EF4461 | Source = Service Control Manager | ID = 7022

Description = Le service eSafe Service est en attente de démarrage.

 

Error - 28/05/2013 07:08:22 | Computer Name = VALUED-12EF4461 | Source = System Error | ID = 1003

Description = Code erreur 000000c2, paramètre 1 00000007, paramètre 2 00000cd4,

paramètre 3 001a0019, paramètre 4 86c43480.

 

Error - 28/05/2013 16:50:25 | Computer Name = VALUED-12EF4461 | Source = Service Control Manager | ID = 7022

Description = Le service eSafe Service est en attente de démarrage.

 

Error - 29/05/2013 02:01:21 | Computer Name = VALUED-12EF4461 | Source = Service Control Manager | ID = 7022

Description = Le service eSafe Service est en attente de démarrage.

 

Error - 30/05/2013 02:37:57 | Computer Name = VALUED-12EF4461 | Source = Service Control Manager | ID = 7000

Description = Le service eSafe Service n'a pas pu démarrer en raison de l'erreur :

%%2

 

Error - 30/05/2013 02:38:36 | Computer Name = VALUED-12EF4461 | Source = Service Control Manager | ID = 7011

Description = Délai (30000 millisecondes) d'attente pour une réponse du service

NVSvc à une transaction.

 

Error - 30/05/2013 03:59:16 | Computer Name = VALUED-12EF4461 | Source = WPDMTPDriver | ID = 80836

Description = MTP WPD Driver has failed to start. Error 0x8007048f.

 

Error - 30/05/2013 03:59:48 | Computer Name = VALUED-12EF4461 | Source = WPDMTPDriver | ID = 80836

Description = MTP WPD Driver has failed to start. Error 0x8007048f.

 

 

< End of report >

 

 

 

Ceci comme autre rapport s.t.p.

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

 

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Accueil de Cjoint.com

ou.

Envoyez et partagez vos fichiers

[bernard53]

ok juste une broutille

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}"=-

"Uniblue RegistryBooster"=-

:Commands

[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport s'ouvrir "OTL.log"

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Accueil de Cjoint.com

ou.

Envoyez et partagez vos fichiers

[bert34]

Ci-dessous le rapport.

Merci pour votre aide. Ca m'épate toutes ces connaissances informatiques.

Bernard 34

 

 

 

 

All processes killed

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Uniblue RegistryBooster not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: All Users

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 51466130 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 1680431 bytes

 

User: Administrateur

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32768 bytes

 

User: bernard

->Temp folder emptied: 225196388 bytes

->Temporary Internet Files folder emptied: 24959173 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 324337007 bytes

->Google Chrome cache emptied: 6126404 bytes

->Flash cache emptied: 2889977 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 1590738 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 4757991 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 461657518 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 6550303 bytes

 

Total Files Cleaned = 1 060,00 mb

 

 

OTL by OldTimer - Version 3.2.69.0 log created on 05312013_204243

 

Files\Folders moved on Reboot...

C:\WINDOWS\temp\Perflib_Perfdata_afc.dat moved successfully.

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

[bernard53]

Toujours des soucis?