Il y a actuellement 248 visiteurs
Vendredi 19 Avril 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

fichier daemontoolswhenUsave impossible à supprimer

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
Répondre

fichier daemontoolswhenUsave impossible à supprimer

Message le 27 Jan 2011 12:45

bonjour, j'ai un souci pour supprimer ce fichier, qui m'ouvre une fenetre à chaque ouverture de session. merci d'avance pour votre aide j'ai fait OTL et voila le résultat, je veux une désinfaction si possible pas trop dure vu que je prépare le terrain mais que c'est mon père qui fera le reste.et c'est juste histoire de supprimer ce fichier et voir si on peu redonner un peu de rapidité au pc mais c'est secondaire

voila le rapport OTL

Code: Tout sélectionner
OTL logfile created on: 27/01/2011 12:20:25 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Documents and Settings\Jean-Yves\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1 015,00 Mb Total Physical Memory | 589,00 Mb Available Physical Memory | 58,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 24,97 Gb Free Space | 67,00% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 113,13 Gb Free Space | 75,90% Space Free | Partition Type: NTFS
 
Computer Name: CHAUVIN | User Name: Jean-Yves | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/01/27 12:17:19 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean-Yves\Mes documents\Téléchargements\OTL.exe
PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/08 01:40:34 | 000,740,144 | ---- | M] (Pinball Corporation.) -- C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe
PRC - [2010/11/30 05:07:22 | 000,260,384 | ---- | M] (Mp3Tube) -- C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe
PRC - [2010/06/21 10:56:08 | 000,739,840 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
PRC - [2009/08/24 12:23:02 | 000,282,624 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Systray\SystrayApp.exe
PRC - [2009/08/24 12:22:44 | 000,717,552 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe
PRC - [2009/08/24 12:22:34 | 000,069,632 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009/08/24 12:22:30 | 000,053,248 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\Corecom\OraConfigRecover.exe
PRC - [2009/08/24 12:22:28 | 000,495,616 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\Corecom\CoreCom.exe
PRC - [2009/08/24 12:22:26 | 000,974,848 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
PRC - [2009/08/24 12:22:26 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 14:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2006/05/24 11:01:06 | 000,148,480 | ---- | M] (WhenU.com, Inc.) -- C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe
PRC - [2006/02/10 06:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2006/01/05 06:58:38 | 000,489,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe
PRC - [2005/12/09 14:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2005/12/09 14:32:18 | 000,225,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/11/01 16:22:22 | 000,262,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\ElkCtrl.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/01/27 12:17:19 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean-Yves\Mes documents\Téléchargements\OTL.exe
MOD - [2011/01/13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2005/12/09 14:37:42 | 000,086,016 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/11/30 05:07:22 | 000,260,384 | ---- | M] (Mp3Tube) [Auto | Running] -- C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe -- (Mp3Tube Toolbar Updater Service)
SRV - [2009/08/24 12:22:34 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007/08/24 03:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/08/09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/12/09 14:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/01/26 20:19:21 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/08/24 12:22:58 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2009/08/24 12:22:58 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2009/06/12 13:35:14 | 000,215,552 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2008/09/24 09:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/13 10:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2007/05/09 20:47:00 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2005/12/09 14:37:42 | 002,400,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (lvmvdrv)
DRV - [2005/12/09 14:37:42 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon)
DRV - [2005/12/09 14:35:54 | 002,174,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap)
DRV - [2005/05/27 17:46:20 | 000,913,280 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2005/05/27 17:37:58 | 000,007,136 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005/05/27 17:31:26 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2003/05/15 18:09:32 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll ()
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolbarsearch.com/?tmp=toolbar_mp3tube_results&prt=pinballtb01ff&clid=5cafb24a143141ecb0c7aaed489fe151&subid=&Keywords={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/firefox"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords="
 
FF - user.js..keyword.URL: "http://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords="
FF - user.js..keyword.enabled: 1
 
FF - HKLM\software\mozilla\Firefox\extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2010/12/12 02:11:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.628.0\firefox\extensions [2010/12/12 02:12:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/30 18:33:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/26 20:47:55 | 000,000,000 | ---D | M]
 
[2010/08/10 16:46:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Yves\Application Data\Mozilla\Extensions
[2011/01/09 22:01:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Yves\Application Data\Mozilla\Firefox\Profiles\c1glp04o.default\extensions
[2011/01/09 22:01:01 | 000,000,564 | ---- | M] () -- C:\Documents and Settings\Jean-Yves\Application Data\Mozilla\Firefox\Profiles\c1glp04o.default\searchplugins\bing.xml
[2011/01/26 15:23:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/10 17:42:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/12/08 01:46:34 | 000,087,344 | ---- | M] (Pinball Corporation.) -- C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/11/09 06:56:01 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/11/09 06:56:01 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/11/09 06:56:01 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2011/01/27 11:53:48 | 000,001,215 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Mp3Tube.xml
[2010/11/09 06:56:02 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/11/09 06:56:02 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2008/04/14 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Mp3Tube Toolbar) - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll (Mp3Tube Toolbar)
O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000314.dll (Orange)
O3 - HKU\S-1-5-21-606747145-813497703-1606980848-1004\..\Toolbar\WebBrowser: (Mp3Tube Toolbar) - {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll (Mp3Tube Toolbar)
O3 - HKU\S-1-5-21-606747145-813497703-1606980848-1004\..\Toolbar\WebBrowser: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000314.dll (Orange)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ClickPotatoLiteSA] C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe (Pinball Corporation.)
O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-606747145-813497703-1606980848-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-606747145-813497703-1606980848-1004..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKLM..\RunOnce: []  File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSABHO.dll (Pinball Corporation)
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/10 15:53:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/01/27 12:15:35 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/01/27 12:15:47 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{352d69a6-1122-11e0-b7e6-00032f4b55e9}\Shell - "" = AutoRun
O33 - MountPoints2\{352d69a6-1122-11e0-b7e6-00032f4b55e9}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Documents and Settings^Jean-Yves^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt -  File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt -  File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.0
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/01/27 12:15:35 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/01/27 12:14:36 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011/01/27 12:10:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jean-Yves\Recent
[2011/01/26 21:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Bureau\microsoft office 2007
[2011/01/26 20:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
[2011/01/26 20:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\DESIGNER
[2011/01/26 20:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/01/26 20:39:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011/01/26 20:37:15 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/01/26 20:26:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2011/01/26 20:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DAEMON Tools Lite
[2011/01/26 20:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011/01/26 20:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Lite
[2011/01/26 20:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/01/26 19:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\DaemonTools_WhenUSave_Installer
[2011/01/26 19:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Pro
[2011/01/19 17:56:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\BlazePhoto 2.0
[2011/01/19 17:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Mes documents\My Pictures
[2011/01/19 17:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\BlazeVideo
[2011/01/19 17:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ovt
[2011/01/19 17:49:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\OvtCam
[2011/01/19 17:49:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\OVT
[2011/01/19 17:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\OVT
[2011/01/12 16:23:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jean-Yves\Mes documents\Mes images
[2011/01/12 15:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Mes documents\Mes numérisations
[2011/01/12 15:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Mes documents\Mes albums
[2011/01/12 14:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Menu Démarrer\Programmes\Micro Application
[2011/01/12 14:36:11 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System32\Pcdlib32.dll
[2011/01/12 14:36:11 | 000,077,878 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\temp.000
[2011/01/12 14:36:11 | 000,058,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\npplg80n.dll
[2011/01/12 14:36:11 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTWND80n.DLL
[2011/01/12 14:36:11 | 000,027,136 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lttwn80n.dll
[2011/01/12 14:36:10 | 000,401,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltkrn80n.dll
[2011/01/12 14:36:10 | 000,198,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltann80n.dll
[2011/01/12 14:36:10 | 000,126,464 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltefx80n.dll
[2011/01/12 14:36:10 | 000,097,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lftif80n.dll
[2011/01/12 14:36:10 | 000,087,552 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltimg80n.dll
[2011/01/12 14:36:10 | 000,058,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil80n.DLL
[2011/01/12 14:36:10 | 000,021,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwmf80n.dll
[2011/01/12 14:36:10 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwpg80n.dll
[2011/01/12 14:36:10 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftga80n.dll
[2011/01/12 14:36:10 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfras80n.dll
[2011/01/12 14:36:10 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwfx80n.dll
[2011/01/12 14:36:09 | 000,111,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpng80n.dll
[2011/01/12 14:36:09 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif80n.dll
[2011/01/12 14:36:09 | 000,028,672 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lflma80n.dll
[2011/01/12 14:36:09 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfica80n.dll
[2011/01/12 14:36:09 | 000,025,088 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lflmb80n.dll
[2011/01/12 14:36:09 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpct80n.dll
[2011/01/12 14:36:09 | 000,024,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx80n.dll
[2011/01/12 14:36:09 | 000,022,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpsd80n.dll
[2011/01/12 14:36:09 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfimg80n.dll
[2011/01/12 14:36:09 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcd80n.dll
[2011/01/12 14:36:09 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmsp80n.dll
[2011/01/12 14:36:09 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmac80n.dll
[2011/01/12 14:36:08 | 000,220,160 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfdic80n.dll
[2011/01/12 14:36:08 | 000,218,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfcmp80n.dll
[2011/01/12 14:36:08 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lffax80n.dll
[2011/01/12 14:36:08 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx80n.dll
[2011/01/12 14:36:08 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp80n.dll
[2011/01/12 14:36:08 | 000,024,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfeps80n.dll
[2011/01/12 14:36:08 | 000,022,528 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfawd80n.dll
[2011/01/12 14:36:08 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfcal80n.dll
[2011/01/12 14:36:08 | 000,017,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfavi80n.dll
[2011/01/12 14:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Micro Application
[2011/01/12 13:14:14 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2011/01/12 13:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\Microsoft Help
[2011/01/12 13:05:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011/01/10 21:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/01/10 16:43:07 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2011/01/10 16:43:07 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2011/01/09 22:42:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2011/01/09 22:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/01/09 22:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011/01/09 19:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Tracing
[2011/01/09 19:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/01/09 19:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2011/01/09 19:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/01/09 19:26:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
[2011/01/09 19:26:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/01/09 19:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2011/01/05 19:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Application Data\MSNInstaller
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/01/27 11:52:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/27 06:35:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/27 06:34:52 | 000,298,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/26 20:19:25 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DAEMON Tools Lite.lnk
[2011/01/26 20:19:21 | 000,431,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011/01/24 16:46:12 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/19 17:56:41 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\BlazePhoto 2.0.lnk
[2011/01/16 10:20:22 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/12 14:35:39 | 000,000,040 | ---- | M] () -- C:\WINDOWS\NAVIGMA.INI
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/01/26 20:19:25 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DAEMON Tools Lite.lnk
[2011/01/26 19:51:39 | 000,431,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011/01/19 17:56:40 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\BlazePhoto 2.0.lnk
[2011/01/12 14:36:09 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2011/01/12 14:36:08 | 000,308,224 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2011/01/12 14:35:38 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2011/01/09 22:25:07 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft Office PowerPoint 2007.lnk
[2010/11/25 17:02:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2010/10/25 05:56:03 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2010/09/20 09:43:15 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/02 14:53:50 | 000,000,075 | ---- | C] () -- C:\WINDOWS\ImportClient.INI
[2010/08/13 14:37:55 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/08/11 18:44:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010/08/11 18:35:05 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2010/08/11 18:30:58 | 000,002,292 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/08/11 18:30:56 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/08/10 18:00:09 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\fusioncache.dat
[2010/08/10 17:42:25 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/10 17:08:32 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010/08/10 17:04:54 | 000,013,065 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/05/09 19:35:54 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005/12/09 14:37:42 | 002,400,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2005/12/09 14:37:42 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005/12/09 14:35:54 | 002,174,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2001/07/07 02:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/12/12 02:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/08/10 17:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/02 14:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2011/01/27 07:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA
[2011/01/26 20:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/12/12 02:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\ClickPotatoLite
[2011/01/26 20:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Lite
[2011/01/26 19:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Pro
[2010/08/10 18:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\EBP
[2010/09/09 21:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Icones
[2010/08/11 18:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\InterTrust
[2011/01/27 07:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Mp3Tube Toolbar
[2011/01/05 19:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\MSNInstaller
[2010/08/10 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\OpenOffice.org
[2010/12/12 02:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2011/01/26 20:19:21 | 000,431,672 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\drivers\sptd.sys
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2010/12/12 02:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/08/10 17:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/02 14:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2011/01/27 07:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA
[2011/01/26 20:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/01/09 22:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/08/10 17:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2011/01/27 12:02:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/01/27 07:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/08/10 17:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2010/08/10 17:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2010/08/11 18:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Adobe
[2010/12/12 02:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\ClickPotatoLite
[2011/01/26 20:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Lite
[2011/01/26 19:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Pro
[2010/08/10 18:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\EBP
[2010/12/22 14:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\HP
[2010/09/09 21:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Icones
[2010/08/10 15:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Identities
[2010/08/11 18:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\InterTrust
[2010/08/10 16:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Macromedia
[2011/01/20 19:43:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Microsoft
[2010/08/10 16:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Mozilla
[2011/01/27 07:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Mp3Tube Toolbar
[2011/01/05 19:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\MSNInstaller
[2010/08/10 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\OpenOffice.org
[2010/12/12 02:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3
[2010/08/10 17:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Sun
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2011/01/05 19:58:23 | 000,826,856 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Jean-Yves\Application Data\MSNInstaller\msnauins.exe
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/04/14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
 
[color=#A23BEC]< MD5 for: CHANGER.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2008/04/14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\system32\dllcache\explorer.exe
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2008/04/14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008/04/14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2008/04/14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2008/04/14 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2008/04/14 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2008/04/14 13:00:00 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\dllcache\rdpwd.sys
[2008/04/14 13:00:00 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/04/14 13:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 13:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys
[2008/04/14 13:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
 
[color=#A23BEC]< MD5 for: SPLITTER.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys
[2008/04/13 10:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\dllcache\splitter.sys
[2008/04/13 10:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
 
[color=#A23BEC]< MD5 for: SWMIDI.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys
[2008/04/13 10:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\dllcache\swmidi.sys
[2008/04/13 10:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2008/04/14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2008/04/14 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\dllcache\tdpipe.sys
[2008/04/14 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2008/04/14 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\dllcache\tdtcp.sys
[2008/04/14 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys
[2008/04/13 10:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\dllcache\usbprint.sys
[2008/04/13 10:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2008/04/14 13:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys
[2008/04/13 10:45:36 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\dllcache\usbscan.sys
[2008/04/13 10:45:36 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2008/04/14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2008/04/14 13:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 13:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]

< End of report >





voila le rapport extras

Code: Tout sélectionner
OTL Extras logfile created on: 27/01/2011 12:20:25 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Documents and Settings\Jean-Yves\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1 015,00 Mb Total Physical Memory | 589,00 Mb Available Physical Memory | 58,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 24,97 Gb Free Space | 67,00% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 113,13 Gb Free Space | 75,90% Space Free | Partition Type: NTFS
 
Computer Name: CHAUVIN | User Name: Jean-Yves | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.scr [@ = scrfile] -- "%1" /S "%3"
 
[HKEY_USERS\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S "%3"
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6B566EFE-DC1D-471F-93DD-84832663F140}" = OVT Scanner X86
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 12
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (French) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C191BE7C-8542-4A61-973A-714EF76C5995}" = Logiciel QuickCam de Logitech
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"{ORAHSS}.UninstallSuite" = Connexion Internet Orange
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"BlazePhoto 2.0_is1" = BlazePhoto 2.0
"CCleaner" = CCleaner
"ClickPotatoLiteSA" = ClickPotato
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"EBP Comptes Bancaires 2006_is1" = EBP Comptes Bancaires 2006
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Homepage Protection Service" = Homepage Protection Service
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"MailNotifier" = Notification Mail
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"Mp3Tube Toolbar" = Mp3Tube Toolbar
"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français
"OrangeToolbarFR" = barre d'outils Orange
"Plus de 50 000 Cliparts Volume 2" = Plus de 50 000 Cliparts Volume 2
"QcDrv" = Programme de gestion Camera de Logitech®
"Shockwave" = Shockwave
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"ShopperReportsSA" = ShopperReports
"SiS163u" = 802.11 USB Wireless LAN Adapter
"Speccy" = Speccy
"Usbfix" = UsbFix By El Desaparecido & C_XX
"WinLiveSuite_Wave3" = Installation Windows Live
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 19/10/2010 10:38:24 | Computer Name = CHAUVIN | Source = Application Hang | ID = 1002
Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 19/10/2010 10:38:27 | Computer Name = CHAUVIN | Source = Application Hang | ID = 1001
Description = Détecteur d'erreurs 734562961.
 
Error - 19/10/2010 10:38:52 | Computer Name = CHAUVIN | Source = Application Hang | ID = 1002
Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 25/11/2010 10:47:50 | Computer Name = CHAUVIN | Source = MsiInstaller | ID = 1013
Description = Produit : Connexions réseau Intel(R) -- Impossible d'installer des
 pilotes. Aucune Connexions réseau Intel(R) n'est installée dans l'ordinateur.
 
 
< End of report >


merci de votre aide
Avatar de l'utilisateur
nana_du_35
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 294
Inscription: 01 Mar 2007 18:36
Localisation: 35000
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 27 Jan 2011 13:05

Bonjour
He bien tu as de monde comme intrus :oops:


fait ceci.


* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
:OTL
PRC - [2010/12/08 01:40:34 | 000,740,144 | ---- | M] (Pinball Corporation.) -- C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe
PRC - [2010/11/30 05:07:22 | 000,260,384 | ---- | M] (Mp3Tube) -- C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe
PRC - [2006/05/24 11:01:06 | 000,148,480 | ---- | M] (WhenU.com, Inc.) -- C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe
SRV - [2010/11/30 05:07:22 | 000,260,384 | ---- | M] (Mp3Tube) [Auto | Running] -- C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe -- (Mp3Tube Toolbar Updater Service)
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolbarsearch.com/?tmp=toolbar_mp3tube_results&prt=pinballtb01ff&clid=5cafb24a143141ecb0c7aaed489fe151&subid=&Keywords={searchTerms}"
FF - prefs.js..keyword.URL: "http://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords="
FF - user.js..keyword.URL: http://mp3tubetoolbarsearch.com/?prt=pi ... &Keywords=
FF - HKLM\software\mozilla\Firefox\extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2010/12/12 02:11:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.628.0\firefox\extensions [2010/12/12 02:12:54 | 000,000,000 | ---D | M]
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Mp3Tube Toolbar) - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll (Mp3Tube Toolbar)
O3 - HKU\S-1-5-21-606747145-813497703-1606980848-1004\..\Toolbar\WebBrowser: (Mp3Tube Toolbar) - {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll (Mp3Tube Toolbar)
O4 - HKLM\..\Run: [ClickPotatoLiteSA] C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe (Pinball Corporation.)
O4 - HKLM\..\Run: [NWEReboot] File not found
O4 - HKLM\..\RunOnce: [] File not found
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSABHO.dll (Pinball Corporation)
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
:Files
C:\Program Files\ClickPotatoLite
C:\Program Files\Mp3Tube Toolbar
C:\Program Files\ShopperReports3
C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
C:\Program Files\Mozilla Firefox\searchplugins\Mp3Tube.xml
C:\Program Files\DaemonTools_WhenUSave_Installer
C:\WINDOWS\System32\iAlmcoin.dll
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA
C:\Documents and Settings\Jean-Yves\Application Data\ClickPotatoLite
C:\Documents and Settings\Jean-Yves\Application Data\Mp3Tube Toolbar
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3
:Commands
[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.Txt"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://www.cijoint.fr/index.php


Puis::


Installe Malewarebytes' Antimalware,
Téléchargement



*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.

Ensuite nouveau rapport OTL pour contrôle s.t.p

A+
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 27 Jan 2011 13:40

salut
c'est si dangereux que sa de surfer sur le net lorsqu'on habite a rennes??? :lol: :lol:
finalement je vais rester dans mon petit vilage....
Avatar de l'utilisateur
reg35
PC-Infopraticien
PC-Infopraticien
 
Messages: 5815
Inscription: 21 Juin 2009 22:30
Localisation: recherche en cours, veuillez patienter...
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 18:31

voila le rapport minimal suite à ta demande.il est pas si long donc je l'envoi tel quel :
Code: Tout sélectionner
All processes killed
========== OTL ==========
No active process named ClickPotatoLiteSA.exe was found!
No active process named Mp3TubeSvc.exe was found!
No active process named DaemonTools_WhenUSave_Installer.exe was found!
Service Mp3Tube Toolbar Updater Service stopped successfully!
Service Mp3Tube Toolbar Updater Service deleted successfully!
C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe moved successfully.
Prefs.js: "http://mp3tubetoolbarsearch.com/?tmp=toolbar_mp3tube_results&prt=pinballtb01ff&clid=5cafb24a143141ecb0c7aaed489fe151&subid=&Keywords={searchTerms}" removed from browser.search.selectedEngineURL
Prefs.js: "http://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=" removed from keyword.URL
C:\Documents and Settings\Jean-Yves\Application Data\Mozilla\FireFox\Profiles\c1glp04o.default\user.js moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ShopperReports@ShopperReports.com deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ClickPotatoLite@ClickPotatoLite.com deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.628.0\firefox\extensions\plugins folder moved successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.628.0\firefox\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47fd-81F3-EE91287F9465}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465}\ deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46897C77-E7A6-4c33-BFFB-E9C2E2718942}\ deleted successfully.
C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-606747145-813497703-1606980848-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}\ not found.
File C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\RunOnce\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE}\ not found.
C:\Program Files\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSABHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5428486-50A0-4a02-9D20-520B59A9F9B2}\ not found.
File C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5428486-50A0-4a02-9D20-520B59A9F9B3}\ not found.
File C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll not found.
========== FILES ==========
C:\Program Files\ClickPotatoLite\bin\10.0.628.0\firefox folder moved successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.628.0 folder moved successfully.
C:\Program Files\ClickPotatoLite\bin folder moved successfully.
C:\Program Files\ClickPotatoLite folder moved successfully.
C:\Program Files\Mp3Tube Toolbar folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.517.0 folder moved successfully.
C:\Program Files\ShopperReports3\bin folder moved successfully.
C:\Program Files\ShopperReports3 folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\Mp3Tube.xml moved successfully.
C:\Program Files\DaemonTools_WhenUSave_Installer folder moved successfully.
C:\WINDOWS\System32\iAlmcoin.dll moved successfully.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ClickPotatoLite folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\Mp3Tube Toolbar\images folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\Mp3Tube Toolbar folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\IE\cs\res1 folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\IE\cs\report folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\IE\cs\dwld folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\IE\cs\db folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\IE\cs folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\IE folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\Firefox\cs\res1 folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\Firefox\cs\report folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\Firefox\cs\dwld folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\Firefox\cs\db folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\Firefox\cs folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3\Firefox folder moved successfully.
C:\Documents and Settings\Jean-Yves\Application Data\ShopperReports3 folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 3327414 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Jean-Yves
->Temp folder emptied: 2570127 bytes
->Temporary Internet Files folder emptied: 82121 bytes
->Java cache emptied: 933798 bytes
->FireFox cache emptied: 130574967 bytes
->Google Chrome cache emptied: 16955899 bytes
->Flash cache emptied: 1658 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351795 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 150,00 mb
 
 
OTL by OldTimer - Version 3.2.20.6 log created on 01272011_131111

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...




je passe à la suite de la désinfection
Avatar de l'utilisateur
nana_du_35
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 294
Inscription: 01 Mar 2007 18:36
Localisation: 35000
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 19:03

donc , j'ai lancé l'analyse complete mais elle à beugué à 3 reprise, du coup j'ai fait une analyse rapide, est ce possible de supprimer la selection, vous envoyer ce rapport et ensuite tenter a nouveau l'analyse complete?
Avatar de l'utilisateur
nana_du_35
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 294
Inscription: 01 Mar 2007 18:36
Localisation: 35000
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 19:37

Oui supprime la sélection même en scan rapide et remets un nouveau rapport OTL s.t.p
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 19:44

voila le rapport malwarebytes :

Code: Tout sélectionner
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5631

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

28/01/2011 19:42:44
mbam-log-2011-01-28 (19-42-44).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 145792
Temps écoulé: 9 minute(s), 33 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 120
Valeur(s) du Registre infectée(s): 10
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451c-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{E343EDFC-1E6C-4cb5-AA29-E9C922641C80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40af-A323-40F94257DACB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ed-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.KOPFF.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.KOPFF (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{02AED140-2B62-4b49-8B3B-179020CC39B9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.CntntDic.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.CntntDic (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.CntntDisp.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.CntntDisp (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mp3Tube Toolbar (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HOMEPAGE PROTECTION SERVICE (Adware.Mp3Tube) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.0.517.0 (Adware.HotBar) -> Value: ShopperReports 3.0.517.0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790475B1765C573EAA94 (Malware.Trace) -> Value: SRS_IT_E8790475B1765C573EAA94 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ClickPotatoLiteSA (Adware.ClickPotato) -> Value: ClickPotatoLiteSA -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Homepage Protection Service\UninstallString (Adware.Mp3Tube) -> Value: UninstallString -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\documents and settings\all users\menu démarrer\programmes\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\shopperreports (Adware.ShopperReports) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\documents and settings\all users\menu démarrer\programmes\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\shopperreports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\shopperreports\customer support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.



je lance OTL
Avatar de l'utilisateur
nana_du_35
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 294
Inscription: 01 Mar 2007 18:36
Localisation: 35000
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 19:47

je fais quoi sur OTL? avant d'envoyer le rapport OTL
Avatar de l'utilisateur
nana_du_35
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 294
Inscription: 01 Mar 2007 18:36
Localisation: 35000
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 19:56

nana_du_35 a écrit:je fais quoi sur OTL? avant d'envoyer le rapport OTL


Relance OTL pour voir si un intrus n'est pas encore sur le pc.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 20:08

oui, mais je lance quoi ? une analyse, ou une correction et y a t il des cases a cocher ou décocher, et quelque chose a mettre dans personnalisation

merci de ton aide
Avatar de l'utilisateur
nana_du_35
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 294
Inscription: 01 Mar 2007 18:36
Localisation: 35000
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 20:22

nana_du_35 a écrit:oui, mais je lance quoi ? une analyse, ou une correction et y a t il des cases a cocher ou décocher, et quelque chose a mettre dans personnalisation

merci de ton aide


non juste une nouvelle analyse comme au tout début.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 28 Jan 2011 21:39

c'est ok, je m'en occuperait dès lundi quand je retournerai chez mes parents, et je vous tient au courant! bon we à vous tous
Avatar de l'utilisateur
nana_du_35
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 294
Inscription: 01 Mar 2007 18:36
Localisation: 35000
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 29 Jan 2011 08:49

Bon Weekend à toi aussi :wink:
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 31 Jan 2011 19:03

bonjour tous le monde. voila le nouveau rapport OTL /

Code: Tout sélectionner
OTL logfile created on: 31/01/2011 18:54:35 - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Documents and Settings\Jean-Yves\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1 015,00 Mb Total Physical Memory | 525,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 22,73 Gb Free Space | 61,00% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 113,13 Gb Free Space | 75,90% Space Free | Partition Type: NTFS
 
Computer Name: CHAUVIN | User Name: Jean-Yves | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/01/27 12:17:19 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean-Yves\Mes documents\Téléchargements\OTL.exe
PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/11 19:00:11 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/06/21 10:56:08 | 000,739,840 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
PRC - [2009/08/24 12:23:02 | 000,282,624 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Systray\SystrayApp.exe
PRC - [2009/08/24 12:22:44 | 000,717,552 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe
PRC - [2009/08/24 12:22:34 | 000,069,632 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009/08/24 12:22:30 | 000,053,248 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\Corecom\OraConfigRecover.exe
PRC - [2009/08/24 12:22:28 | 000,495,616 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\Corecom\CoreCom.exe
PRC - [2009/08/24 12:22:26 | 000,974,848 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
PRC - [2009/08/24 12:22:26 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 14:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2006/02/10 06:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2006/01/05 06:58:38 | 000,489,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe
PRC - [2005/12/09 14:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2005/12/09 14:32:18 | 000,225,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/11/01 16:22:22 | 000,262,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\ElkCtrl.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/01/27 12:17:19 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jean-Yves\Mes documents\Téléchargements\OTL.exe
MOD - [2011/01/13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2005/12/09 14:37:42 | 000,086,016 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/08/24 12:22:34 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/08/09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/12/09 14:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/01/26 20:19:21 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/08/24 12:22:58 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2009/08/24 12:22:58 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2009/06/12 13:35:14 | 000,215,552 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2008/09/24 09:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/13 10:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2007/05/09 20:47:00 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2005/12/09 14:37:42 | 002,400,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (lvmvdrv)
DRV - [2005/12/09 14:37:42 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon)
DRV - [2005/12/09 14:35:54 | 002,174,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap)
DRV - [2005/05/27 17:46:20 | 000,913,280 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2005/05/27 17:37:58 | 000,007,136 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005/05/27 17:31:26 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2003/05/15 18:09:32 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll ()
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-606747145-813497703-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngineURL: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/firefox"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/30 18:33:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/31 18:48:01 | 000,000,000 | ---D | M]
 
[2010/08/10 16:46:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Yves\Application Data\Mozilla\Extensions
[2011/01/09 22:01:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jean-Yves\Application Data\Mozilla\Firefox\Profiles\c1glp04o.default\extensions
[2011/01/09 22:01:01 | 000,000,564 | ---- | M] () -- C:\Documents and Settings\Jean-Yves\Application Data\Mozilla\Firefox\Profiles\c1glp04o.default\searchplugins\bing.xml
[2011/01/30 20:38:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/10 17:42:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/11/09 06:56:01 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/11/09 06:56:01 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/11/09 06:56:01 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/11/09 06:56:02 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/11/09 06:56:02 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2008/04/14 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000314.dll (Orange)
O3 - HKU\S-1-5-21-606747145-813497703-1606980848-1004\..\Toolbar\WebBrowser: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000314.dll (Orange)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-606747145-813497703-1606980848-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-606747145-813497703-1606980848-1004..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-813497703-1606980848-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/10 15:53:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/01/27 12:15:35 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/01/27 12:15:47 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{352d69a6-1122-11e0-b7e6-00032f4b55e9}\Shell - "" = AutoRun
O33 - MountPoints2\{352d69a6-1122-11e0-b7e6-00032f4b55e9}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/01/31 15:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\Adobe
[2011/01/31 15:05:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/01/31 13:38:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Bureau\carte mémoire nadia
[2011/01/28 19:32:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Application Data\NAVIGON Fresh
[2011/01/28 19:31:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\NAVIGON
[2011/01/28 19:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\NAVIGON
[2011/01/27 21:02:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Application Data\Malwarebytes
[2011/01/27 21:01:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/01/27 21:01:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/01/27 21:01:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/01/27 21:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/27 21:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/01/27 13:11:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/27 12:15:35 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/01/27 12:14:36 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011/01/27 12:10:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jean-Yves\Recent
[2011/01/26 21:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Bureau\microsoft office 2007
[2011/01/26 20:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
[2011/01/26 20:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\DESIGNER
[2011/01/26 20:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/01/26 20:39:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011/01/26 20:37:15 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/01/26 20:26:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2011/01/26 20:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DAEMON Tools Lite
[2011/01/26 20:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011/01/26 20:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Lite
[2011/01/26 20:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/01/26 19:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Pro
[2011/01/19 17:56:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\BlazePhoto 2.0
[2011/01/19 17:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Mes documents\My Pictures
[2011/01/19 17:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\BlazeVideo
[2011/01/19 17:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ovt
[2011/01/19 17:49:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\OvtCam
[2011/01/19 17:49:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\OVT
[2011/01/19 17:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\OVT
[2011/01/12 16:23:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jean-Yves\Mes documents\Mes images
[2011/01/12 15:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Mes documents\Mes numérisations
[2011/01/12 15:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Mes documents\Mes albums
[2011/01/12 14:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Menu Démarrer\Programmes\Micro Application
[2011/01/12 14:36:11 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System32\Pcdlib32.dll
[2011/01/12 14:36:11 | 000,077,878 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\temp.000
[2011/01/12 14:36:11 | 000,058,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\npplg80n.dll
[2011/01/12 14:36:11 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTWND80n.DLL
[2011/01/12 14:36:11 | 000,027,136 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lttwn80n.dll
[2011/01/12 14:36:10 | 000,401,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltkrn80n.dll
[2011/01/12 14:36:10 | 000,198,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltann80n.dll
[2011/01/12 14:36:10 | 000,126,464 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltefx80n.dll
[2011/01/12 14:36:10 | 000,097,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lftif80n.dll
[2011/01/12 14:36:10 | 000,087,552 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltimg80n.dll
[2011/01/12 14:36:10 | 000,058,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil80n.DLL
[2011/01/12 14:36:10 | 000,021,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwmf80n.dll
[2011/01/12 14:36:10 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwpg80n.dll
[2011/01/12 14:36:10 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftga80n.dll
[2011/01/12 14:36:10 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfras80n.dll
[2011/01/12 14:36:10 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwfx80n.dll
[2011/01/12 14:36:09 | 000,111,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpng80n.dll
[2011/01/12 14:36:09 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif80n.dll
[2011/01/12 14:36:09 | 000,028,672 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lflma80n.dll
[2011/01/12 14:36:09 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfica80n.dll
[2011/01/12 14:36:09 | 000,025,088 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lflmb80n.dll
[2011/01/12 14:36:09 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpct80n.dll
[2011/01/12 14:36:09 | 000,024,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx80n.dll
[2011/01/12 14:36:09 | 000,022,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpsd80n.dll
[2011/01/12 14:36:09 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfimg80n.dll
[2011/01/12 14:36:09 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcd80n.dll
[2011/01/12 14:36:09 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmsp80n.dll
[2011/01/12 14:36:09 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmac80n.dll
[2011/01/12 14:36:08 | 000,220,160 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfdic80n.dll
[2011/01/12 14:36:08 | 000,218,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfcmp80n.dll
[2011/01/12 14:36:08 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lffax80n.dll
[2011/01/12 14:36:08 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx80n.dll
[2011/01/12 14:36:08 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp80n.dll
[2011/01/12 14:36:08 | 000,024,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfeps80n.dll
[2011/01/12 14:36:08 | 000,022,528 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfawd80n.dll
[2011/01/12 14:36:08 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfcal80n.dll
[2011/01/12 14:36:08 | 000,017,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfavi80n.dll
[2011/01/12 14:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Micro Application
[2011/01/12 13:14:14 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2011/01/12 13:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\Microsoft Help
[2011/01/12 13:05:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011/01/10 21:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/01/10 16:43:07 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2011/01/10 16:43:07 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2011/01/09 22:42:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2011/01/09 22:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/01/09 22:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011/01/09 19:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Tracing
[2011/01/09 19:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/01/09 19:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2011/01/09 19:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/01/09 19:26:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
[2011/01/09 19:26:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/01/09 19:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2011/01/05 19:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jean-Yves\Application Data\MSNInstaller
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/01/31 18:48:02 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/01/31 17:32:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/30 20:27:25 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/28 19:31:43 | 000,000,952 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\NAVIGON Fresh.lnk
[2011/01/27 21:01:36 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/01/27 06:34:52 | 000,298,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/26 20:19:25 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DAEMON Tools Lite.lnk
[2011/01/26 20:19:21 | 000,431,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011/01/24 16:46:12 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/19 17:56:41 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\BlazePhoto 2.0.lnk
[2011/01/16 10:20:22 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/12 14:35:39 | 000,000,040 | ---- | M] () -- C:\WINDOWS\NAVIGMA.INI
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/01/31 18:48:02 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/01/31 18:48:01 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2011/01/28 19:31:43 | 000,000,952 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\NAVIGON Fresh.lnk
[2011/01/27 21:01:36 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/01/26 20:19:25 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DAEMON Tools Lite.lnk
[2011/01/26 19:51:39 | 000,431,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011/01/19 17:56:40 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\BlazePhoto 2.0.lnk
[2011/01/12 14:36:09 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2011/01/12 14:36:08 | 000,308,224 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2011/01/12 14:35:38 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2011/01/09 22:25:07 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft Office PowerPoint 2007.lnk
[2010/10/25 05:56:03 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2010/09/20 09:43:15 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/02 14:53:50 | 000,000,075 | ---- | C] () -- C:\WINDOWS\ImportClient.INI
[2010/08/13 14:37:55 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/08/11 18:44:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010/08/11 18:35:05 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2010/08/11 18:30:58 | 000,002,292 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/08/11 18:30:56 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/08/10 18:00:09 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Jean-Yves\Local Settings\Application Data\fusioncache.dat
[2010/08/10 17:42:25 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/10 17:08:32 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010/08/10 17:04:54 | 000,013,065 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/05/09 19:35:54 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005/12/09 14:37:42 | 002,400,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2005/12/09 14:37:42 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005/12/09 14:35:54 | 002,174,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2001/07/07 02:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/08/10 17:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/02 14:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2011/01/26 20:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/01/26 20:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Lite
[2011/01/26 19:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\DAEMON Tools Pro
[2010/08/10 18:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\EBP
[2010/09/09 21:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\Icones
[2011/01/05 19:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\MSNInstaller
[2011/01/28 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\NAVIGON Fresh
[2010/08/10 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Yves\Application Data\OpenOffice.org
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >


j'espere que c'est bon.merci de votre aide
Avatar de l'utilisateur
nana_du_35
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 294
Inscription: 01 Mar 2007 18:36
Localisation: 35000
 
Haut

Re: fichier daemontoolswhenUsave impossible à supprimer

Message le 31 Jan 2011 20:05

ok très bien pour le rapport :wink:

deux petites choses pour finir.

un petit soucis avec l'USB donc ceci.


Désactive ton anti Virus avant le scan car il bloque sur la désinfection

Télécharge USBFix depuis ce lien : <<ICI>>

Double cliquez sur "UsbFix.exe" présent sur votre bureau.
L'installation est automatique.

Branche tes lecteurs externes

Valide Suppression


Une fois l'analyse terminée, un rapport de scan vous est proposé...
CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse


Ensuite tu as encore IE6 et même si tu tant sert peu passe à une version supérieur.
N'oublies que l'on arrive a la version 9. :lol:
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 
Haut
Répondre

Sujets similaires

Message [Réglé] Fichier ADMINISTRATEUR n apparait plus
Bonjour,Je n'arrive plus à faire apparaître le fichier administrateurj'avais cliqué sur WINDOWS puis sur UTILISATEURensuite j'ai fait un clique droit sur ADMINISTRATEUR j'ai fait une erreur DANS PROPRIETE j'ai coché la case Cachédepuis le fichier est introuvableComment le récupérer merci
Réponses: 2

Message Renommer/supprimer des fichier avec caractères spéciaux
Salut,Sur un disque externe (NTFS) je me suis retrouvé avec des fichiers nommés sous la forme "10-XML::SAX::PurePerl" ou "Authen::SASL::Perl::GSSAPI.3pm.gz".Je veux virer tout ça, mais impossible car ils contiennent des ":".Très confiant, j'ai pris mon système préféré, ...
Réponses: 3

Message [Réglé] Aide pour analyse fichier FRST
Bonsoir,J'ai une fenêtre Powershell.exe qui s'ouvre et se ferme quelques minutes après le démarrage et ca n'était pas le cas avant.Mise à jour windows et mise à jour Nvidia récente.J'ai effectué une analyse et j'ai obtenu les fichiers texte suivants.Est ce que quelqu'un peut m'aider et me dire de qu ...
Réponses: 7

Message [Réglé] Streaming : Télécharger un fichier mp3
Bonjour à toutes et à tous,J'espère que ma question n'est pas hors charte. Si elle l'est, je vous prie de m'en excuser et vous pourrez supprimer mon topic.Je souhaiterais télécharger cette émission :Le problème étant réglé, le lien ayant perdu toute nécessité a été suppriméJ'ai cliqué droit sur la f ...
Réponses: 1

Message [résolu] Supprimer une mise a jour ou souci avec chromium ?
Bonjour J'ai fait une mise a jour hier soir avant d'éteindre l'ordinateur, je m'étais dit que je ne ferais plus que celles des navigateurs, c'est de ma faute. Depuis ce matin, sur certains sites, FA et ma boite mail, je n'ai plus les cadres autour des messages, ça fait très "bazar" ai ...
Réponses: 12

Message supprimer mon compte
Bonsoir,J'aimerais simplement savoir comment supprimer mon compte sur ce site.Merci d'avanceBonne soirée
Réponses: 1

Message [résolu] supprimer des applets
Bonjour Je n'arrive à supprimer des applets, dans le panneau. Le premier qui ne me sert a rien, c'est celui avec le point d'exclamation, c'est "relevés du système" L'autre, c'est "bluethooth"Le premier, je suis obligé de l'ouvrir pour pouvoir ensuite le fermer. Le bluethooth, je ...
Réponses: 8

Haut

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 7 invités

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.