Ça dit quoi ?
- Code: Tout sélectionner
OTL logfile created on: 16/08/2010 17:38:45 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Famille\Bureau\Outils pour désinfect
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
511,00 Mb Total Physical Memory | 216,00 Mb Available Physical Memory | 42,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 7,83 Gb Free Space | 21,02% Space Free | Partition Type: NTFS
Drive D: | 23,59 Gb Total Space | 12,51 Gb Free Space | 53,03% Space Free | Partition Type: NTFS
Drive E: | 13,65 Gb Total Space | 8,53 Gb Free Space | 62,45% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: M
Current User Name: Famille
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010/08/01 13:26:04 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Famille\Bureau\Outils pour désinfect\OTL.exe
PRC - [2009/09/08 20:20:02 | 000,288,560 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/07/21 14:34:55 | 000,193,793 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
PRC - [2009/07/21 14:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 16:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/18 03:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/08/02 01:39:20 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/08/02 01:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/08/02 01:24:22 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2004/08/06 14:49:28 | 000,073,728 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2004/08/06 14:04:10 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe
PRC - [2004/07/26 15:39:26 | 000,049,152 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2004/07/26 14:52:34 | 000,204,800 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\OSD.exe
PRC - [2004/02/26 16:53:30 | 000,065,024 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/01/26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
PRC - [2003/12/05 11:44:34 | 000,233,472 | ---- | M] (Nikon Corporation) -- C:\Program Files\Nikon\NkView6\NkvMon.exe
PRC - [2003/08/06 22:24:20 | 012,037,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
PRC - [2003/07/25 14:49:06 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003/07/19 19:01:28 | 000,086,016 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Microsoft Works\WkDStore.exe
PRC - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2002/09/19 23:29:30 | 000,053,248 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010/08/01 13:26:04 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Famille\Bureau\Outils pour désinfect\OTL.exe
MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2003/07/25 14:48:40 | 000,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2009/11/14 13:48:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/08/02 21:37:45 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009/07/21 14:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 16:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/08/02 01:39:20 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006/08/02 01:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006/08/02 01:24:22 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2002/09/19 23:41:02 | 000,077,824 | ---- | M] (Computer Associates) [On_Demand | Stopped] -- C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe -- (CA_LIC_SRVR)
SRV - [2002/09/19 23:29:30 | 000,053,248 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe -- (LogWatch)
SRV - [2002/09/19 23:27:06 | 000,077,824 | ---- | M] (Computer Associates) [On_Demand | Stopped] -- C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe -- (CA_LIC_CLNT)
SRV - [2001/11/12 15:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand | Stopped] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\Wbutton.sys -- (Wbutton)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2009/12/19 20:22:01 | 000,104,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009/12/18 00:25:12 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009/11/25 12:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 10:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/03/27 02:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/04/13 20:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 20:40:26 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2007/05/23 04:21:12 | 000,016,272 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)
DRV - [2007/05/11 03:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007/03/05 06:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007/03/05 05:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2007/03/05 05:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2007/03/05 05:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2007/03/05 05:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2007/01/12 20:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006/08/02 02:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/07/10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006/07/05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006/06/29 20:49:38 | 002,206,720 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel(R)
DRV - [2006/06/14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/05/19 16:52:58 | 000,017,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2005/01/14 18:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004/07/19 18:41:48 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2004/07/17 22:11:26 | 000,768,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/07/14 02:00:26 | 000,067,968 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004/05/26 15:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2004/02/27 00:50:38 | 000,611,820 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2004/01/20 23:56:56 | 000,077,925 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/01/20 23:56:30 | 001,086,853 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/01/20 23:55:34 | 000,619,369 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/01/20 23:54:54 | 000,031,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/05 18:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/07/25 14:28:16 | 000,270,544 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2003/04/28 11:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\HOTKEY.sys -- (Hotkey)
DRV - [2001/11/14 20:07:42 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10uif.sys -- (X10UIF)
DRV - [2001/08/17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://www.google.be/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/28 20:34:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/24 22:09:23 | 000,000,000 | ---D | M]
[2010/01/24 17:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Famille\Application Data\Mozilla\Extensions
[2010/01/24 17:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Famille\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/16 16:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Famille\Application Data\Mozilla\Firefox\Profiles\o5iwgn3a.default\extensions
[2010/04/05 18:06:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Famille\Application Data\Mozilla\Firefox\Profiles\o5iwgn3a.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/04/02 20:31:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/01 22:05:31 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/07/01 22:05:31 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/07/01 22:05:31 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/07/01 22:05:31 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/07/01 22:05:31 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2010/08/16 12:15:56 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Home Cinema\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe (Nikon Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1092937461363 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Famille\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Famille\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[clearallrestorepoints]
Restore points cleared and new OTL Restore Point set!
[CREATERESTOREPOINT]
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010/08/16 14:22:08 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/16 13:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\U3
[2010/08/16 11:39:49 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/24 01:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Famille\Local Settings\Application Data\Temp
[2010/07/24 01:40:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Famille\Local Settings\Application Data\Deployment
[2004/01/01 17:10:25 | 000,135,168 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010/08/16 17:38:21 | 000,021,456 | ---- | M] () -- C:\Documents and Settings\Famille\Application Data\wklnhst.dat
[2010/08/16 16:50:34 | 000,002,957 | ---- | M] () -- C:\Documents and Settings\Famille\Bureau\eBay Belgique - Achat immédiat et vente aux enchères. Neuf et occasion. On trouve tout sur eBay.lnk
[2010/08/16 16:46:00 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2917347797-3027105718-829246846-1008UA.job
[2010/08/16 16:26:42 | 000,000,202 | ---- | M] () -- C:\Documents and Settings\Famille\Bureau\eBay Neue und gebrauchte Elektronikartikel, Autos, Kleidung, Sammlerstücke, Sportartikel und mehr – alles zu günstigen Preisen.url
[2010/08/16 15:03:49 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/08/16 15:01:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/16 15:00:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/16 15:00:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/16 15:00:20 | 535,875,584 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/16 14:58:19 | 008,650,752 | ---- | M] () -- C:\Documents and Settings\Famille\NTUSER.DAT
[2010/08/16 14:58:15 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Famille\ntuser.ini
[2010/08/16 12:52:19 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Famille\Bureau\La connexion a été refusée par le serveur proxy.doc
[2010/08/16 12:15:56 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/16 11:57:26 | 000,000,253 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/16 11:56:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2010/08/12 03:46:55 | 002,127,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/12 03:24:09 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/12 03:17:37 | 001,099,590 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/12 03:17:37 | 000,529,198 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/08/12 03:17:37 | 000,437,284 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/12 03:17:37 | 000,092,700 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/08/12 03:17:37 | 000,070,604 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/12 01:46:01 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2917347797-3027105718-829246846-1008Core.job
[2010/08/11 15:52:35 | 000,002,321 | ---- | M] () -- C:\Documents and Settings\Famille\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/11 15:52:34 | 000,002,343 | ---- | M] () -- C:\Documents and Settings\Famille\Bureau\Google Chrome.lnk
[2010/07/30 23:03:12 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\wavepadDowngrade.job
[2010/07/29 11:00:05 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/07/27 08:30:01 | 008,518,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010/07/26 18:45:32 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Famille\Application Data\pcouffin.sys
[2010/07/26 18:45:32 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Famille\Application Data\pcouffin.cat
[2010/07/26 18:45:32 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Famille\Application Data\pcouffin.inf
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010/08/16 16:26:42 | 000,000,202 | ---- | C] () -- C:\Documents and Settings\Famille\Bureau\eBay Neue und gebrauchte Elektronikartikel, Autos, Kleidung, Sammlerstücke, Sportartikel und mehr – alles zu günstigen Preisen.url
[2010/08/16 16:25:09 | 000,002,957 | ---- | C] () -- C:\Documents and Settings\Famille\Bureau\eBay Belgique - Achat immédiat et vente aux enchères. Neuf et occasion. On trouve tout sur eBay.lnk
[2010/08/16 12:52:18 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Famille\Bureau\La connexion a été refusée par le serveur proxy.doc
[2010/08/16 11:39:49 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/24 01:44:00 | 000,002,343 | ---- | C] () -- C:\Documents and Settings\Famille\Bureau\Google Chrome.lnk
[2010/07/24 01:44:00 | 000,002,321 | ---- | C] () -- C:\Documents and Settings\Famille\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/24 01:41:05 | 000,001,154 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2917347797-3027105718-829246846-1008UA.job
[2010/07/24 01:41:04 | 000,001,102 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2917347797-3027105718-829246846-1008Core.job
[2010/01/28 14:36:32 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2009/10/23 15:17:48 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/23 15:17:48 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/10/21 11:59:30 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/08/26 15:17:21 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2009/08/10 21:03:27 | 000,005,606 | R--- | C] () -- C:\WINDOWS\System32\stci.dll
[2009/01/03 17:36:27 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2008/05/26 23:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 23:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 23:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/03/26 22:25:56 | 000,002,210 | ---- | C] () -- C:\WINDOWS\coolmp3.ini
[2006/09/17 16:07:08 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\dprsx.dll
[2006/09/17 16:07:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\gpvbd.dll
[2006/09/17 16:07:08 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\AuthDVD.DLL
[2006/07/28 23:46:28 | 000,000,029 | ---- | C] () -- C:\WINDOWS\coolacm.ini
[2006/07/28 20:33:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COOLSYS.INI
[2006/07/28 20:33:19 | 000,000,027 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2006/07/28 20:33:16 | 000,010,677 | ---- | C] () -- C:\WINDOWS\coolkb2k.ini
[2006/07/28 20:30:00 | 000,009,973 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2005/04/11 23:11:13 | 000,011,270 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/02/27 19:10:30 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005/02/27 19:10:30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005/01/08 12:46:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2004/12/20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 11:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/12/05 23:50:53 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2004/10/28 15:41:23 | 000,001,557 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2004/10/27 18:10:59 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\mpcsys.sys.bak
[2004/09/19 16:53:25 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/09/19 14:48:06 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/09/01 17:49:17 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/08/20 12:30:23 | 000,000,047 | ---- | C] () -- C:\WINDOWS\InoSetup.ini
[2004/08/19 23:58:38 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/19 20:45:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2004/08/19 19:30:37 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/08/19 17:37:22 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/19 17:08:35 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/08/19 17:06:44 | 000,009,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\HOTKEY.sys
[2004/08/19 17:00:20 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/08/19 15:56:42 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 15:44:08 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/14 07:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2004/01/01 17:10:25 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/01/01 17:03:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2004/01/01 16:54:45 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< :Files >[/color]
[color=#A23BEC]< C:\Documents and Settings\Famille\Application Data\inst.exe >[/color]
[color=#A23BEC]< C:\Documents and Settings\Famille\Local Settings\temp\emrnocaxws.tmp >[/color]
[color=#A23BEC]< C:\Documents and Settings\Famille\Local Settings\Application Data\cocithuql\cbretmushdw.exe >[/color]
[color=#A23BEC]< C:\Documents and Settings\Famille\Local Settings\Application Data\qnfjtgtoh\cbkswtfshdw.exe >[/color]
[color=#A23BEC]< C:\Documents and Settings\Famille\Local Settings\Application Data\cocithuql\cbretmushdw.exe >[/color]
[color=#A23BEC]< C:\Documents and Settings\Famille\Local Settings\Application Data\qnfjtgtoh\cbkswtfshdw.exe >[/color]
[color=#A23BEC]< C:\Documents and Settings\Famille\Local Settings\Application Data\cocithuql >[/color]
[color=#A23BEC]< C:\Documents and Settings\Famille\Local Settings\Application Data\qnfjtgtoh >[/color]
[color=#A23BEC]< C:\mdm.exe >[/color]
[color=#A23BEC]< >[/color]
[color=#A23BEC]< :OTL >[/color]
[color=#A23BEC]< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk >[/color]
[color=#A23BEC]< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 >[/color]
[color=#A23BEC]< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google >[/color]
[color=#A23BEC]< IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 >[/color]
[color=#A23BEC]< IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> >[/color]
[color=#A23BEC]< IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522 >[/color]
[color=#A23BEC]< O4 - HKLM\..\Run: [Bar] C:\Documents and Settings\Famille\Local Settings\temp\emrnocaxws.tmp (TODO: <Company name>) >[/color]
[color=#A23BEC]< O4 - HKLM\..\Run: [qwnrpnpg] C:\Documents and Settings\Famille\Local Settings\Application Data\cocithuql\cbretmushdw.exe () >[/color]
[color=#A23BEC]< O4 - HKLM\..\Run: [smekmrvy] C:\Documents and Settings\Famille\Local Settings\Application Data\qnfjtgtoh\cbkswtfshdw.exe () >[/color]
[color=#A23BEC]< O4 - HKCU\..\Run: [qwnrpnpg] C:\Documents and Settings\Famille\Local Settings\Application Data\cocithuql\cbretmushdw.exe () >[/color]
[color=#A23BEC]< O4 - HKCU\..\Run: [smekmrvy] C:\Documents and Settings\Famille\Local Settings\Application Data\qnfjtgtoh\cbkswtfshdw.exe () >[/color]
[color=#A23BEC]< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 >[/color]
[color=#A23BEC]< O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present >[/color]
[color=#A23BEC]< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 >[/color]
[color=#A23BEC]< O18 - Protocol\Handler\ipp - No CLSID value found >[/color]
[color=#A23BEC]< O18 - Protocol\Handler\msdaipp - No CLSID value found >[/color]
[color=#A23BEC]< O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Famille\Application Data\ohydy.exe) - C:\Documents and Settings\Famille\Application Data\ohydy.exe File not found >[/color]
[color=#A23BEC]< O32 - AutoRun File - [2004/09/19 15:07:07 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] >[/color]
Invalid Switch: 19 15:07:07 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
[color=#A23BEC]< O32 - AutoRun File - [2010/08/01 18:51:00 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ FAT ] >[/color]
Invalid Switch: 01 18:51:00 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ FAT ]
[color=#A23BEC]< O32 - AutoRun File - [2006/05/12 00:13:39 | 000,000,279 | R--- | M] () - H:\autorun.inf -- [ CDFS ] >[/color]
Invalid Switch: 12 00:13:39 | 000,000,279 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
[color=#A23BEC]< O33 - MountPoints2\H\Shell - "" = AutoRun >[/color]
[color=#A23BEC]< >[/color]
[color=#A23BEC]< :Reg >[/color]
[color=#A23BEC]< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] >[/color]
[color=#A23BEC]< "UserInit"="C:\WINDOWS\system32\userinit.exe," >[/color]
[color=#A23BEC]< >[/color]
[color=#A23BEC]< :commands >[/color]
[color=#A23BEC]< [purity] >[/color]
[color=#A23BEC]< [emptytemp] >[/color]
[color=#A23BEC]< [emptyflash] >[/color]
[color=#A23BEC]< [resethosts] >[/color]
[color=#A23BEC]< [reboot] >[/color]
< End of report >
Décidément je n'y comprends rien !