win32: skimorph que je n'arrive pas à supprimer

gwennaig59 · le 18 Sep 2010 16:27

Bonjour, nouvelle sur ce forum, j'ai chopé un trojan que je n'arrive pas à supprimer, et mes connaissances en informatique ne me paraissent pas suffisantes ( et oui je suis une "fille") Est-ce que quelqu'un pourrait m'aider (quelqu'un de patient parce que je comprends vite mais faut m'expliquer longtemps) Merci

Anne

bernard53 · le 18 Sep 2010 17:05

bonjour gwennaig59 et Bienvenue.

Commence par ceci s.t.p

viewtopic.php?f=19&t=51456

gwennaig59 · le 18 Sep 2010 19:21

Bonjour Bernard53,

J'essaie de suivre vos conseils.

Voici le rapport OTL demandé

Code: Tout sélectionner: OTL Extras logfile created on: 18/09/2010 18:49:51 - Run 1 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\ANNE\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 153,63 Gb Total Space | 69,80 Gb Free Space | 45,44% Space Free | Partition Type: NTFS Drive D: | 303,34 Gb Total Space | 155,55 Gb Free Space | 51,28% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC-DE-ANNE Current User Name: ANNE Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00450E05-6F4C-42E5-9598-02CF18378FEA}" = Windows Live ID Sign-in Assistant "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works "{0382A899-8F86-4985-4AD0-ACF90F08A7F5}" = CCC Help Italian "{03D8C817-A848-BAB8-5D13-253733AAAB9D}" = Skins "{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp "{04738311-DFA4-4CBE-A549-6D7CB0F78B15}" = Windows Live Writer Resources "{07766F89-EFAA-4635-86B7-636B89EA2C0D}" = Bing Bar Platform "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Barre d'outils Bing "{0868BB9D-5EA0-40AF-A1CC-A38ED4E5BC67}" = 32 Bit HP CIO Components Installer "{0A044AE9-414B-A56C-F13F-CD14192C8D66}" = Catalyst Control Center Localization Swedish "{0C16B835-AB98-2E05-0412-86F3BC081835}" = CCC Help Dutch "{0F5364F1-EE5D-1DC5-5E68-A684A1324EFA}" = Catalyst Control Center Localization Norwegian "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1 "{0FBED033-E697-4531-BECF-8469AAF7223F}" = Windows Live Mail "{11B5D7DE-EFD9-4403-83CE-35376D8E6D6A}" = Windows Live Writer "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{158154A2-4267-44FA-BB07-65E101E2920E}" = Windows Live Remote Service "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{19DD26A7-F0DD-472E-887F-44128C31163C}" = Windows Live Messenger "{19FC3933-1DCD-05CA-1D27-DD633B08CFEC}" = CCC Help English "{1A5B743C-FD87-48D0-9386-C4CCB5D3552C}" = Windows Live Sync Beta "{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 (Beta) "{20140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 (Beta) "{20140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 (Beta) "{20140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 (Beta) "{20140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 (Beta) "{20140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 (Beta) "{20140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 (Beta) "{20140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta) "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta) "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta) "{20140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 (Beta) "{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta) "{20140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 (Beta) "{20140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 (Beta) "{20140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 (Beta) "{20140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 (Beta) "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{2246DEA5-C85A-33B3-9DD7-E1F8886DAB70}" = CCC Help French "{22695169-656F-C7B5-1D3B-E8E80597A95B}" = Catalyst Control Center Localization Finnish "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 21 "{2739CCB7-2861-4858-9B2E-4CB19B489F8F}" = Windows Live Movie Maker "{28C6E2CA-6F95-CDDD-A847-863E1E74F5BB}" = Catalyst Control Center Localization Dutch "{2C8574B5-6935-4FCE-860E-F4E8602378FF}" = OfferBox "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{355DEC84-D390-A42D-0D2B-01D82939B550}" = CCC Help Norwegian "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3932CA01-E514-48A1-8D2D-B9DA712C58B5}" = Windows Live Writer "{394A36B7-A693-48FD-AA14-DC17E291A378}" = Windows Live Writer "{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights "{3A81D825-184F-4ED4-9B1F-8E7E40B63617}" = Windows Live Photo Common Beta "{3F62782D-2798-4540-B493-F6472197900E}" = Microsoft Search Enhancement Pack "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{40034B11-149E-4310-AE89-BB575B02525B}" = LG Internet Kit "{41A15ABD-081B-43DC-91A5-8727265E8D77}" = Windows Live Photo Common "{41F29458-1402-4849-BF68-BCF728DD8EEA}" = Windows Live Family Safety "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{45682FAD-CF84-9EAB-E3B7-0E84A340AA5D}" = Catalyst Control Center Localization Italian "{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective "{49B6F667-76EB-4E9D-ACD2-84B7437901C0}" = LG PC Suite II "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A141615-3F37-7229-5D12-A4F20076FB92}" = Catalyst Control Center Localization French "{4D40C773-18B8-4521-8D3C-2C9DD6EF1303}" = Windows Live UX Platform Language Pack "{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform "{4E89C074-29D6-4756-B820-A95F5E15B33A}" = Windows Live MIME IFilter "{4E961B6D-0F5F-EACF-7139-99EEF0F53629}" = Catalyst Control Center Graphics Previews Vista "{4EF0FFB5-11DA-650A-4E70-8ED929254CB4}" = Catalyst Control Center Localization Spanish "{4F88F5D8-767A-4EB4-9AFA-A7CBCC69D767}" = Windows Live SOXE "{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater "{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent "{52CDDA92-56B6-4BA5-BD8D-E13B186008CB}" = D3DX10 "{54488589-76BC-4A3F-AC4F-71EBAD657850}" = Windows Live Communications Platform "{54B89390-59E3-981B-6C9C-A31E6F843AF7}" = Catalyst Control Center Graphics Light "{5506E492-20E9-601A-C4BB-5B71AEBF7CAC}" = CCC Help Japanese "{568261B6-CBB0-440E-A8B3-FAECC6D256D3}" = Galerie de photos Windows Live (bêta) "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{594BAF71-EEF6-1C42-42BB-75563A76130A}" = CCC Help German "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5E1E0911-D9BD-777A-2FDC-6ACE95FD54B6}" = CCC Help Danish "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver "{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{66069562-D3AF-4515-B1FD-7EE4DE5CE7D2}" = Windows Live PIMT Platform "{687154FB-961D-1901-6D05-52B50D1F27DA}" = Catalyst Control Center Graphics Full New "{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express "{6C52F7B2-7845-9F59-E835-64786359F378}" = Catalyst Control Center Core Implementation "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F8F81F9-861F-422E-ECD9-20F14C496545}" = Catalyst Control Center Localization Japanese "{71E0982E-918C-4522-B947-4B71C768EF0C}" = Windows Live Remote Client Resources "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{79347C9E-3647-4542-845A-62F3914083BA}" = Windows Live Messenger "{7B63B2922B174135AFC0E1377DD81EC2}" = "{7C2B745A-E7F1-41F1-B9BB-3DDB8D52E4CE}" = Readiris Pro 11 "{7E432D8D-D78A-44A8-9FE8-B8942F7FD01F}" = Windows Live UX Platform "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8CA0170E-6E9E-43A5-AE1F-85A82820B847}" = FreeCompressor "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{904CCF62-818D-4675-BC76-D37EB399F917}" = Gestionnaire pour appareils Windows Mobile "{91973772-A002-446D-8A67-B410553AD8F9}" = Windows Live SOXE Definitions "{93094D10-9388-11D4-9886-0000B43F396D}" = Contrôle Parental "{9431169A-9B3C-90CF-D917-0937F0DDAEA9}" = Catalyst Control Center Localization Danish "{9481F90F-B915-3788-2C3C-482578643E8F}" = Catalyst Control Center Localization German "{94943991-9A4B-7EB7-DD67-C558892CFEA8}" = ATI Catalyst Install Manager "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95A4E899-87EF-43C7-99E3-9ED5342FBF12}" = Windows Live Movie Maker "{96D12B40-1B7C-7B97-AAB5-CB6D758F8EEC}" = CCC Help Finnish "{9AEF310D-785F-E091-4121-0F7A4D2DA17B}" = Catalyst Control Center Graphics Full Existing "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A7A2204E-5BA0-4F13-9D5C-AD68CFCE4F63}" = Windows Live Remote Service Resources "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.4 - Français "{AD5ED0F2-3F1F-5744-0857-DB1CD353786C}" = ccc-core-static "{AD8B902F-C542-41BB-B9F0-68990C9B2A38}" = Windows Live Family Safety "{AEB75FCD-59A7-4B71-89D5-293CA630A6C0}" = Ciel Compta Facile 2.0 "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF145F8997B44EE9B106D018EF1DB58B}" = DivX Converter Mobile "{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 Fr "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B33CAFFE-01C2-4D10-9E74-74C1E13E0C04}" = Windows Live Messenger Companion Core "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C0A30BAA-295D-4F7F-8776-FD09FD57E2E2}" = Windows Live Installer "{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{C87BC0B7-2BB8-49D1-8CE0-EB0410EF0938}" = SystemDiagnostics "{C9DD2D24-1E1E-EBA9-8976-38BA4709B918}" = VirginMega DownloadManager V3 "{CBC82AAC-FEEE-4EC4-B118-1454A5ADBFE2}" = Catalyst Control Center - Branding "{CED9B1E8-FFCB-4497-9DFC-F0B20146896E}" = Windows Live Mail "{CF092689-6ADF-4C86-A8DA-31B0B448A36C}" = Junk Mail filter update "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.1.0" = OrangeInstaller version 1.2.1.0 "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D416E000-D999-470A-BCAC-98E717CC1AFC}" = VirginMega.Fr Premium "{D4AC05BA-249E-410E-A62D-C7759C276BA4}" = Windows Live Sync Beta "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{D65F8E34-C050-4E6C-86DB-D2B9075749A0}" = Windows Live Sync ActiveX Control for Remote Connections "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{D9E7E2A3-3EED-4BB7-B930-7F705BB49133}" = EBP Devis et Facturation Pratic 2009 6.0 "{dc2a94b7-be6f-4299-bb39-396676f1a206}" = Nero 9 "{DD54CF66-090B-43E7-97C1-110EF526474D}" = ArcSoft Multimedia Email "{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite "{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn "{E18C7F77-1E6E-4541-A987-1DF3612D21E8}" = Contrôle ActiveX Windows Live Devices pour connexions à distance "{E1D4A6AF-E335-44A7-B6AF-4BBF6492DDEF}" = Complément Messenger "{E352D262-66C1-4669-9522-8B57AA5AE201}" = hppManualsM1522 "{E42D0CAC-7A30-49FC-A025-0EEA90F58247}" = Location Immobiliere 5.3 SC2910 "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E655CB9A-B265-76EB-DF33-F187699F42E0}" = CCC Help Spanish "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EB16FAFF-0B89-F260-6C4B-EB3E7A2146CB}" = CCC Help Swedish "{EF622D2A-C373-661F-5909-330FAF46904A}" = ccc-utility "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F196BCB8-1F5D-4F56-AD51-9E911D507BAB}" = Windows Live Bêta "{F58A67D7-4056-4C0F-8874-1022E1157A88}" = Windows Live Remote Client "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{FB5AEB8B-D920-4F21-8336-16CFA828B145}" = Mesh Runtime "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FC888095-A35E-4993-A9E0-366BF6F0CCE0}" = ArcSoft PhotoImpression 5 "{FCE7CF00-581E-4B9B-8794-24A196BBFBC0}" = Windows Live Photo Gallery "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{ORAHSS}.UninstallSuite" = Connexion Internet Orange "05B59228C7E1C21DFBE89260F879BD95880548D8" = Package de pilotes Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.4) "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ad-Remover" = Ad-Remover By C_XX "am-supermahjong" = Super Mahjong "AnyDVD" = AnyDVD "AskTBar Uninstall" = Ask Toolbar "avast5" = avast! Free Antivirus "AviSynth" = AviSynth 2.5 "Compel install Adaptec WinASPI-4.6.0(1021)_is1" = Compel Adaptec WinASPI "CoyoteReplay" = CoyoteReplay "CrazyLoader" = CrazyLoader "Creative PD0630" = Creative WebCam Live! Driver (1.01.01.0730) "Creative WebCam Center" = Creative WebCam Center "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = Configuration DivX "EBP Devis et Facturation Pratic 2009 6.0" = EBP Devis et Facturation Pratic 2009 6.0 "eMule" = eMule "ffdshow_is1" = ffdshow [rev 2060] [2008-08-01] "GameCenter" = GameCenter "GameHouse" = GameHouse "Get Yahoo! Messenger" = Installer Yahoo! Messenger "Google Chrome" = Google Chrome "Google Desktop" = Google Desktop "Google Updater" = Outil de mise à jour Google "HijackThis" = HijackThis 2.0.2 "I.R.I.S. Desktop Search" = I.R.I.S. Desktop Search "InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.5 (Full) "LameACM" = Lame ACM MP3 Codec "MailNotifier" = Notification Mail "Manuel d'utilisation de Creative WebCam Live! French" = Manuel d'utilisation de Creative WebCam Live! (Français) "MappySynchro_is1" = MappySynchro v2.5 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "mmswitch" = Morgan Stream Switcher "Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9) "NeoDivX2008" = NeoDivx 2008 "NeoDivX2009" = NeoDivx 2009 "Netlog Music Tool" = Netlog Music Tool "Nokia Ovi Suite" = Nokia Ovi Suite "Nokia PC Suite" = Nokia PC Suite "NSS" = Norton Security Scan "Office14.SingleImage" = Microsoft Office Professionnel 2010 "Orange WebTV Player_is1" = Orange WebTV Player 1.29418 "OrangeToolbarFR" = barre d'outils Orange "Picasa 3" = Picasa 3 "Pro Cycling Manager 2008_is1" = Pro Cycling Manager - Season 2008 1.0.0.0 "PROPLUS" = Microsoft Office Professional Plus 2007 "Ri4m v5.0.1d" = Ri4m v5.0.1d "Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software "Shareware.Pro-FR Toolbar" = Shareware.Pro-FR Toolbar "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "Super Mahjong from GameHouse" = Super Mahjong from GameHouse "VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1" = VirginMega DownloadManager V3 "WalterShop" = WalterShop "WinLiveSuite" = Windows Live Bêta "WinRAR archiver" = Logiciel d'archivage WinRAR "x264 Revision 305 x264.nl" = x264 Revision 305 x264.nl (remove only) "Xvid_is1" = Xvid 1.1.3 final uninstall [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Netlog Toolbar" = Netlog Toolbar "Notification de cadeaux MSN" = Notification de cadeaux MSN [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 11/07/2009 15:10:27 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Windows\System32\conime.exe failed, 00000005. Error - 30/07/2009 13:45:09 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Windows\System32\conime.exe failed, 00000005. Error - 04/09/2009 14:56:14 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Windows\System32\conime.exe failed, 00000005. Error - 05/09/2009 15:01:20 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Windows\System32\conime.exe failed, 00000005. Error - 05/10/2009 11:45:24 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Windows\System32\conime.exe failed, 00000005. Error - 05/10/2009 12:18:56 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: tdiUrlBlockCommThread: DeviceIoControl [IOCTL_ASWTDI_URLBLOCK_REQUEST/2] failed, 000005AA. Error - 25/03/2010 16:21:28 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Users\ANNE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z31ZWL8S\Download[2].htm failed, 00000008. Error - 25/03/2010 16:24:06 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Users\ANNE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z31ZWL8S\Download[3].htm failed, 00000008. Error - 26/04/2010 10:55:04 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Windows\Installer\12cd1c.msi failed, 00000008. Error - 29/05/2010 13:18:02 | Computer Name = PC-de-ANNE | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Windows\System32\wmpps.dll failed, 00000008. [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >

J'essaie de sauvegarder mes fichiers.
Merci pour votre aide.

Anne

EDIT Skynet : petite erreur dans la balise [code] corrigée

.

bernard53 · le 18 Sep 2010 19:53

mets moi aussi le rapport nommé."OTL.Txt"

et tu as juste fait une petite erreur dans les balises codes.

[codeOTL Extra tu as juste oublier le crochet après [code.

PS: a priori rien d'important dans se rapport. il y a juste une petite intrusion que l'on supprimeras quand j'aurai toutes les indications avec l'autre rapport.

gwennaig59 · le 19 Sep 2010 13:28

Bonjour,

Voici le rapport nommé OTL txt

Code: Tout sélectionner: OTL logfile created on: 19/09/2010 14:06:09 - Run 2 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\ANNE\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 153,63 Gb Total Space | 73,32 Gb Free Space | 47,73% Space Free | Partition Type: NTFS Drive D: | 303,34 Gb Total Space | 185,33 Gb Free Space | 61,10% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC-DE-ANNE Current User Name: ANNE Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/09/18 18:44:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ANNE\Desktop\OTL.exe PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/09/01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010/08/30 17:23:57 | 004,492,224 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe PRC - [2010/08/14 20:19:39 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2010/08/12 07:04:33 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe PRC - [2010/07/29 21:39:20 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2010/07/29 21:39:20 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe PRC - [2010/07/27 19:15:47 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2010/06/16 18:50:42 | 001,274,528 | ---- | M] (Crazyloader) -- C:\Program Files\CrazyLoader\spointer\crazyloader_air.exe PRC - [2010/02/24 18:12:30 | 000,318,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe PRC - [2010/02/24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010/02/03 10:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010/01/26 13:41:08 | 000,652,800 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/10/27 10:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009/10/12 17:57:32 | 000,692,224 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe PRC - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009/08/24 12:23:02 | 000,282,624 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe PRC - [2009/08/24 12:22:44 | 000,717,552 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe PRC - [2009/08/24 12:22:34 | 000,069,632 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2009/08/24 12:22:30 | 000,053,248 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe PRC - [2009/08/24 12:22:28 | 000,495,616 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe PRC - [2009/08/24 12:22:26 | 000,974,848 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe PRC - [2009/08/24 12:22:26 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe PRC - [2009/08/18 03:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/08/18 03:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/05/27 19:59:40 | 005,664,768 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe PRC - [2008/05/28 16:06:02 | 006,144,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/02/29 14:13:12 | 000,307,200 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2007/11/08 15:38:58 | 000,533,264 | ---- | M] (Fujitsu Siemens Computers) -- C:\ProgramData\fsc-reg\fscreg.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/09/18 18:44:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ANNE\Desktop\OTL.exe MOD - [2009/07/14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/08/14 20:19:39 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010/08/09 05:26:26 | 001,472,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/07/31 17:22:34 | 000,049,504 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010/07/30 22:12:43 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2010/07/29 21:39:20 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010/07/27 21:37:20 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01) SRV - [2010/07/02 03:01:06 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/02/24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010/01/26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009/09/26 05:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/08/24 12:22:34 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009/08/18 03:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009/07/14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d’installation ActiveX (AxInstSV) SRV - [2009/07/14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009/06/12 14:27:52 | 000,925,696 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Netlog Toolbar\NetlogToolbarUpdaterService.exe -- (NetlogUpdaterService) SRV - [2008/02/29 14:13:12 | 000,307,200 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/08/14 20:19:38 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010/08/09 05:26:24 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2010/07/27 21:37:21 | 003,468,904 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01) DRV - [2010/07/22 13:37:29 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2010/04/27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2010/04/27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2010/04/27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2010/01/01 19:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2009/12/20 11:53:32 | 000,234,016 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/12/11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009/11/25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2009/11/25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/11/25 01:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2009/11/25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009/11/25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009/08/18 04:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/07/14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009/07/14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009/07/14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009/07/14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009/07/14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009/07/14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009/07/14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009/07/14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009/07/14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009/07/14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009/07/14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009/07/14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009/07/14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009/07/14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009/07/14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009/07/14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009/07/14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009/07/14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009/07/14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009/07/14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009/07/14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009/07/14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009/07/14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009/07/14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009/07/14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009/07/14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009/07/14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009/07/14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009/07/14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009/07/14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009/07/14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009/07/14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009/07/14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009/07/14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009/07/14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009/07/14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009/07/14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus) DRV - [2009/07/14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009/07/14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009/07/14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009/07/14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009/07/14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009/07/14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci) DRV - [2009/07/14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/07/14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009/07/14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009/07/14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009/07/14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009/07/14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009/07/14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009/07/14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt) DRV - [2009/07/14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009/07/14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009/07/14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009/07/14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009/07/14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009/07/14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009/07/14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009/07/14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009/07/14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009/07/14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009/04/06 22:41:45 | 000,639,224 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008/06/02 18:11:40 | 002,147,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/04/29 17:31:00 | 000,143,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2008/04/03 14:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID) DRV - [2007/12/19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio) DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA) DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA) DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA) DRV - [2004/07/30 03:55:48 | 000,091,830 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\P0630Vid.sys -- (P0630VID) DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Aspi32.sys -- (Aspi32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKLM\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.) IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Durable.com IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.durable.com/result?cx=partner-pub-7902900401080901%3Azbljezwsgul&cof=FORID%3A10&ie=UTF-8&q={searchTerms} IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 82 41 6D D7 02 08 CB 01 [binary data] IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll () IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Durable" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=" FF - prefs.js..browser.search.selectedEngine: "Bing" FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/" FF - prefs.js..extensions.enabledItems: msntoolbar@msn.com:6.0 FF - prefs.js..extensions.enabledItems: {3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}:2.2 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26 FF - prefs.js..extensions.enabledItems: crazyloader@spointer.com:2.5.1389.99 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723 FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0 FF - prefs.js..extensions.enabledItems: toolbar@waltershop.com:1.0 FF - prefs.js..extensions.enabledItems: {E6768F2A-D4C3-457D-A1A8-3472BF16267D}:Build 320 FF - prefs.js..keyword.URL: "http://www.bing.com/search?mkt=fr-FR&form=MIAWB1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/02/09 19:22:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/03/14 01:50:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/07/30 20:11:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\Firefox [2010/07/30 20:13:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/07/30 20:13:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\crazyloader@spointer.com: C:\Program Files\CrazyLoader\spointer\extensions\crazyloader@spointer.com [2010/08/11 22:50:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{E6768F2A-D4C3-457D-A1A8-3472BF16267D}: C:\Program Files\Orange\ToolbarFR\FirefoxContainer\ [2010/08/23 20:40:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/30 23:41:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/24 17:43:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/03/14 01:50:37 | 000,000,000 | ---D | M] [2010/01/27 22:46:11 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\mozilla\Extensions [2010/09/14 23:26:36 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\mozilla\Firefox\Profiles\utjwlxiu.default\extensions [2010/05/19 19:32:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ANNE\AppData\Roaming\mozilla\Firefox\Profiles\utjwlxiu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/03/06 02:34:14 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\mozilla\Firefox\Profiles\utjwlxiu.default\extensions\toolbar@waltershop.com [2010/04/28 20:51:27 | 000,002,650 | ---- | M] () -- C:\Users\ANNE\AppData\Roaming\Mozilla\FireFox\Profiles\utjwlxiu.default\searchplugins\bing.xml [2010/05/13 16:00:54 | 000,002,321 | ---- | M] () -- C:\Users\ANNE\AppData\Roaming\Mozilla\FireFox\Profiles\utjwlxiu.default\searchplugins\durable.xml [2010/09/15 07:11:18 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/05/27 11:03:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/09/15 07:11:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/05/14 20:12:03 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/05/14 20:12:03 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/05/14 20:12:03 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/05/14 20:12:03 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/05/14 20:12:03 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.) O2 - BHO: (BandActivator) - {345433b6-d1be-4a91-ace9-035674abb9a7} - C:\Program Files\Netlog Toolbar\NetlogToolbar.dll () O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Interest recogniser for Crazyloader (powered by Spointer)) - {C5F65718-341D-4e7d-9842-FCB9CC89527E} - C:\Program Files\CrazyLoader\spointer\extensions\crazyloader_air_ie.dll (Crazyloader) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (I.R.I.S. Desktop Search) - {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - C:\Program Files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll (Copernic Technologies Inc.) O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000320.dll (Orange) O3 - HKLM\..\Toolbar: (Netlog Toolbar) - {FD621E34-BFCE-41D3-BF58-43FF97746AD7} - C:\Program Files\Netlog Toolbar\NetlogToolbar.dll () O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (Shareware.Pro-FR Toolbar) - {280B5D37-4A76-467A-B3D6-942FCA90ACDE} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (I.R.I.S. Desktop Search) - {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - C:\Program Files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll (Copernic Technologies Inc.) O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000320.dll (Orange) O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (Netlog Toolbar) - {FD621E34-BFCE-41D3-BF58-43FF97746AD7} - C:\Program Files\Netlog Toolbar\NetlogToolbar.dll () O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( ) O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [RestartNeroSetup] C:\Users\ANNE\AppData\Local\Temp\OnlineUpdate8\SetupXu.exe File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [] File not found O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe (http://www.emule-project.net) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe (Fujitsu Siemens Computers) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [I.R.I.S. Desktop Search] C:\Program Files\IRIS Desktop Search\IRISDesktopSearch.exe (Copernic Technologies Inc.) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe () O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [Netlog Music Tool] C:\Program Files\Netlog Music Tool\NetlogMusicTool.exe () O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [OfferBox] C:\Program Files\OfferBox\OfferBox.exe (Secure Digital Services) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [Pareto_Update] C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe File not found O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe File not found O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [recinfo] c:\RecInfo\recinfo.exe (fsc) O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\ANNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites) O15 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} http://cached.gamedesire.com/g_bin/eng/cards_2_0_0_78.cab (GameDesire Card Games) O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} http://logicielsgratuits.orange.fr/download_service/Install/OrangeInstaller.cab (OrangeInstaller_ModuleIE Control) O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_9418.cab (FTMediaPlayer Class) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop WallPaper: C:\Users\ANNE\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\ANNE\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010/09/18 19:03:33 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/09/18 19:03:36 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/09/18 19:03:33 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2010/09/18 19:03:10 | 000,000,000 | ---D | C] -- C:\UsbFix [2010/09/18 18:44:29 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\ANNE\Desktop\OTL.exe [2010/09/18 18:38:36 | 000,000,000 | ---D | C] -- C:\Users\ANNE\AppData\Roaming\PCFix [2010/09/18 17:39:15 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\ANNE\Desktop\gwennaig59.exe [2010/09/17 14:56:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2010/09/16 00:17:41 | 000,157,712 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys [2010/09/15 07:11:15 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/09/15 07:11:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/09/15 07:11:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/09/14 23:28:00 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2010/09/14 21:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010/09/14 20:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010/09/14 20:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010/09/10 18:10:28 | 000,000,000 | ---D | C] -- C:\Users\ANNE\AppData\Roaming\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1 [2010/09/10 18:10:28 | 000,000,000 | ---D | C] -- C:\Users\ANNE\Documents\virginmega [2010/09/10 18:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\VirginMega DownloadManager v3 [2010/09/10 18:10:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010/09/08 21:33:44 | 000,000,000 | ---D | C] -- C:\Users\ANNE\Documents\My Art [2010/09/03 20:19:27 | 000,000,000 | ---D | C] -- C:\Users\ANNE\Desktop\BIENVENUE BALOO JUILLET 2010 [2010/09/01 21:45:26 | 000,000,000 | --SD | C] -- C:\Users\ANNE\Documents\Mes sources de données [2010/09/01 21:32:54 | 000,000,000 | ---D | C] -- C:\Users\ANNE\Documents\Fichiers Outlook [2010/08/31 07:21:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Orange [2010/08/30 18:35:06 | 000,000,000 | ---D | C] -- C:\Windows\fr [2010/08/30 18:34:21 | 000,039,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys [2010/08/30 18:28:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2010/08/30 18:28:55 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2010/08/30 18:28:55 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2010/08/30 09:43:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010/08/27 21:38:30 | 000,000,000 | ---D | C] -- C:\Users\ANNE\AppData\Roaming\Orange [2010/08/23 20:40:50 | 000,000,000 | ---D | C] -- C:\Users\ANNE\AppData\Local\Orange [2010/08/23 20:28:31 | 000,028,224 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\drivers\PCAMp50.sys [2010/08/23 20:28:31 | 000,027,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\drivers\PCASp50.sys [2010/08/23 20:28:06 | 000,065,536 | ---- | C] (France Telecom SA) -- C:\Windows\System32\Autodial2000.dll [2010/08/23 20:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Orange [2010/08/23 20:25:12 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll [2010/08/23 20:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2005/11/04 18:15:14 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\vfp9rfra.dll [2005/11/04 18:13:24 | 003,891,200 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\vfp9t.dll [2005/11/04 18:13:00 | 004,722,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\vfp9r.dll [2005/11/04 17:44:30 | 001,187,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\VFP9RENU.DLL [2001/09/06 07:00:58 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\gdiplus.dll [5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/09/19 14:06:52 | 007,340,032 | -HS- | M] () -- C:\Users\ANNE\ntuser.dat [2010/09/19 13:52:51 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/09/19 13:41:17 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/09/19 13:38:10 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/09/19 13:38:10 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/09/19 13:35:13 | 001,532,276 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/09/19 13:35:13 | 000,697,522 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/09/19 13:35:13 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/09/19 13:35:13 | 000,128,356 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/09/19 13:35:13 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/09/19 13:33:17 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010/09/19 13:31:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/09/19 13:30:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/09/19 13:30:53 | 2616,647,680 | -HS- | M] () -- C:\hiberfil.sys [2010/09/19 13:27:55 | 004,983,917 | -H-- | M] () -- C:\Users\ANNE\AppData\Local\IconCache.db [2010/09/18 19:46:30 | 000,000,313 | ---- | M] () -- C:\Users\ANNE\AppData\Roaming\default.rss [2010/09/18 18:44:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ANNE\Desktop\OTL.exe [2010/09/18 17:39:20 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\ANNE\Desktop\gwennaig59.exe [2010/09/18 00:22:25 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/09/17 18:03:53 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ANNE.job [2010/09/17 14:56:18 | 000,001,847 | ---- | M] () -- C:\Users\ANNE\Desktop\AD-R.lnk [2010/09/16 18:47:53 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/09/16 00:32:04 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE [2010/09/16 00:17:00 | 000,000,036 | ---- | M] () -- C:\Users\ANNE\AppData\Local\housecall.guid.cache [2010/09/15 20:45:40 | 000,001,276 | ---- | M] () -- C:\Users\ANNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2010/09/14 23:29:09 | 000,524,288 | -HS- | M] () -- C:\Users\ANNE\ntuser.dat{2006b22c-c037-11df-9f75-0021850792ce}.TMContainer00000000000000000002.regtrans-ms [2010/09/14 23:29:09 | 000,524,288 | -HS- | M] () -- C:\Users\ANNE\ntuser.dat{2006b22c-c037-11df-9f75-0021850792ce}.TMContainer00000000000000000001.regtrans-ms [2010/09/14 23:29:09 | 000,065,536 | -HS- | M] () -- C:\Users\ANNE\ntuser.dat{2006b22c-c037-11df-9f75-0021850792ce}.TM.blf [2010/09/14 23:28:36 | 000,002,015 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/09/14 21:17:45 | 000,524,288 | -HS- | M] () -- C:\Users\ANNE\ntuser.dat{a7a0b55b-c02e-11df-aab0-0021850792ce}.TMContainer00000000000000000002.regtrans-ms [2010/09/14 21:17:45 | 000,524,288 | -HS- | M] () -- C:\Users\ANNE\ntuser.dat{a7a0b55b-c02e-11df-aab0-0021850792ce}.TMContainer00000000000000000001.regtrans-ms [2010/09/14 21:17:45 | 000,065,536 | -HS- | M] () -- C:\Users\ANNE\ntuser.dat{a7a0b55b-c02e-11df-aab0-0021850792ce}.TM.blf [2010/09/12 16:08:30 | 000,057,856 | ---- | M] () -- C:\Users\ANNE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/09/10 18:10:23 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\VirginMega DownloadManager v3.lnk [2010/09/07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2010/09/06 22:24:45 | 000,001,598 | ---- | M] () -- C:\Users\ANNE\Desktop\DivX Movies.lnk [2010/09/06 22:24:29 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010/08/31 23:46:43 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\AnyDVD.lnk [2010/08/24 17:43:07 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/09/17 14:56:18 | 000,001,847 | ---- | C] () -- C:\Users\ANNE\Desktop\AD-R.lnk [2010/09/16 00:19:00 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2010/09/16 00:17:00 | 000,000,036 | ---- | C] () -- C:\Users\ANNE\AppData\Local\housecall.guid.cache [2010/09/14 23:28:36 | 000,002,015 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/09/14 22:54:06 | 000,524,288 | -HS- | C] () -- C:\Users\ANNE\ntuser.dat{2006b22c-c037-11df-9f75-0021850792ce}.TMContainer00000000000000000002.regtrans-ms [2010/09/14 22:54:05 | 000,524,288 | -HS- | C] () -- C:\Users\ANNE\ntuser.dat{2006b22c-c037-11df-9f75-0021850792ce}.TMContainer00000000000000000001.regtrans-ms [2010/09/14 22:54:05 | 000,065,536 | -HS- | C] () -- C:\Users\ANNE\ntuser.dat{2006b22c-c037-11df-9f75-0021850792ce}.TM.blf [2010/09/14 20:35:07 | 000,524,288 | -HS- | C] () -- C:\Users\ANNE\ntuser.dat{a7a0b55b-c02e-11df-aab0-0021850792ce}.TMContainer00000000000000000002.regtrans-ms [2010/09/14 20:35:07 | 000,524,288 | -HS- | C] () -- C:\Users\ANNE\ntuser.dat{a7a0b55b-c02e-11df-aab0-0021850792ce}.TMContainer00000000000000000001.regtrans-ms [2010/09/14 20:35:07 | 000,065,536 | -HS- | C] () -- C:\Users\ANNE\ntuser.dat{a7a0b55b-c02e-11df-aab0-0021850792ce}.TM.blf [2010/09/10 18:10:23 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\VirginMega DownloadManager v3.lnk [2010/08/14 19:07:22 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010/08/14 19:07:22 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010/03/09 09:12:19 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2010/03/09 09:12:19 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2010/03/09 08:59:24 | 000,000,313 | ---- | C] () -- C:\Users\ANNE\AppData\Roaming\default.rss [2010/02/07 20:10:22 | 000,146,432 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL [2010/02/07 20:10:22 | 000,072,704 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL [2010/02/06 20:51:20 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI [2010/02/06 18:55:22 | 000,000,144 | ---- | C] () -- C:\Windows\Readiris.ini [2010/02/06 18:14:56 | 000,000,902 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2010/02/04 16:48:22 | 000,057,856 | ---- | C] () -- C:\Users\ANNE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/03 10:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009/10/02 11:40:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/07/26 19:58:56 | 000,370,176 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2009/07/14 02:55:09 | 000,585,216 | ---- | C] () -- C:\Windows\System32\hpotscld.dll [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/05/26 21:44:00 | 000,000,021 | ---- | C] () -- C:\Windows\PI5_SETUP.ini [2009/05/26 21:43:18 | 000,000,021 | ---- | C] () -- C:\Windows\ME_setup.ini [2009/05/04 00:36:05 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009/05/04 00:36:03 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009/05/04 00:36:03 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/05/04 00:36:02 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009/05/04 00:36:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2009/04/06 23:08:58 | 000,001,106 | ---- | C] () -- C:\Users\ANNE\AppData\Roaming\wklnhst.dat [2009/04/06 22:56:56 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008/07/23 18:50:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/07/23 18:47:34 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest [2008/02/29 14:13:14 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll [2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [color=#E56717]========== LOP Check ==========[/color] [2010/05/09 21:36:19 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\CoyoteReplay [2010/08/11 22:50:43 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\CrazyLoader [2010/02/06 18:34:29 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\DriverCure [2010/01/27 22:45:56 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\LG Electronics [2010/08/15 16:14:55 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\ML [2010/01/27 22:46:12 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\NeoDivX2008 [2010/01/27 22:46:13 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\NeoDivX2009 [2010/03/15 07:07:51 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\Nokia [2010/09/19 13:55:18 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\OfferBox [2010/01/27 22:46:13 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\OpenOffice.org [2010/08/27 21:38:30 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\Orange [2010/01/27 22:46:16 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\PC Suite [2010/09/18 18:42:25 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\PCFix [2010/08/07 12:37:20 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\Pro Cycling Manager 2008 [2010/08/14 19:07:15 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\Samsung [2010/01/27 22:46:16 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\Template [2010/09/10 18:10:28 | 000,000,000 | ---D | M] -- C:\Users\ANNE\AppData\Roaming\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1 [2009/07/14 06:53:46 | 000,028,016 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: AHCIX86S.SYS >[/color] [2007/12/19 17:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\DRIVER\VGA\ATI-CARDS1\setup\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys [2007/12/19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\drivers\ahcix86s.sys [2007/12/19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_x86_neutral_eb63836dc880d26a\ahcix86s.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/07/14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys [2009/07/14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys [2009/07/14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2007/09/30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_633476a5a8eb44de\iaStor.sys [2007/09/30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_5ae6e06622a9fcb0\iaStor.sys [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys [2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/07/14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009/07/14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys [2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2009/07/14 01:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys [2009/07/14 01:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2009/07/14 02:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\System32\drivers\rdpwd.sys [2009/07/14 02:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_4b4bde6b36561dcb\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2009/07/14 01:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys [2009/07/14 01:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys [2009/07/14 01:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2009/07/14 02:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\System32\drivers\tdpipe.sys [2009/07/14 02:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2009/07/14 02:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\System32\drivers\tdtcp.sys [2009/07/14 02:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2009/07/14 02:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys [2009/07/14 02:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys [2009/07/14 02:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2009/07/14 02:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys [2009/07/14 02:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2009/07/14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll [2009/07/14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll [2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\LocationApi.dll [5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

Merci, espérant ne pas avoir fait d'erreur

Anne

EDIT :

Je transmets aussi le rapport USB fix

Code: Tout sélectionner: ############################## | UsbFix 7.025 | [Recherche] Utilisateur: ANNE (Administrateur) # PC-DE-ANNE [FUJITSU SIEMENS MS-7379VP] Mis à jour le 15/09/10 par El Desaparecido / C_XX Lancé à 14:22:49 | 19/09/2010 Site Web: http://www.teamxscript.org Contact: FindyKill.Contact@gmail.com CPU: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz CPU 2: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz Microsoft Windows 7 Édition Familiale Premium (6.1.7600 32-Bit) # Internet Explorer 8.0.7600.16385 Pare-feu Windows: Activé RAM -> 3327 Mo C:\ (%systemdrive%) -> Disque fixe # 154 Go (73 Go libre(s) - 48%) [SYSTEM] # NTFS D:\ -> Disque fixe # 303 Go (185 Go libre(s) - 61%) [DATA] # NTFS E:\ -> CD-ROM ################## | Éléments infectieux | Présent! C:\tmp ################## | Registre | Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\accicons.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\clview.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cnfnot32.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dw20.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dwtrig20.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excelcnv.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\graph.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msohtmed.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msosync.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msqry32.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstordb.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ois.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onelev.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenotem.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ose.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanost.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanpst.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\selfcert.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setlang.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpreview.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wordconv .exe Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wxp.exe ################## | Mountpoints2 | ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | E.O.F |

EDIT Skynet : citation à rallonge supprimée et messages fusionnés.

bernard53 · le 19 Sep 2010 15:33

OK tu as très bien fait les choses :wink:

Ceci maintenant s.t.p

Branche tes lecteurs externes puis relance USBFix
Valide Suppression

Une fois l'analyse terminée, un rapport de scan vous est proposé...

CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse

Ensuite ceci.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
IE - HKLM\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found
O2 - BHO: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.)
O2 - BHO: (BandActivator) - {345433b6-d1be-4a91-ace9-035674abb9a7} - C:\Program Files\Netlog Toolbar\NetlogToolbar.dll ()
O3 - HKLM\..\Toolbar: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Netlog Toolbar) - {FD621E34-BFCE-41D3-BF58-43FF97746AD7} - C:\Program Files\Netlog Toolbar\NetlogToolbar.dll ()
O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (Shareware.Pro-FR Toolbar) - {280B5D37-4A76-467A-B3D6-942FCA90ACDE} - C:\Program Files\Shareware.Pro-FR\tbSha0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000\..\Toolbar\WebBrowser: (Netlog Toolbar) - {FD621E34-BFCE-41D3-BF58-43FF97746AD7} - C:\Program Files\Netlog Toolbar\NetlogToolbar.dll ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [RestartNeroSetup] C:\Users\ANNE\AppData\Local\Temp\OnlineUpdate8\SetupXu.exe File not found
O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1586621814-1492190277-3224715138-1000..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe File not found
:Commands
[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

puis ::

Installe Malewarebytes' Antimalware,
Téléchargement

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.

gwennaig59 · le 19 Sep 2010 16:42

Voici ce que j'obtiens avec usbfix, je continue;

Code: Tout sélectionner: ############################## | UsbFix 7.025 | [Suppression] Utilisateur: ANNE (Administrateur) # PC-DE-ANNE [FUJITSU SIEMENS MS-7379VP] Mis à jour le 15/09/10 par El Desaparecido / C_XX Lancé à 17:35:04 | 19/09/2010 Site Web: http://www.teamxscript.org Contact: FindyKill.Contact@gmail.com CPU: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz CPU 2: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz Microsoft Windows 7 Édition Familiale Premium (6.1.7600 32-Bit) # Internet Explorer 8.0.7600.16385 Pare-feu Windows: Activé RAM -> 3327 Mo C:\ (%systemdrive%) -> Disque fixe # 154 Go (73 Go libre(s) - 48%) [SYSTEM] # NTFS D:\ -> Disque fixe # 303 Go (185 Go libre(s) - 61%) [DATA] # NTFS E:\ -> CD-ROM M:\ -> Disque fixe # 466 Go (45 Go libre(s) - 10%) [OneTouch4] # NTFS N:\ -> Disque fixe # 233 Go (19 Go libre(s) - 8%) [STOREX] # FAT32 ################## | Éléments infectieux | Supprimé! C:\tmp ################## | Registre | Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\accicons.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\clview.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cnfnot32.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dw20.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dwtrig20.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excelcnv.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\graph.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msohtmed.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msosync.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msqry32.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstordb.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ois.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onelev.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenotem.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ose.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanost.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanpst.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\selfcert.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setlang.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpreview.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wordconv .exe Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wxp.exe ################## | Mountpoints2 | ################## | Listing | [27/01/2010 - 22:10:24 | HD ] C:\$INPLACE.~TR [14/07/2009 - 06:54:09 | SHD ] C:\$Recycle.Bin [27/01/2010 - 22:56:21 | HD ] C:\$WINDOWS.~Q [17/09/2010 - 16:58:48 | A | 5376] C:\Ad-Report-CLEAN[1].txt [17/09/2010 - 15:04:01 | A | 5110] C:\Ad-Report-SCAN[1].txt [15/08/2010 - 14:36:06 | A | 2898] C:\aqua_bitmap.cpp [10/06/2009 - 23:42:20 | A | 24] C:\autoexec.bat [19/09/2010 - 14:22:22 | RASHD ] C:\Autorun.inf [27/01/2010 - 22:19:31 | SHD ] C:\Boot [14/07/2009 - 03:38:58 | RASH | 383562] C:\bootmgr [27/01/2010 - 22:19:34 | RASH | 8192] C:\BOOTSECT.BAK [10/06/2009 - 23:42:20 | A | 10] C:\config.sys [26/05/2009 - 21:48:00 | A | 97] C:\CtDrvIns.log [26/05/2009 - 21:48:00 | A | 2374] C:\CtDrvStp.log [14/07/2009 - 06:53:55 | SHD ] C:\Documents and Settings [10/07/2009 - 18:49:11 | D ] C:\Données Ciel [10/07/2008 - 03:13:34 | RD ] C:\DRIVER [19/09/2010 - 13:25:17 | A | 743] C:\error.log [24/06/2009 - 00:26:44 | D ] C:\GameHouse Games [06/04/2009 - 22:13:03 | D ] C:\Google [19/09/2010 - 13:30:53 | ASH | 2616647680] C:\hiberfil.sys [06/02/2010 - 20:50:05 | D ] C:\HP Universal Print Driver PCL6 v5.0.1 [06/02/2010 - 18:21:59 | D ] C:\HP-UPD-45_PCL5-32 [06/02/2010 - 19:55:16 | D ] C:\hp_LJ_M1120_Full_Solution [09/07/2008 - 21:23:22 | RASH | 0] C:\IO.SYS [17/04/2009 - 07:03:02 | RD ] C:\MANUAL [06/02/2010 - 20:56:09 | D ] C:\Medion [09/07/2008 - 21:23:22 | RASH | 0] C:\MSDOS.SYS [10/07/2008 - 03:18:11 | RHD ] C:\MSOCache [10/07/2008 - 03:17:58 | D ] C:\Nero [06/04/2009 - 22:14:39 | D ] C:\Off2007HStTrial [19/09/2010 - 13:30:54 | ASH | 3488866304] C:\pagefile.sys [14/07/2009 - 04:37:05 | D ] C:\PerfLogs [09/07/2008 - 20:19:03 | A | 1271] C:\Prodlog.txt [19/09/2010 - 17:30:11 | RD ] C:\Program Files [17/09/2010 - 16:58:38 | HD ] C:\ProgramData [06/04/2009 - 22:15:01 | D ] C:\RecInfo [27/01/2010 - 23:56:20 | SHD ] C:\Recovery [08/07/2009 - 18:39:14 | D ] C:\Sounds [19/09/2010 - 13:25:44 | SHD ] C:\System Volume Information [11/08/2010 - 22:47:37 | A | 3] C:\t.tmp [10/09/2010 - 19:26:29 | D ] C:\TEMP [19/09/2010 - 17:36:44 | D ] C:\UsbFix [19/09/2010 - 17:35:07 | A | 6432] C:\UsbFix.txt [27/01/2010 - 22:48:37 | RD ] C:\Users [19/09/2010 - 13:25:20 | D ] C:\Windows [09/07/2008 - 20:17:14 | D ] C:\Works [06/04/2009 - 22:16:54 | SHD ] D:\$RECYCLE.BIN [19/09/2010 - 14:22:25 | RASHD ] D:\Autorun.inf [26/08/2010 - 19:48:53 | D ] D:\Dr Quinn [18/09/2010 - 21:57:22 | D ] D:\Films [10/07/2008 - 02:43:30 | SHD ] D:\System Volume Information [15/08/2010 - 14:44:38 | D ] D:\Une femme d'honneur [10/05/2010 - 00:48:18 | D ] D:\VIDEO_TS [06/04/2009 - 23:43:56 | SHD ] M:\$RECYCLE.BIN [27/01/2010 - 21:37:58 | | 2] M:\$UpgDrv$ [19/09/2010 - 17:27:43 | RASHD ] M:\autorun.inf [18/09/2008 - 19:39:14 | SHD ] M:\found.000 [02/09/2008 - 21:35:48 | D ] M:\Maxtor backup [21/02/2008 - 20:30:43 | SHD ] M:\RECYCLER [12/09/2010 - 19:00:26 | SHD ] M:\System Volume Information [21/10/2008 - 00:57:05 | ASH | 4608] M:\Thumbs.db [29/08/2008 - 19:58:24 | SHD ] N:\System Volume Information [29/08/2008 - 21:16:28 | SHD ] N:\Recycled [21/06/2009 - 23:22:42 | SHD ] N:\$RECYCLE.BIN [25/05/2010 - 22:59:06 | D ] N:\Tintin [25/05/2010 - 22:06:54 | D ] N:\500 choristes [25/05/2010 - 21:56:56 | D ] N:\Documentaires [25/05/2010 - 23:14:46 | D ] N:\Faites entrer l'accusé [25/05/2010 - 22:57:12 | D ] N:\Films [25/05/2010 - 22:22:00 | RD ] N:\Harry Potter [25/05/2010 - 22:05:18 | D ] N:\Karaoke [25/05/2010 - 23:01:16 | D ] N:\Secret d'actualité [22/08/2010 - 19:06:12 | RD ] N:\PC-DE-ANNE [22/08/2010 - 19:06:12 | RA | 528] N:\MediaID.bin [30/08/2010 - 15:43:46 | D ] N:\Une famille formidable [19/09/2010 - 17:27:44 | RASHD ] N:\autorun.inf ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) M:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) N:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-ANNE.zip http://chiquitine.changelog.fr/Sample/Upload.php Merci de votre contribution. ################## | E.O.F |

Anne

EDIT :

Un grand moment de solitude,

Je lance ODT comme tu me l'as demandé, il demande à redémarrer le système et au redémarrage... ODT a disparu de mon bureau, snif...
Je le télécharge de nouveau et je recommence.

Anne

EDIT Skynet : citation à rallonge supprimée et messages fusionnés.

Skynet · le 19 Sep 2010 18:11

Bonjour gwennaig59,

j'ai corrigé l'ensemble de vos messages.

Petit rappel :

- Vous avez un bouton REPONDRE en bas et en haut du sujet à gauche. Il est inutile de cliquer sur CITER systématiquement.

- Vous avez un bouton EDITER au lieu de poster à la suite de vous-même.

Merci.

bernard53 · le 19 Sep 2010 18:33

Passe Malwaresbytes et ensuite un nouveau rapport OTL.
au besoin refait son téléchargement.

gwennaig59 · le 19 Sep 2010 18:55

Bonjour,

Malewares bloque au bout de 10mn (ne répond plus) et impossible de finaliser un scan... .

Anne

bernard53 · le 19 Sep 2010 18:57

OK refait juste OTL

gwennaig59 · le 19 Sep 2010 19:21

Bah voilà, j'ai refait OTL, voici le rapport.

Code: Tout sélectionner: All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{280b5d37-4a76-467a-b3d6-942fca90acde} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ not found. File C:\Program Files\Shareware.Pro-FR\tbSha0.dll not found. Registry value HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{280b5d37-4a76-467a-b3d6-942fca90acde} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ not found. File C:\Program Files\Shareware.Pro-FR\tbSha0.dll not found. Registry value HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{AEEC3B59-CA98-4EBA-A140-57B94E283583} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEEC3B59-CA98-4EBA-A140-57B94E283583}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{280b5d37-4a76-467a-b3d6-942fca90acde}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ not found. File C:\Program Files\Shareware.Pro-FR\tbSha0.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{345433b6-d1be-4a91-ace9-035674abb9a7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{345433b6-d1be-4a91-ace9-035674abb9a7}\ not found. File C:\Program Files\Netlog Toolbar\NetlogToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{280b5d37-4a76-467a-b3d6-942fca90acde} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ not found. File FR\tbSha0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{FD621E34-BFCE-41D3-BF58-43FF97746AD7} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD621E34-BFCE-41D3-BF58-43FF97746AD7}\ deleted successfully. File C:\Program Files\Netlog Toolbar\NetlogToolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{280B5D37-4A76-467A-B3D6-942FCA90ACDE} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280B5D37-4A76-467A-B3D6-942FCA90ACDE}\ not found. File FR\tbSha0.dll not found. Registry value HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FD621E34-BFCE-41D3-BF58-43FF97746AD7} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD621E34-BFCE-41D3-BF58-43FF97746AD7}\ not found. File C:\Program Files\Netlog Toolbar\NetlogToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NBKeyScan not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RestartNeroSetup not found. Registry value HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ not found. Registry value HKEY_USERS\S-1-5-21-1586621814-1492190277-3224715138-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PCFix not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: ANNE ->Temp folder emptied: 442849 bytes ->Temporary Internet Files folder emptied: 2143248 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 2,00 mb OTL by OldTimer - Version 3.2.14.0 log created on 09192010_201251 Files\Folders moved on Reboot... C:\Users\ANNE\AppData\Local\Temp\Low\COM13C1.tmp moved successfully. File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF0A6560E966A7D1FE.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF1BFD6AC398C88533.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF1F8CBCA6A82B405B.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF2E6A9FBEEBBF490E.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF4538985F65054512.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF466E3B69993BB209.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF58FC2344DE01760F.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF5F275C59BF4A43A1.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF6EF88E90360B9DD7.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF8F304034F58E45E5.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DF8FE060151A675FAB.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DFA3DEF23596868834.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DFBA105F93A650FDBD.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DFD0A415851DB7440A.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DFE0AD60FCEE3AA541.TMP not found! File\Folder C:\Users\ANNE\AppData\Local\Temp\~DFF13B5E5266FA854A.TMP not found! C:\Users\ANNE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X2JV39L4\ads[1].txt moved successfully. C:\Users\ANNE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FUQPKBKV\ads[2].txt moved successfully. C:\Users\ANNE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B2YCQ698\iframescript[1].htm moved successfully. C:\Users\ANNE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B2YCQ698\viewtopic[1].php moved successfully. C:\Users\ANNE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. Registry entries deleted on Reboot...

bernard53 · le 20 Sep 2010 11:50

gwennaig59 tu as remis le rapport de suppression donc relance OTL et mets le nouveau rapport.

gwennaig59 · le 20 Sep 2010 19:46

Bonjour Bernard,

Bah là je pleure, plus rien de possible, mon pc a reboot tout seul et depuis je peux plus démarrer, je suis sur le pc de mon gamin... Et bien sûr je n'ai pas les DVD de démarrage, j'ai jamais pris la peine de les faire (je sais c'est de ma faute).
Je suis plus très sûre que tu puisses m'aider dans ces conditions. Merci quand même

Anne

bernard53 · le 20 Sep 2010 19:53

Redémarres en mode sans échec 'touche F8 ou F5" selon les pc puis choisi dernière bonne configuration connue.

win32: skimorph que je n'arrive pas à supprimer

win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Re: win32: skimorph que je n'arrive pas à supprimer

Sujets similaires

Qui est en ligne