Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

PClent, parfois très lent

 

4 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
 Mot :  Pseudo :  
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

PClent, parfois très lent

Prévenir les modérateurs en cas d'abus 
erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/12/2009 à 21:23:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour

 Depuis cinq ou six jours mon PC est lent et parfois avec internet exploreur se met à ramer et est très lent se bloque pendant 4 à 5 minutes et parfois s'arrête pour redémarrer.
 Impossible de trouver un virus.
 Cela semble être venu par un mail une pièce jointe de quelqu'un qui a ce problème. Pièce jointe: Lois_Idiotes_mystère06.pps
 Outlook Express avait bloqué ce mail dans un premier temps.
 Merci d'avance.

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 19/12/2009 à 21:44:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Télécharge HiJackThis de Merijn sur ton bureau.

 - Double-clic sur HijackThis.
 - Génère un rapport en suivant ces indications :
 - Exécute le et clique sur Do a scan and save log file.
 - Le rapport s'ouvre sur le Bloc-Note.

 - Colle le rapport ici, pour cela :
 - Menu Edition / Selectionner Tout
 - Menu Edition / copier
 - Ici dans un nouveau message : clic droit / coller

 Aide : N'hésite pas à consulter l'aide HiJackThis.


 Cordialement.

(Publicité)
erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/12/2009 à 22:23:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir curson

 Merci pour ton aide
 Voici le rapport:



 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 20:46:40, on 19/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 I:\WINDOWS\System32\smss.exe
 I:\WINDOWS\system32\winlogon.e​xe
 I:\WINDOWS\system32\services.e​xe
 I:\WINDOWS\system32\lsass.exe
 I:\WINDOWS\system32\svchost.ex​e
 i:\Program Files\Microsoft Security Essentials\MsMpEng.exe
 I:\WINDOWS\System32\svchost.ex​e
 I:\WINDOWS\system32\spoolsv.ex​e
 I:\Program Files\a-squared Free\a2service.exe
 I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
 I:\Program Files\IVT Corporation\BlueSoleil\BTNtSer​vice.exe
 I:\Program Files\Java\jre6\bin\jqs.exe
 I:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 I:\WINDOWS\System32\tcpsvcs.ex​e
 I:\WINDOWS\System32\snmp.exe
 I:\Program Files\SPAMfighter\sfus.exe
 I:\WINDOWS\System32\svchost.ex​e
 I:\WINDOWS\Explorer.EXE
 I:\Program Files\Fichiers communs\InstallShield\UpdateSe​rvice\issch.exe
 I:\Program Files\SPAMfighter\SFAgent.exe
 I:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
 I:\Program Files\Java\jre6\bin\jusched.ex​e
 I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
 I:\Program Files\Microsoft Security Essentials\msseces.exe
 I:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
 I:\WINDOWS\system32\ctfmon.exe
 I:\Program Files\DAP\DAP.EXE
 I:\Program Files\Panda USB Vaccine\USBVaccine.exe
 I:\WINDOWS\System32\svchost.ex​e
 I:\Program Files\Outlook Express\msimn.exe
 I:\Program Files\Messenger\msmsgs.exe
 I:\Documents and Settings\M\Local Settings\Apps\2.0\P8G6THC0.JHJ​\WGNY1DOL.6VH\awba..tion_2951f​6636859fd0d_0001.0000_db4a6e75​20d5dbc2\AWBarre.exe
 I:\Program Files\SPAMfighter\SPAMCFG.exe
 I:\Program Files\Mozilla Firefox\firefox.exe
 I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
 I:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - (no file)
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: (no name) - {24180B00-2EB6-11d7-BD6F-00485​4603DCE} - (no file)
 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - I:\Program Files\Real\RealPlayer\rpbrowse​rrecordplugin.dll
 O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9C​CA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
 O2 - BHO: (no name) - {60270dc7-9ea0-472f-9b77-66652​c06246e} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - (no file)
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - I:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F7​6A199F8} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-70954​9C10000} - I:\PROGRA~1\DAP\DAPIEL~1.DLL
 O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - (no file)
 O4 - HKLM\..\Run: [ISUSPM Startup] I:\PROGRA~1\FICHIE~1\INSTAL~1\​UPDATE~1\ISUSPM.exe -startup
 O4 - HKLM\..\Run: [ISUSScheduler] "I:\Program Files\Fichiers communs\InstallShield\UpdateSe​rvice\issch.exe" -start
 O4 - HKLM\..\Run: [SPAMfighter Agent] "I:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
 O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] I:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
 O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe"
 O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsch​ed.exe"  -osboot
 O4 - HKLM\..\Run: [AVP] "I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
 O4 - HKLM\..\Run: [MSSE] "i:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
 O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [DownloadAccelerator] "I:\Program Files\DAP\DAP.EXE" /STARTUP
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
 O4 - Startup: Anti-Autorun-inf.lnk = I:\Program Files\Prg Chris\Anti-Autorun.inf\Anti-Au​torun.inf.exe
 O4 - Startup: PandaUSBVaccine.lnk = I:\Program Files\Panda USB Vaccine\USBVaccine.exe
 O8 - Extra context menu item: &Clean Traces - I:\Program Files\DAP\Privacy Package\dapcleanerie.htm
 O8 - Extra context menu item: &Download with &DAP - I:\Program Files\DAP\dapextie.htm
 O8 - Extra context menu item: Download &all with DAP - I:\Program Files\DAP\dapextie2.htm
 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F0​8212110} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
 O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909​053F20F} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - I:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - I:\Program Files\Messenger\msmsgs.exe
 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - I:\Program Files\a-squared Free\a2service.exe
 O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
 O23 - Service: BlueSoleil Hid Service - Unknown owner - I:\Program Files\IVT Corporation\BlueSoleil\BTNtSer​vice.exe
 O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: NMSAccessU - Unknown owner - I:\Program Files\CDBurnerXP\NMSAccessU.ex​e
 O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - I:\Program Files\SPAMfighter\sfus.exe

 --
 End of file - 7995 bytes

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 19/12/2009 à 22:31:01  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Je ne vois rien de flagrant.

 Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

 - Quitte les applications en cours afin de ne pas interrompre le scan.
 - Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche "Minimal Output". Fais de même avec "Scan All Users".
 - Coche également les cases à côté de "LOP Check" et "Purity Check".
 - Dans la zone Extra Registry, coche "Use Safelist".

 Ne modifie pas les autres paramètres !

 - Clique sur le bouton Run Scan.
 - Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

 - Copie/colle ici le contenu des deux fichiers. Utilise un message par rapport.


 Cordialement.

erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/12/2009 à 07:06:57  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir Curson

 Voici le rapport OTL.txt


 OTL logfile created on: 19/12/2009 21:37:51 - Run 1
 OTL by OldTimer - Version 3.1.19.0     Folder = I:\Documents and Settings\M\Mes documents\My Completed Downloads
 Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.6001.18702)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 1 023,00 Mb Total Physical Memory | 532,00 Mb Available Physical Memory | 52,00% Memory free
 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
 Paging file location(s): I:\pagefile.sys 1536 3072 [binary data]
 
 %SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files
 C: Drive not present or media not loaded
 D: Drive not present or media not loaded
 E: Drive not present or media not loaded
 F: Drive not present or media not loaded
 G: Drive not present or media not loaded
 H: Drive not present or media not loaded
 Drive I: | 76,32 Gb Total Space | 46,06 Gb Free Space | 60,35% Space Free | Partition Type: NTFS
 
 Computer Name: M-WMJ9X8V6ZNQPM
 Current User Name: M
 Logged in as Administrator.
 
 Current Boot Mode: Normal
 Scan Mode: All users
 Company Name Whitelist: Off
 Skip Microsoft Files: Off
 File Age = 30 Days
 Output = Minimal
 
 ========== Processes (SafeList) ==========
 
 PRC - I:\Documents and Settings\M\Mes documents\My Completed Downloads\OTL.exe (OldTimer Tools)
 PRC - I:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 PRC - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
 PRC - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe (Kaspersky Lab)
 PRC - I:\Program Files\Java\jre6\bin\jusched.ex​e (Sun Microsystems, Inc.)
 PRC - I:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
 PRC - I:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
 PRC - I:\Program Files\DAP\DAP.exe (SpeedBit Ltd.)
 PRC - I:\Program Files\Panda USB Vaccine\USBVaccine.exe (Panda Security)
 PRC - I:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
 PRC - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe (Apple Inc.)
 PRC - I:\Program Files\SPAMfighter\sfus.exe (SPAMfighter ApS)
 PRC - I:\Program Files\SPAMfighter\SFAgent.exe (SPAMfighter ApS)
 PRC - i:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
 PRC - I:\Program Files\CDBurnerXP\NMSAccessU.ex​e ()
 PRC - I:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
 PRC - I:\WINDOWS\explorer.exe (Microsoft Corporation)
 PRC - I:\Program Files\IVT Corporation\BlueSoleil\BTNtSer​vice.exe ()
 PRC - I:\Program Files\Fichiers communs\InstallShield\UpdateSe​rvice\issch.exe (InstallShield Software Corporation)
 PRC - I:\WINDOWS\system32\tcpsvcs.ex​e (Microsoft Corporation)
 PRC - I:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe ()
 PRC - I:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
 
 
 ========== Modules (SafeList) ==========
 
 MOD - I:\Documents and Settings\M\Mes documents\My Completed Downloads\OTL.exe (OldTimer Tools)
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - (gupdate) Google Update Service (gupdate) -- I:\Program Files\Google\Update\GoogleUpda​te.exe (Google Inc.)
 SRV - (AVP) -- I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
 SRV - (JavaQuickStarterService) -- I:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
 SRV - (a2free) -- I:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
 SRV - (Apple Mobile Device) -- I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe (Apple Inc.)
 SRV - (SPAMfighter Update Service) -- I:\Program Files\SPAMfighter\sfus.exe (SPAMfighter ApS)
 SRV - (MsMpSvc) -- i:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
 SRV - (gusvc) -- I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe (Google)
 SRV - (NMSAccessU) -- I:\Program Files\CDBurnerXP\NMSAccessU.ex​e ()
 SRV - (SNMP) -- I:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
 SRV - (p2pgasvc) -- I:\WINDOWS\system32\p2pgasvc.d​ll (Microsoft Corporation)
 SRV - (BlueSoleil Hid Service) -- I:\Program Files\IVT Corporation\BlueSoleil\BTNtSer​vice.exe ()
 SRV - (SimpTcp) -- I:\WINDOWS\system32\tcpsvcs.ex​e (Microsoft Corporation)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - (KLIF) -- I:\WINDOWS\system32\drivers\kl​if.sys (Kaspersky Lab)
 DRV - (klbg) -- I:\WINDOWS\system32\drivers\kl​bg.sys (Kaspersky Lab)
 DRV - (klmouflt) -- I:\WINDOWS\system32\drivers\kl​mouflt.sys (Kaspersky Lab)
 DRV - (klim5) -- I:\WINDOWS\system32\drivers\kl​im5.sys (Kaspersky Lab)
 DRV - (kl1) -- I:\WINDOWS\system32\drivers\kl​1.sys (Kaspersky Lab)
 DRV - (AFS2K) -- I:\WINDOWS\system32\drivers\AF​S2K.SYS (Oak Technology Inc.)
 DRV - (pavboot) -- I:\WINDOWS\system32\drivers\pa​vboot.sys (Panda Security, S.L.)
 DRV - (MpFilter) -- I:\WINDOWS\system32\drivers\Mp​Filter.sys (Microsoft Corporation)
 DRV - (NGS) -- i:\VIRUSfighter\Nvc\Bin\ngs.sy​s (Norman ASA)
 DRV - (GEARAspiWDM) -- I:\WINDOWS\system32\drivers\GE​ARAspiWDM.sys (GEAR Software Inc.)
 DRV - (PxHelp20) -- I:\WINDOWS\System32\Drivers\Px​Help20.sys (Sonic Solutions)
 DRV - (Tcpip6) -- I:\WINDOWS\system32\drivers\tc​pip6.sys (Microsoft Corporation)
 DRV - (gameenum) -- I:\WINDOWS\system32\drivers\ga​meenum.sys (Microsoft Corporation)
 DRV - (Secdrv) -- I:\WINDOWS\system32\drivers\se​cdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
 DRV - (EverestDriver) -- I:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt ()
 DRV - (BlueletAudio) -- I:\WINDOWS\system32\drivers\bl​ueletaudio.sys (IVT Corporation)
 DRV - (Btcsrusb) -- I:\WINDOWS\system32\drivers\bt​cusb.sys (IVT Corporation)
 DRV - (BTHidEnum) -- I:\WINDOWS\system32\drivers\vb​tenum.sys ()
 DRV - (BTHidMgr) -- I:\WINDOWS\System32\Drivers\BT​HidMgr.sys (IVT Corporation)
 DRV - (BT) -- I:\WINDOWS\system32\drivers\Bt​NetDrv.sys (IVT Corporation)
 DRV - (VcommMgr) -- I:\WINDOWS\system32\drivers\Vc​ommMgr.sys (IVT Corporation)
 DRV - (uir1100a) -- I:\WINDOWS\system32\drivers\ui​r1100a.sys (UIR1000       )
 DRV - (VComm) -- I:\WINDOWS\system32\drivers\VC​omm.sys (IVT Corporation)
 DRV - (Mossir) -- i:\Documents and Settings\M\Mes documents\My Completed Downloads\MOSCHIP-7784-7703\Mo​sSir\Win2k\MosSir.sys ()
 DRV - (DbgMsg) -- I:\WINDOWS\system32\drivers\Db​gMsg.sys (Compuware Corporation - NuMega Lab)
 DRV - (mdmxsdk) -- I:\WINDOWS\system32\drivers\md​mxsdk.sys (Conexant)
 DRV - (HSF_DP) -- I:\WINDOWS\system32\drivers\hs​fdpsp2.sys (Conexant Systems, Inc.)
 DRV - (HSFHWBS2) -- I:\WINDOWS\system32\drivers\hs​fbs2s2.sys (Conexant Systems, Inc.)
 DRV - (nv) -- I:\WINDOWS\system32\drivers\nv​4_mini.sys (NVIDIA Corporation)
 DRV - (cmuda) -- I:\WINDOWS\system32\drivers\cm​uda.sys (C-Media Inc)
 DRV - (Ptilink) -- I:\WINDOWS\system32\drivers\pt​ilink.sys (Parallel Technologies, Inc.)
 DRV - (ROOTMODEM) -- I:\WINDOWS\system32\drivers\ro​otmdm.sys (Microsoft Corporation)
 DRV - (SiSide) -- I:\WINDOWS\System32\DRIVERS\si​side.sys (Silicon Integrated Systems Corp.)
 DRV - (SiS7012) Service for AC'97 Sample Driver (WDM) -- I:\WINDOWS\system32\drivers\si​s7012.sys (Silicon Integrated Systems Corporation)
 DRV - (sisidex) -- I:\WINDOWS\system32\drivers\si​sidex.sys (Windows (R) 2000 DDK provider)
 DRV - (sisperf) -- I:\WINDOWS\system32\drivers\si​sperf.sys (Silicon Integrated Systems Corp.)
 DRV - (SISNIC) -- I:\WINDOWS\system32\drivers\si​snic.sys (SiS Corporation)
 DRV - (ms_mpu401) -- I:\WINDOWS\system32\drivers\ms​mpu401.sys (Microsoft Corporation)
 DRV - (irsir) -- I:\WINDOWS\system32\drivers\ir​sir.sys (Microsoft Corporation)
 DRV - (V124) -- I:\WINDOWS\system32\drivers\HS​F_V124.sys (Conexant)
 DRV - (Tones) -- I:\WINDOWS\system32\drivers\HS​F_TONE.sys (Conexant)
 DRV - (hsf_msft) -- I:\WINDOWS\system32\drivers\HS​F_MSFT.sys (Conexant)
 DRV - (Rksample) -- I:\WINDOWS\system32\drivers\HS​F_SAMP.sys (Conexant)
 DRV - (K56) -- I:\WINDOWS\system32\drivers\HS​F_K56K.sys (Conexant)
 DRV - (Fallback) -- I:\WINDOWS\system32\drivers\HS​F_FALL.sys (Conexant)
 DRV - (SoftFax) -- I:\WINDOWS\system32\drivers\HS​F_FAXX.sys (Conexant)
 DRV - (Fsks) -- I:\WINDOWS\system32\drivers\HS​F_FSKS.sys (Conexant)
 DRV - (basic2) -- I:\WINDOWS\system32\drivers\HS​F_BSC2.sys (Conexant)
 DRV - (s3m) -- I:\WINDOWS\system32\drivers\s3​m.sys (S3 Incorporated)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Search,Default_Search​_URL = http://www.google.com/ie
 
 
 IE - HKU\.DEFAULT\.DEFAULT\Software​\Microsoft\Windows\CurrentVers​ion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\S-1-5-18\Software​\Microsoft\Windows\CurrentVers​ion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-19\S-1-5-19\Software​\Microsoft\Windows\CurrentVers​ion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-20\S-1-5-20\Software​\Microsoft\Windows\CurrentVers​ion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Internet Explorer\Main,Default_search_u​rl = http://www.google.com/ie
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Internet Explorer\Main,Search Page = http://www.google.com
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Internet Explorer\Main,Start Page = http://aliceadsl.fr/
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 72 D7 F4 4C 7A CA 01  [binary data]
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Internet Explorer\Search,Default_Search​_URL = http://www.google.com/ie
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Internet Explorer\Search,SearchAssistan​t = http://www.google.com/ie
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\URLSearc​hHook: {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Reg Error: Key error. File not found
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\S-1-5-21-29​9502267-1788223648-725345543-1​004\Software\Microsoft\Windows​\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.search.defau​ltenginename: "Live Search"
 FF - prefs.js..browser.search.defau​lturl: "http://search.live.com/result​s.aspx?FORM=IEFM1&q="
 FF - prefs.js..browser.search.order​.1: "Yahoo"
 FF - prefs.js..browser.search.param​.yahoo-fr: "megaup"
 FF - prefs.js..browser.search.param​.yahoo-fr-cjkt: "megaup"
 FF - prefs.js..browser.search.selec​tedEngine: "Live Search"
 FF - prefs.js..browser.search.useDB​ForOrder: true
 FF - prefs.js..extensions.enabledIt​ems: fr-FR@dictionaries.addons.mozi​lla.org:2.1
 FF - prefs.js..extensions.enabledIt​ems: fr@dictionaries.addons.mozilla​.org:2.1
 FF - prefs.js..extensions.enabledIt​ems: {F17C1572-C9EC-4e5c-A542-D05CB​B5C5A08}:9.2.0.5
 FF - prefs.js..extensions.enabledIt​ems: jqs@sun.com:1.0
 FF - prefs.js..extensions.enabledIt​ems: {ABDE892B-13A8-4d1b-88E6-365A6​E755758}:1.0
 FF - prefs.js..extensions.enabledIt​ems: en-US@dictionaries.addons.mozi​lla.org:4.0.0
 FF - prefs.js..extensions.enabledIt​ems: {31c7d459-9cc3-44f2-9dca-fc117​95309b4}:2.4.0.4
 FF - prefs.js..extensions.enabledIt​ems: linkfilter@kaspersky.ru:9.0.0.​736
 FF - prefs.js..keyword.URL: "http://search.speedbit.com/se​archresults.asp?src=default&q=​"
 
 
 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: I:\Program Files\Mozilla Firefox\components [2009/12/16 08:17:42 | 00,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: I:\Program Files\Mozilla Firefox\plugins [2009/12/16 08:17:34 | 00,000,000 | ---D | M]
 
 [2008/08/27 21:42:06 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Mozilla\Extensions
 [2009/12/19 15:38:02 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions
 [2009/11/10 05:34:56 | 00,000,000 | ---D | M] (IObitCom Toolbar) -- I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4}
 [2009/10/02 23:16:19 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\en​-US@dictionaries.addons.mozill​a.org
 [2009/10/02 23:16:19 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\fr​@dictionaries.addons.mozilla.o​rg
 [2009/10/02 23:16:18 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\fr​-FR@dictionaries.addons.mozill​a.org
 [2009/12/11 11:08:22 | 00,002,650 | ---- | M] () -- I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\searchplugins​\bing.xml
 [2003/01/04 07:15:32 | 00,000,276 | ---- | M] () -- I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\searchplugins​\search.xml
 [2009/12/19 15:38:02 | 00,000,000 | ---D | M] -- I:\Program Files\Mozilla Firefox\extensions
 [2009/12/13 12:53:31 | 00,000,000 | ---D | M] -- I:\Program Files\Mozilla Firefox\extensions\linkfilter@​kaspersky.ru
 [2009/07/15 20:03:50 | 00,001,516 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\amazon-f​rance.xml
 [2009/07/15 20:03:50 | 00,001,822 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2009/07/15 20:03:50 | 00,000,757 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\eBay-fra​nce.xml
 [2009/07/15 20:03:50 | 00,001,426 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wikipedi​a-fr.xml
 [2009/07/15 20:03:50 | 00,000,652 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: (27 bytes) - I:\WINDOWS\system32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - No CLSID value found.
 O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll (Adobe Systems Incorporated)
 O2 - BHO: (no name) - {24180B00-2EB6-11d7-BD6F-00485​4603DCE} - No CLSID value found.
 O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - I:\Program Files\Real\RealPlayer\rpbrowse​rrecordplugin.dll (RealPlayer)
 O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9C​CA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
 O2 - BHO: (no name) - {60270dc7-9ea0-472f-9b77-66652​c06246e} - No CLSID value found.
 O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
 O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - No CLSID value found.
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - I:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll (Google Inc.)
 O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
 O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F7​6A199F8} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
 O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
 O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-70954​9C10000} - I:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
 O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​ShellBrowser: (no name) - {60270DC7-9EA0-472F-9B77-66652​C06246E} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​WebBrowser: (no name) - {71AAABE5-1F0F-11D7-BD6F-00485​4603DCE} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​WebBrowser: (no name) - {A057A204-BACC-4D26-C39E-35F1D​2A32EC8} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - No CLSID value found.
 O4 - HKLM..\Run: [Adobe ARM] I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe (Adobe Systems Incorporated)
 O4 - HKLM..\Run: [Adobe Reader Speed Launcher] I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
 O4 - HKLM..\Run: [AVP] I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
 O4 - HKLM..\Run: [ISUSPM Startup] I:\Program Files\Fichiers communs\InstallShield\UpdateSe​rvice\ISUSPM.exe (InstallShield Software Corporation)
 O4 - HKLM..\Run: [ISUSScheduler] I:\Program Files\Fichiers communs\InstallShield\UpdateSe​rvice\issch.exe (InstallShield Software Corporation)
 O4 - HKLM..\Run: [MSSE] i:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
 O4 - HKLM..\Run: [QuickTime Task] I:\Program Files\QuickTime\qttask.exe (Apple Inc.)
 O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] I:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
 O4 - HKLM..\Run: [SPAMfighter Agent] I:\Program Files\SPAMfighter\SFAgent.exe (SPAMfighter ApS)
 O4 - HKLM..\Run: [SunJavaUpdateSched] I:\Program Files\Java\jre6\bin\jusched.ex​e (Sun Microsystems, Inc.)
 O4 - HKLM..\Run: [TkBellExe] I:\Program Files\Fichiers communs\Real\Update_OB\realsch​ed.exe (RealNetworks, Inc.)
 O4 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004..\Run: [DownloadAccelerator] I:\Program Files\DAP\DAP.EXE (SpeedBit Ltd.)
 O4 - Startup: I:\Documents and Settings\M\Menu Démarrer\Programmes\Démarrage\​Anti-Autorun-inf.lnk = I:\Program Files\Prg Chris\Anti-Autorun.inf\Anti-Au​torun.inf.exe File not found
 O4 - Startup: I:\Documents and Settings\M\Menu Démarrer\Programmes\Démarrage\​PandaUSBVaccine.lnk = I:\Program Files\Panda USB Vaccine\USBVaccine.exe (Panda Security)
 O6 - HKLM\Software\Policies\Microso​ft\Internet Explorer\Infodelivery present
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: LinkResolveIgnoreLinkInfo = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveAutoRun = 145
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveTypeAutoRun = 145
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: HonorAutoRunSetting = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoResolveTrack = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: HideLegacyLogonScripts = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: HideLogoffScripts = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: RunLogonScriptSync = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: RunStartupScriptSync = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: HideStartupScripts = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorAdmin = 0
 O7 - HKU\.DEFAULT\Software\Policies​\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\.DEFAULT\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 323
 O7 - HKU\.DEFAULT\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveAutoRun = 67108863
 O7 - HKU\S-1-5-18\Software\Policies​\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-18\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 323
 O7 - HKU\S-1-5-18\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveAutoRun = 67108863
 O7 - HKU\S-1-5-19\Software\Policies​\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-19\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-19_Classes\Software\​Policies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-20\Software\Policies​\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-20\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-20_Classes\Software\​Policies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\Software\Po​licies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\Explorer: NoDriveAutoRun = 145
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\Explorer: HonorAutoRunSetting = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\Explorer: NoFind = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System: HideLegacyLogonScripts = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System: HideLogoffScripts = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System: RunLogonScriptSync = 1
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System: RunStartupScriptSync = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System: HideStartupScripts = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System: NoDispBackgroundPage = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System: NoDispScrSavPage = 0
 O7 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004_Classes\Sof​tware\Policies\Microsoft\Inter​net Explorer\Control Panel present
 O8 - Extra context menu item: &Clean Traces - I:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
 O8 - Extra context menu item: &Download with &DAP - I:\Program Files\DAP\dapextie.htm ()
 O8 - Extra context menu item: Download &all with DAP - I:\Program Files\DAP\dapextie2.htm ()
 O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F0​8212110} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
 O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909​053F20F} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
 O15 - HKU\.DEFAULT\..Trusted Domains: 40 domain(s) and sub-domain(s) not assigned to a zone.
 O15 - HKU\S-1-5-18\..Trusted Domains: 40 domain(s) and sub-domain(s) not assigned to a zone.
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_17)
 O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_17)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_17)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Handler\http\0x000000​01 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\https\0x00000​001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\ipp\0x0000000​1 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\0x000​00001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04​f8ec294} - I:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\WINDOWS\explorer.exe (Microsoft Corporation)
 O20 - Winlogon\Notify\klogon: DllName - I:\WINDOWS\system32\klogon.dll - I:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2009/12/13 02:55:44 | 00,000,000 | ---D | M] - I:\autorun.inf -- [ NTFS ]
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O34 - HKLM BootExecute: (aswBoot.exe /M:57b12e00e19) -  File not found
 O35 - comfile [open] -- "%1" %*
 O35 - exefile [open] -- "%1" %*
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2009/12/19 03:44:05 | 00,000,000 | RH-D | C] -- I:\Documents and Settings\M\Recent
 [2009/12/16 08:33:04 | 00,000,000 | ---D | C] -- I:\Program Files\Softwin
 [2009/12/16 02:05:18 | 00,000,000 | ---D | C] -- I:\Program Files\COMODO
 [2009/12/15 19:38:16 | 00,195,456 | ---- | C] (Microsoft Corporation) -- I:\WINDOWS\System32\MpSigStub.​exe
 [2009/12/15 19:33:17 | 00,000,000 | ---D | C] -- I:\Program Files\Microsoft Security Essentials
 [2009/12/15 19:23:52 | 00,000,000 | --SD | M] -- I:\Documents and Settings\NetworkService\Applic​ation Data\Microsoft
 [2009/12/15 19:23:52 | 00,000,000 | --SD | M] -- I:\Documents and Settings\LocalService\Applicat​ion Data\Microsoft
 [2009/12/15 19:23:52 | 00,000,000 | ---D | M] -- I:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
 [2009/12/15 19:23:52 | 00,000,000 | ---D | M] -- I:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
 [2009/12/15 08:04:47 | 00,000,000 | ---D | C] -- I:\Program Files\Prg Chris
 [2009/12/15 06:39:09 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\Bureau\FxRajump
 [2009/12/15 06:15:08 | 00,000,000 | -HSD | C] -- I:\found.000
 [2009/12/13 12:53:24 | 00,000,000 | -H-D | C] -- I:\Documents and Settings\All Users\AVP9
 [2009/12/13 12:51:59 | 00,000,000 | ---D | C] -- I:\Program Files\Kaspersky Lab
 [2009/12/13 12:51:59 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Kaspersky Lab
 [2009/12/13 12:51:30 | 00,315,408 | ---- | C] (Kaspersky Lab) -- I:\WINDOWS\System32\drivers\kl​if.sys
 [2009/12/13 10:01:35 | 00,028,552 | ---- | C] (Panda Security, S.L.) -- I:\WINDOWS\System32\drivers\pa​vboot.sys
 [2009/12/13 09:58:10 | 00,000,000 | ---D | C] -- I:\Program Files\Panda Security
 [2009/12/13 07:52:34 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Panda Security
 [2009/12/13 07:52:25 | 00,000,000 | ---D | C] -- I:\Program Files\Panda USB Vaccine
 [2009/12/13 06:55:30 | 00,000,000 | ---D | C] -- I:\Program Files\jv16 PowerTools 2009
 [2009/12/13 02:55:44 | 00,000,000 | ---D | C] -- I:\autorun.inf
 [2009/12/13 02:43:48 | 00,000,000 | ---D | C] -- I:\UsbFix
 [2009/12/12 07:28:25 | 00,000,000 | -H-D | C] -- I:\WINDOWS\ie8
 [2009/12/12 07:23:38 | 00,000,000 | ---D | C] -- I:\af03c1621035ac4832bd0638c0e​45b67
 [2009/12/12 06:30:29 | 00,000,000 | ---D | C] -- I:\Program Files\Microsoft Synchronization Services
 [2009/12/12 06:28:36 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\Mes documents\Visual Studio 2008
 [2009/12/12 06:28:23 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\Local Settings\Application Data\Microsoft Help
 [2009/12/12 06:25:12 | 00,000,000 | ---D | C] -- I:\Program Files\Microsoft.NET
 [2009/12/12 06:25:12 | 00,000,000 | ---D | C] -- I:\Program Files\Microsoft Visual Studio 9.0
 [2009/12/12 06:25:10 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Microsoft Help
 [2009/12/12 06:24:27 | 00,000,000 | ---D | C] -- I:\Program Files\Microsoft SDKs
 [2009/12/12 06:11:07 | 00,000,000 | ---D | C] -- I:\Program Files\Liberty BASIC v4.03
 [2009/12/12 06:06:30 | 00,000,000 | ---D | C] -- I:\Program Files\FreeBASIC
 [2009/12/11 11:21:41 | 00,000,000 | -H-D | C] -- I:\WINDOWS\msdownld.tmp
 [2009/12/01 21:25:35 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Real
 [2009/12/01 21:25:03 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- I:\WINDOWS\System32\rmoc3260.d​ll
 [2009/12/01 21:24:53 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- I:\WINDOWS\System32\pndx5016.d​ll
 [2009/12/01 21:24:53 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- I:\WINDOWS\System32\pndx5032.d​ll
 [2009/12/01 21:24:51 | 00,000,000 | ---D | C] -- I:\Program Files\Fichiers communs\xing shared
 [2009/11/30 04:48:26 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\Application Data\DonationCoder
 [2009/11/30 04:48:05 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\DonationCoder
 [2009/11/30 04:48:04 | 00,000,000 | ---D | C] -- I:\Program Files\ScreenshotCaptor
 [2009/11/29 01:29:03 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\Mes documents\Téléchargements
 [2009/11/26 03:56:35 | 00,000,000 | ---D | C] -- I:\Program Files\Eurobarre
 [2009/11/25 22:25:13 | 00,000,000 | ---D | C] -- I:\WINDOWS\System32\IOSUBSYS
 [2009/11/24 15:40:58 | 00,000,000 | ---D | M] -- I:\Documents and Settings\LocalService\Local Settings\Application Data\Downloaded Installations
 [2009/11/24 00:40:00 | 00,093,360 | ---- | C] (Sunbelt Software) -- I:\WINDOWS\System32\drivers\SB​REDrv.sys
 [2009/11/24 00:20:41 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-​A7420338BF3B}
 [2009/11/24 00:20:20 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\Local Settings\Application Data\Downloaded Installations
 [2009/11/24 00:14:38 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Symantec
 [2009/11/24 00:14:36 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Norton
 [2009/11/24 00:04:57 | 00,000,000 | ---D | C] -- I:\Program Files\NortonInstaller
 [2009/11/24 00:04:57 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\NortonInstaller
 [2009/11/23 02:28:59 | 00,000,000 | ---D | C] -- I:\Program Files\Adobe
 [2009/11/20 04:27:51 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\Application Data\gtk-2.0
 [2009/11/20 04:27:48 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\.thumbnails
 [2009/11/20 04:24:45 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\.gimp-2.6
 [2009/11/20 04:24:40 | 00,000,000 | ---D | C] -- I:\Documents and Settings\M\.gegl-0.0
 [2009/11/20 04:23:58 | 00,000,000 | ---D | C] -- I:\Program Files\GIMP-2.0
 [2009/11/20 04:05:08 | 00,000,000 | ---D | C] -- I:\Program Files\PhotoFiltre
 [2009/06/20 04:41:31 | 00,000,000 | ---D | M] -- I:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
 [2009/06/17 23:29:53 | 00,000,000 | ---D | M] -- I:\Documents and Settings\LocalService\Applicat​ion Data\Adobe
 [2009/06/17 03:40:14 | 00,000,000 | ---D | M] -- I:\Documents and Settings\LocalService\Local Settings\Application Data\Google
 [2009/05/27 15:32:01 | 00,000,000 | ---D | M] -- I:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
 [2007/11/24 11:40:12 | 00,000,000 | ---D | M] -- I:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
 [2007/11/24 11:40:12 | 00,000,000 | ---D | M] -- I:\Documents and Settings\LocalService\Applicat​ion Data\Mozilla
 [5 I:\WINDOWS\*.tmp files -> I:\WINDOWS\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2009/12/19 21:41:00 | 00,000,876 | ---- | M] () -- I:\WINDOWS\tasks\GoogleUpdateT​askMachineUA.job
 [2009/12/19 20:45:46 | 00,001,734 | ---- | M] () -- I:\Documents and Settings\M\Bureau\HijackThis.l​nk
 [2009/12/19 15:55:21 | 00,000,414 | -H-- | M] () -- I:\WINDOWS\tasks\User_Feed_Syn​chronization-{6D4CBB1C-F60B-4A​40-8CDA-C57573D0A81A}.job
 [2009/12/19 15:10:44 | 00,000,408 | -H-- | M] () -- I:\WINDOWS\tasks\MP Scheduled Scan.job
 [2009/12/19 15:06:16 | 00,001,000 | ---- | M] () -- I:\WINDOWS\tasks\Google Software Updater.job
 [2009/12/19 15:05:49 | 00,000,872 | ---- | M] () -- I:\WINDOWS\tasks\GoogleUpdateT​askMachineCore.job
 [2009/12/19 15:05:47 | 00,000,452 | ---- | M] () -- I:\WINDOWS\tasks\SLOW-PCfighte​r.job
 [2009/12/19 15:05:32 | 00,000,006 | -H-- | M] () -- I:\WINDOWS\tasks\SA.DAT
 [2009/12/19 15:05:29 | 00,002,048 | --S- | M] () -- I:\WINDOWS\bootstat.dat
 [2009/12/19 03:44:11 | 11,534,336 | ---- | M] () -- I:\Documents and Settings\M\ntuser.dat
 [2009/12/19 03:44:11 | 00,000,184 | -HS- | M] () -- I:\Documents and Settings\M\ntuser.ini
 [2009/12/19 03:43:59 | 27,875,840 | -H-- | M] () -- I:\Documents and Settings\M\Local Settings\Application Data\IconCache.db
 [2009/12/18 15:00:00 | 00,000,400 | ---- | M] () -- I:\WINDOWS\tasks\Norton Security Scan.job
 [2009/12/18 11:57:01 | 00,000,026 | ---- | M] () -- I:\WINDOWS\Zone.Identifier
 [2009/12/18 10:03:40 | 00,013,646 | ---- | M] () -- I:\WINDOWS\System32\wpa.dbl
 [2009/12/17 06:31:00 | 00,000,492 | ---- | M] () -- I:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
 [2009/12/16 16:32:07 | 00,000,284 | ---- | M] () -- I:\WINDOWS\tasks\AppleSoftware​Update.job
 [2009/12/16 11:55:37 | 00,081,984 | ---- | M] () -- I:\WINDOWS\System32\bdod.bin
 [2009/12/16 02:35:51 | 00,103,232 | ---- | M] () -- I:\WINDOWS\System32\drivers\sf​i.dat
 [2009/12/15 19:33:19 | 00,000,850 | ---- | M] () -- I:\Documents and Settings\All Users\Bureau\Microsoft Security Essentials.lnk
 [2009/12/15 19:06:06 | 00,003,072 | ---- | M] () -- I:\WINDOWS\System32\CONFIG.NT
 [2009/12/15 08:05:27 | 00,001,030 | ---- | M] () -- I:\Documents and Settings\M\Menu Démarrer\Programmes\Démarrage\​Anti-Autorun-inf.lnk
 [2009/12/15 08:04:47 | 00,000,970 | ---- | M] () -- I:\Documents and Settings\M\Bureau\Anti-Autorun​.inf.lnk
 [2009/12/15 06:22:16 | 00,014,152 | ---- | M] () -- I:\Documents and Settings\M\Bureau\UsbFix_Uploa​d_Me_M-WMJ9X8V6ZNQPM.zip
 [2009/12/15 05:26:57 | 00,000,214 | ---- | M] () -- I:\Documents and Settings\M\Bureau\Rapport - GenProc[1].URL
 [2009/12/13 12:53:18 | 00,108,059 | ---- | M] () -- I:\WINDOWS\System32\drivers\kl​in.dat
 [2009/12/13 12:53:18 | 00,095,259 | ---- | M] () -- I:\WINDOWS\System32\drivers\kl​ick.dat
 [2009/12/13 12:51:30 | 00,315,408 | ---- | M] (Kaspersky Lab) -- I:\WINDOWS\System32\drivers\kl​if.sys
 [2009/12/13 07:52:28 | 00,000,827 | ---- | M] () -- I:\Documents and Settings\M\Menu Démarrer\Programmes\Démarrage\​PandaUSBVaccine.lnk
 [2009/12/13 06:55:58 | 00,000,023 | -HS- | M] () -- I:\WINDOWS\System32\aafabdbdb5​.dat
 [2009/12/13 06:55:58 | 00,000,023 | ---- | M] () -- I:\WINDOWS\System32\bcbebcaeea​ff.xml
 [2009/12/13 06:55:35 | 00,000,690 | ---- | M] () -- I:\Documents and Settings\M\Bureau\jv16 PowerTools 2009.lnk
 [2009/12/13 06:47:18 | 00,237,710 | ---- | M] () -- I:\WINDOWS\System32\def.vpc
 [2009/12/13 06:46:44 | 00,237,710 | ---- | M] () -- I:\Documents and Settings\M\def.vpc
 [2009/12/12 06:11:26 | 00,000,006 | ---- | M] () -- I:\WINDOWS\System32\cuatro.ini
 [2009/12/12 06:11:14 | 00,000,774 | ---- | M] () -- I:\Documents and Settings\M\Bureau\Liberty BASIC v4.03.lnk
 [2009/12/12 06:06:39 | 00,001,570 | ---- | M] () -- I:\Documents and Settings\M\Bureau\FreeBASIC.ln​k
 [2009/12/12 05:30:05 | 00,114,176 | ---- | M] () -- I:\Documents and Settings\M\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E​0D61DEA3FDF.ini
 [2009/12/11 11:21:41 | 00,001,393 | ---- | M] () -- I:\WINDOWS\imsins.BAK
 [2009/12/11 08:56:46 | 00,000,082 | ---- | M] () -- I:\Documents and Settings\M\Mes documents\cc_20091211_085644.r​eg
 [2009/12/11 08:56:21 | 00,013,348 | ---- | M] () -- I:\Documents and Settings\M\Mes documents\cc_20091211_085609.r​eg
 [2009/12/11 08:42:38 | 00,001,548 | ---- | M] () -- I:\Documents and Settings\M\Bureau\CCleaner.lnk
 [2009/12/11 03:31:55 | 00,056,816 | ---- | M] (Avira GmbH) -- I:\WINDOWS\System32\drivers\av​gntflt.sys
 [2009/12/04 04:40:48 | 00,001,921 | ---- | M] () -- I:\Documents and Settings\All Users\Bureau\Google Earth.lnk
 [2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- I:\WINDOWS\System32\drivers\mb​amswissarmy.sys
 [2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- I:\WINDOWS\System32\drivers\mb​am.sys
 [2009/12/01 21:25:12 | 00,000,951 | ---- | M] () -- I:\Documents and Settings\All Users\Bureau\RealPlayer SP.lnk
 [2009/12/01 21:25:03 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- I:\WINDOWS\System32\rmoc3260.d​ll
 [2009/12/01 21:24:53 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- I:\WINDOWS\System32\pndx5016.d​ll
 [2009/12/01 21:24:53 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- I:\WINDOWS\System32\pndx5032.d​ll
 [2009/12/01 21:24:28 | 00,278,528 | ---- | M] (Real Networks, Inc) -- I:\WINDOWS\System32\pncrt.dll
 [2009/11/30 04:48:26 | 00,000,058 | ---- | M] () -- I:\WINDOWS\System32\DonationCo​der_ScreenshotCaptor_InstallIn​fo.dat
 [2009/11/30 04:48:26 | 00,000,058 | ---- | M] () -- I:\Documents and Settings\M\Local Settings\Application Data\DonationCoder_ScreenshotC​aptor_InstallInfo.dat
 [2009/11/26 01:10:57 | 00,004,061 | ---- | M] () -- I:\Documents and Settings\M\.recently-used.xbel
 [2009/11/24 00:39:46 | 00,093,360 | ---- | M] (Sunbelt Software) -- I:\WINDOWS\System32\drivers\SB​REDrv.sys
 [2009/11/23 02:29:26 | 00,001,729 | ---- | M] () -- I:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
 [5 I:\WINDOWS\*.tmp files -> I:\WINDOWS\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2009/12/16 02:15:51 | 00,103,232 | ---- | C] () -- I:\WINDOWS\System32\drivers\sf​i.dat
 [2009/12/15 19:38:48 | 00,000,408 | -H-- | C] () -- I:\WINDOWS\tasks\MP Scheduled Scan.job
 [2009/12/15 19:33:19 | 00,000,850 | ---- | C] () -- I:\Documents and Settings\All Users\Bureau\Microsoft Security Essentials.lnk
 [2009/12/15 08:05:27 | 00,001,030 | ---- | C] () -- I:\Documents and Settings\M\Menu Démarrer\Programmes\Démarrage\​Anti-Autorun-inf.lnk
 [2009/12/15 08:04:47 | 00,000,970 | ---- | C] () -- I:\Documents and Settings\M\Bureau\Anti-Autorun​.inf.lnk
 [2009/12/15 06:22:16 | 00,014,152 | ---- | C] () -- I:\Documents and Settings\M\Bureau\UsbFix_Uploa​d_Me_M-WMJ9X8V6ZNQPM.zip
 [2009/12/15 05:26:57 | 00,000,214 | ---- | C] () -- I:\Documents and Settings\M\Bureau\Rapport - GenProc[1].URL
 [2009/12/13 12:53:18 | 00,108,059 | ---- | C] () -- I:\WINDOWS\System32\drivers\kl​in.dat
 [2009/12/13 12:53:18 | 00,095,259 | ---- | C] () -- I:\WINDOWS\System32\drivers\kl​ick.dat
 [2009/12/13 07:52:28 | 00,000,827 | ---- | C] () -- I:\Documents and Settings\M\Menu Démarrer\Programmes\Démarrage\​PandaUSBVaccine.lnk
 [2009/12/13 06:55:58 | 00,000,023 | -HS- | C] () -- I:\WINDOWS\System32\aafabdbdb5​.dat
 [2009/12/13 06:55:58 | 00,000,023 | ---- | C] () -- I:\WINDOWS\System32\bcbebcaeea​ff.xml
 [2009/12/13 06:55:35 | 00,000,690 | ---- | C] () -- I:\Documents and Settings\M\Bureau\jv16 PowerTools 2009.lnk
 [2009/12/13 06:47:18 | 00,237,710 | ---- | C] () -- I:\WINDOWS\System32\def.vpc
 [2009/12/13 06:46:44 | 00,237,710 | ---- | C] () -- I:\Documents and Settings\M\def.vpc
 [2009/12/12 06:11:26 | 00,000,006 | ---- | C] () -- I:\WINDOWS\System32\cuatro.ini
 [2009/12/12 06:11:14 | 00,000,774 | ---- | C] () -- I:\Documents and Settings\M\Bureau\Liberty BASIC v4.03.lnk
 [2009/12/12 06:06:39 | 00,001,570 | ---- | C] () -- I:\Documents and Settings\M\Bureau\FreeBASIC.ln​k
 [2009/12/11 11:21:38 | 00,001,393 | ---- | C] () -- I:\WINDOWS\imsins.BAK
 [2009/12/11 08:56:46 | 00,000,082 | ---- | C] () -- I:\Documents and Settings\M\Mes documents\cc_20091211_085644.r​eg
 [2009/12/11 08:56:12 | 00,013,348 | ---- | C] () -- I:\Documents and Settings\M\Mes documents\cc_20091211_085609.r​eg
 [2009/12/11 08:42:37 | 00,001,548 | ---- | C] () -- I:\Documents and Settings\M\Bureau\CCleaner.lnk
 [2009/12/04 04:40:48 | 00,001,921 | ---- | C] () -- I:\Documents and Settings\All Users\Bureau\Google Earth.lnk
 [2009/12/04 04:36:52 | 00,000,876 | ---- | C] () -- I:\WINDOWS\tasks\GoogleUpdateT​askMachineUA.job
 [2009/12/04 04:36:52 | 00,000,872 | ---- | C] () -- I:\WINDOWS\tasks\GoogleUpdateT​askMachineCore.job
 [2009/12/01 21:25:12 | 00,000,951 | ---- | C] () -- I:\Documents and Settings\All Users\Bureau\RealPlayer SP.lnk
 [2009/11/30 04:48:26 | 00,000,058 | ---- | C] () -- I:\WINDOWS\System32\DonationCo​der_ScreenshotCaptor_InstallIn​fo.dat
 [2009/11/30 04:48:26 | 00,000,058 | ---- | C] () -- I:\Documents and Settings\M\Local Settings\Application Data\DonationCoder_ScreenshotC​aptor_InstallInfo.dat
 [2009/11/26 01:10:57 | 00,004,061 | ---- | C] () -- I:\Documents and Settings\M\.recently-used.xbel
 [2009/11/23 02:29:26 | 00,001,729 | ---- | C] () -- I:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
 [2009/09/28 09:34:53 | 00,078,216 | ---- | C] () -- I:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
 [2009/09/22 20:34:15 | 02,333,952 | ---- | C] () -- I:\Documents and Settings\M\Application Data\install.txt
 [2009/08/05 22:49:05 | 00,000,270 | ---- | C] () -- I:\WINDOWS\hpqcopy.INI
 [2009/07/07 14:33:29 | 00,000,121 | ---- | C] () -- I:\WINDOWS\Winchat.ini
 [2009/07/07 13:46:29 | 00,003,120 | ---- | C] () -- I:\Documents and Settings\All Users\Application Data\118300.34
 [2009/07/07 13:46:24 | 00,005,632 | ---- | C] () -- I:\WINDOWS\System32\Machnm64.s​ys
 [2009/07/07 13:46:24 | 00,002,304 | ---- | C] () -- I:\WINDOWS\System32\Machnm32.s​ys
 [2009/03/18 00:15:48 | 00,147,456 | ---- | C] () -- I:\WINDOWS\System32\VegaShEx.d​ll
 [2009/03/18 00:15:38 | 00,308,224 | ---- | C] () -- I:\WINDOWS\System32\Lffpx7.dll
 [2009/03/18 00:15:38 | 00,091,136 | ---- | C] () -- I:\WINDOWS\System32\Lfkodak.dl​l
 [2009/03/18 00:13:37 | 00,000,130 | ---- | C] () -- I:\WINDOWS\pagesuit.ini
 [2009/03/18 00:13:36 | 00,023,040 | ---- | C] () -- I:\WINDOWS\System32\irisco32.d​ll
 [2008/05/12 14:27:26 | 00,003,712 | ---- | C] () -- I:\WINDOWS\System32\fxsperf.in​i
 [2007/11/14 03:01:53 | 00,000,118 | ---- | C] () -- I:\WINDOWS\System32\MRT.INI
 [2007/10/08 06:39:22 | 00,000,121 | ---- | C] () -- I:\WINDOWS\bdagent.INI
 [2007/09/23 02:19:21 | 00,000,305 | ---- | C] () -- I:\Documents and Settings\All Users\Application Data\addr_file.html
 [2007/09/22 22:13:47 | 00,000,206 | ---- | C] () -- I:\WINDOWS\System32\bfedf6_r.d​ll
 [2007/04/28 22:27:03 | 00,000,124 | ---- | C] () -- I:\Documents and Settings\M\Local Settings\Application Data\fusioncache.dat
 [2007/02/26 19:08:35 | 00,114,176 | ---- | C] () -- I:\Documents and Settings\M\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E​0D61DEA3FDF.ini
 [2007/02/24 22:47:46 | 00,000,517 | ---- | C] () -- I:\WINDOWS\TSC.INI
 [2007/02/24 22:37:35 | 00,000,170 | ---- | C] () -- I:\WINDOWS\GetServer.ini
 [2007/02/24 22:18:03 | 00,180,224 | ---- | C] () -- I:\WINDOWS\System32\setuplib.d​ll
 [2007/02/24 22:14:56 | 00,000,092 | ---- | C] () -- I:\WINDOWS\CMISETUP.INI
 [2007/02/24 22:14:56 | 00,000,026 | ---- | C] () -- I:\WINDOWS\CMCDPLAY.INI
 [2007/02/24 22:14:54 | 01,900,544 | ---- | C] () -- I:\WINDOWS\System32\cmiwcnfg.d​ll
 [2007/02/24 22:14:53 | 00,028,672 | ---- | C] () -- I:\WINDOWS\System32\cmirmdrv.d​ll
 [2007/02/24 22:14:42 | 00,028,672 | ---- | C] () -- I:\WINDOWS\CMIRmDriver.dll
 [2007/02/24 22:09:17 | 00,363,520 | ---- | C] () -- I:\WINDOWS\System32\psisdecd.d​ll
 [2003/01/23 02:29:42 | 00,000,134 | ---- | C] () -- I:\WINDOWS\monitor.INI
 [2003/01/23 02:20:28 | 00,028,672 | ---- | C] () -- I:\WINDOWS\dbgmsgcfg.dll
 [2003/01/22 22:07:45 | 00,001,751 | ---- | C] () -- I:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
 [2003/01/22 20:52:12 | 00,013,304 | ---- | C] () -- I:\WINDOWS\System32\drivers\BT​NetFilter.sys
 [2003/01/22 20:52:12 | 00,011,860 | ---- | C] () -- I:\WINDOWS\System32\drivers\vb​tenum.sys
 [2003/01/01 03:41:57 | 00,000,095 | ---- | C] () -- I:\WINDOWS\Wininit.ini
 [1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- I:\WINDOWS\AuHCcup1.ini
 [1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- I:\WINDOWS\AuHCcup1.dll
 
 ========== LOP Check ==========
 
 [2003/01/22 21:30:15 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Bluetooth
 [2009/11/30 04:48:05 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\DonationCoder
 [2008/10/29 00:18:33 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\EmailNotifier
 [2009/09/22 20:34:57 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Fighters
 [2008/10/29 06:05:20 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Megaupload
 [2009/10/11 08:50:59 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\page
 [2009/12/13 07:52:34 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Panda Security
 [2009/07/09 18:41:18 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
 [2009/09/28 02:59:50 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\Simply Super Software
 [2008/08/24 22:04:34 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\SpeedBit
 [2009/12/19 15:06:32 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\TEMP
 [2009/10/28 16:50:55 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-​C52491DAA8BD}
 [2009/11/24 15:41:05 | 00,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-​A7420338BF3B}
 [2009/03/05 00:34:57 | 00,000,000 | ---D | M] -- I:\Documents and Settings\EM\Application Data\EoRezo
 [2008/06/21 22:26:20 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\12Ghosts
 [2003/01/11 10:44:58 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Canneverbe_Limited
 [2009/11/30 04:48:26 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\DonationCoder
 [2009/03/18 00:07:14 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Dossier de téléchargement Share-to-Web
 [2009/03/18 00:07:14 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Dossier de téléchargement Share-to-Web
 [2007/12/17 22:02:44 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\EFF
 [2009/10/11 09:05:06 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\EmailNotifier
 [2009/11/26 01:10:57 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\gtk-2.0
 [2009/11/29 02:52:55 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\IObit
 [2009/07/25 17:28:44 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\LG Electronics
 [2009/03/05 00:34:52 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Opera
 [2009/11/29 04:25:11 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Podmailing
 [2009/06/28 07:33:28 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\SPAMfighter
 [2009/09/28 03:45:27 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\uniblue
 [2009/11/30 05:47:13 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\Vso
 [2009/11/30 04:46:06 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\XnView
 [2009/12/17 06:31:00 | 00,000,492 | ---- | M] () -- I:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
 [2009/12/19 15:10:44 | 00,000,408 | -H-- | M] () -- I:\WINDOWS\Tasks\MP Scheduled Scan.job
 [2009/12/19 15:05:47 | 00,000,452 | ---- | M] () -- I:\WINDOWS\Tasks\SLOW-PCfighte​r.job
 [2009/12/19 15:55:21 | 00,000,414 | -H-- | M] () -- I:\WINDOWS\Tasks\User_Feed_Syn​chronization-{6D4CBB1C-F60B-4A​40-8CDA-C57573D0A81A}.job
 
 ========== Purity Check ==========
 
 
 
 ========== Alternate Data Streams ==========
 
 @Alternate Data Stream - 126 bytes -> I:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0
 @Alternate Data Stream - 125 bytes -> I:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
 @Alternate Data Stream - 117 bytes -> I:\Documents and Settings\All Users\Application Data\TEMP:D74B6CF5
 @Alternate Data Stream - 116 bytes -> I:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
 @Alternate Data Stream - 109 bytes -> I:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
 @Alternate Data Stream - 106 bytes -> I:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
 < End of report >

(Publicité)
erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/12/2009 à 07:21:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voici le rapport extra.txt

 OTL Extras logfile created on: 19/12/2009 21:37:51 - Run 1
 OTL by OldTimer - Version 3.1.19.0     Folder = I:\Documents and Settings\M\Mes documents\My Completed Downloads
 Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.6001.18702)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 1 023,00 Mb Total Physical Memory | 532,00 Mb Available Physical Memory | 52,00% Memory free
 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
 Paging file location(s): I:\pagefile.sys 1536 3072 [binary data]
 
 %SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files
 C: Drive not present or media not loaded
 D: Drive not present or media not loaded
 E: Drive not present or media not loaded
 F: Drive not present or media not loaded
 G: Drive not present or media not loaded
 H: Drive not present or media not loaded
 Drive I: | 76,32 Gb Total Space | 46,06 Gb Free Space | 60,35% Space Free | Partition Type: NTFS
 
 Computer Name: M-WMJ9X8V6ZNQPM
 Current User Name: M
 Logged in as Administrator.
 
 Current Boot Mode: Normal
 Scan Mode: All users
 Company Name Whitelist: Off
 Skip Microsoft Files: Off
 File Age = 30 Days
 Output = Minimal
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 .html [@ = FirefoxHTML] -- I:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 [HKEY_USERS\S-1-5-21-299502267-​1788223648-725345543-1004\SOFT​WARE\Classes\<extension>​]
 .html [@ = FirefoxHTML] -- I:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 exefile [open] -- "%1" %*
 htmlfile [edit] -- Reg Error: Key error.
 htmlfile [open] -- "I:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
 htmlfile [opennew] -- "I:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
 http [open] -- "I:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 https [open] -- "I:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Applications\iexplore.exe [open] -- "I:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
 CLSID\{871C5380-42A0-1069-A2EA​-08002B30309D} [OpenHomePage] -- "I:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "AntiVirusDisableNotify" = 0
 "FirewallDisableNotify" = 0
 "UpdatesDisableNotify" = 0
 "AntiVirusOverride" = 0
 "FirewallOverride" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\AhnlabAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\KasperskyAntiVirus]
 "DisableMonitoring" = 1
 "" =
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SophosAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TinyFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ZoneLabsFirewall]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\GloballyOpenPo​rts\List]
 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@​xpsp2res.dll,-22007
 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@​xpsp2res.dll,-22008
 "3587:TCP" = 3587:TCP:*:Enabled:Groupement homologue Windows
 "3540:UDP" = 3540:UDP:*:Enabled:Protocole PNRP (Peer Name Resolution Protocol)
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "EnableFirewall" = 1
 "DoNotAllowExceptions" = 0
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\GloballyOpen​Ports\List]
 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@​xpsp2res.dll,-22007
 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@​xpsp2res.dll,-22008
 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@​xpsp2res.dll,-22004
 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@​xpsp2res.dll,-22005
 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@​xpsp2res.dll,-22001
 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@​xpsp2res.dll,-22002
 "3587:TCP" = 3587:TCP:*:Enabled:Groupement homologue Windows
 "3540:UDP" = 3540:UDP:*:Enabled:Protocole PNRP (Peer Name Resolution Protocol)
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\AuthorizedAppl​ications\List]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "I:\Program Files\DAP\DAP.exe" = I:\Program Files\DAP\DAP.exe:*:Enabled:Do​wnload Accelerator Plus (DAP) -- (SpeedBit Ltd.)
 "I:\Program Files\IVT Corporation\BlueSoleil\BlueSol​eil.exe" = I:\Program Files\IVT Corporation\BlueSoleil\BlueSol​eil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
 "I:\WINDOWS\monitor.exe" = I:\WINDOWS\monitor.exe:*:Enabl​ed:Debug Monitor for Windows 95 and NT -- (Compuware Corporation - NuMega Lab)
 "I:\Documents and Settings\M\Mes documents\My Completed Downloads\MOSCHIP-7784-7703\Mo​sSir\Win2k\monitor.exe" = I:\Documents and Settings\M\Mes documents\My Completed Downloads\MOSCHIP-7784-7703\Mo​sSir\Win2k\monitor.exe:*:Enabl​ed:Debug Monitor for Windows 95 and NT -- (Compuware Corporation - NuMega Lab)
 
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 "{002D9D5E-29BA-3E6D-9BC4-3D7D​6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
 "{07FCBED5-94C3-4F94-B9D3-360F​A27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
 "{0C34B801-6AEC-4667-B053-03A6​7E2D0415}" = Apple Application Support
 "{13F3917B56CD4C25848BDC699169​71BB}" = DivX Converter
 "{22B775E7-6C42-4FC5-8E10-9A5E​3257BD94}" = MSVCRT
 "{26A24AE4-039D-4CA4-87B4-2F83​216011FF}" = Java(TM) 6 Update 17
 "{2CD2C0DB-81C3-416B-9FA6-589B​9235359B}" = OpenOffice.org 2.4
 "{2E5C075E-11AB-4BDD-918C-7B9A​68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
 "{3248F0A8-6813-11D6-A77B-00B0​D0160030}" = Java(TM) 6 Update 3
 "{3248F0A8-6813-11D6-A77B-00B0​D0160040}" = Java(TM) 6 Update 4
 "{3248F0A8-6813-11D6-A77B-00B0​D0160050}" = Java(TM) 6 Update 5
 "{3248F0A8-6813-11D6-A77B-00B0​D0160070}" = Java(TM) 6 Update 7
 "{350C940c-3D7C-4EE8-BAA9-00BC​B3D54227}" = WebFldrs XP
 "{3EE51BAD-9916-49C7-90BA-3D50​0B031E0C}_is1" = VSO Image Resizer 2.0.1.11
 "{3F7924B9-D148-3141-87B1-68F3​6043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
 "{48B3FB4D-CE22-488C-8E9F-24EB​B77EAC0F}" = Microsoft Security Essentials
 "{511DF669-2930-30C0-8EB6-5528​87E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
 "{55A41219-9B22-4098-BAE7-AE28​9B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
 "{590D4F8F-98FE-47FA-AC2B-3F22​FDCF7C09}" = ShareIns
 "{5B76AEA2-D4E5-3B55-B965-ACC3​6AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
 "{5D4A033A-A286-44BE-A0F0-B05F​AC25D07F}" = Windows Live Beta (all programs)
 "{64B408B8-068B-4EE0-B16C-658A​24E75B8B}" = Active@ UNDELETE
 "{6956856F-B6B3-4BE0-BA0B-8F49​5BE32033}" = Apple Software Update
 "{69FDFBB6-351D-4B8C-89D8-867D​C9D0A2A4}" = Windows Media Player Firefox Plugin
 "{770657D0-A123-3C07-8E44-1C83​EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 "{7E265513-8CDA-4631-B696-F40D​983F3B07}_is1" = CDBurnerXP
 "{837b34e3-7c30-493c-8f6a-2b0f​04e2912c}" = Microsoft Visual C++ 2005 Redistributable
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{9074AFC0-CFDA-11DE-B484-0050​56806466}" = Google Earth
 "{943B6738-4801-4982-90EC-0442​EF7AEB16}" = Kaspersky Anti-Virus 2010
 "{95120000-00B9-0409-0000-0000​000FF1CE}" = Microsoft Application Error Reporting
 "{9A25302D-30C0-39D9-BD6F-21E6​EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9A394342-4A68-4EBA-85A6-55B5​59F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
 "{9BFFB382-0B2C-11D6-AB3E-0001​02B0F79A}" = Readiris 7.5
 "{9C2DC81B-8114-37D9-A922-95E4​60A1FAFB}" = Microsoft Visual Basic 2008 Express Edition - ENU
 "{A0A77CDC-2419-4D5C-AD2C-E09E​5926B806}" = Microsoft Antimalware
 "{A3051CD0-2F64-3813-A88D-B8DC​CDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
 "{A429C2AE-EBF1-4F81-A221-1C11​5CAADDAD}" = QuickTime
 "{A4526B5A-89C0-4F4B-9E6E-4F88​3374D5F9}" = Microsoft Antimalware Service FR-FR Language Pack
 "{A92DAB39-4E2C-4304-9AB6-BC44​E68B55E2}" = Google Update Helper
 "{AADEA55D-C834-4BCB-98A3-4B8D​1C18F4EE}" = Apple Mobile Device Support
 "{ABD7DBE3-E344-4BCA-B8AD-4360​494DD1D9}" = LG MC USB U330 driver
 "{AC5568AB-C3E3-490E-BE40-5097​7C12288D}" = Windows Live Writer
 "{AC76BA86-7AD7-1036-7B44-A920​00000001}" = Adobe Reader 9.2 - Français
 "{B4C0A315-07FB-39F9-85CD-8CE2​0C019350}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
 "{B8E952E3-A823-443A-8493-39A0​CCE0E3EB}" = HP Photo and Imaging 1.0 - Scanjet 3500c Series
 "{B9F499B8-D1F0-42FC-84BE-CC55​2123CCCB}" = BlueSoleil
 "{BAF78226-3200-4DB4-BE33-4D92​2A799840}" = Windows Presentation Foundation
 "{BCC899FE-2DAA-460C-A5FB-6029​1E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
 "{C09FB3CD-3D0C-3F2D-899A-6A1D​67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
 "{C6BDA6E5-B391-4CE5-8D86-B53A​C96FFE03}" = Contacts
 "{CB2F7EDD-9D1F-43C1-90FC-4F52​EAE172A1}" = Microsoft .NET Framework 1.1
 "{CE2CDD62-0124-36CA-84D3-9F4D​CF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{D2BE6521-F81C-4EC6-8887-A8BB​C0B0786B}" = OpenOffice.org 2.4 Language Pack (Français)
 "{D3116CC7-24DC-4CA3-9CE1-23FE​D836E9F2}" = Assistant de connexion Windows Live
 "{DC226AC9-0314-496C-BE6A-B6A1​32628466}" = SiSAGP driver
 "{EBD5E7A9-DBB8-4E24-AE3A-CF93​90AF1CCB}" = Choice Guard
 "{F0B430D1-B6AA-473D-9B06-AA3D​D01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
 "{F20B086F-FB4B-4788-AAC2-AFAB​A378AD1E}" = SPAMfighter
 "{F333A33D-125C-32A2-8DCE-5C5D​14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
 "{F333A33D-125C-32A2-8DCE-5C5D​14231E27}.vc_x86runtime_30729_​01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
 "{F6D0986F-D9A8-479B-A80F-61D5​3CDF65BA}" = Windows Live Photo Gallery Beta
 "7-Zip" = 7-Zip 4.65
 "ActiveScan 2.0" = Panda ActiveScan 2.0
 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
 "Ad-Remover" = Ad-Remover By C_XX
 "Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.50
 "a-squared Free_is1" = a-squared Free 4.5
 "AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
 "CCleaner" = CCleaner
 "C-Media Audio" = C-Media 3D Audio
 "Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
 "Eurobarre" = Eurobarre
 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
 "Extrafilm FotoFacil" = Extrafilm FotoFacil
 "FileZilla" = FileZilla (remove only)
 "FreeBASIC" = FreeBASIC 0.18.3b
 "Generic 6-in-1 USB Card Reader Driver" = Generic 6-in-1 USB Card Reader Driver v1.8d
 "Google Updater" = Outil de mise à jour Google
 "Hemera Products" = Hemera Products
 "HijackThis" = HijackThis 2.0.2
 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
 "ie8" = Windows Internet Explorer 8
 "InstallWIX_{943B6738-4801-498​2-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
 "IrfanView" = IrfanView (remove only)
 "JRE 1.3.1_04" = Environnement d'exécution Java 2, Standard Edition v1.3.1_04
 "jv16 PowerTools 2009_is1" = jv16 PowerTools 2009
 "Liberty BASIC v4.03" = Liberty BASIC v4.03
 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
 "Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
 "Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
 "Microsoft Security Essentials" = Microsoft Security Essentials
 "Microsoft Visual Basic 2008 Express Edition - ENU" = Microsoft Visual Basic 2008 Express Edition - ENU
 "Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
 "PhotoFiltre" = PhotoFiltre
 "RasterVect 12.8 Trial_is1" = RasterVect 12.8 Trial
 "RealPlayer 12.0" = RealPlayer
 "Recuva" = Recuva (remove only)
 "ScreenshotCaptor_is1" = Screenshot Captor 2.70.01
 "SEOToolkit30_is1" = Trellian SEO Toolkit v3.0
 "SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
 "SLOW-PCfighter" = SLOW-PCfighter
 "SPAMfighter" = SPAMfighter
 "SpywareBlaster_is1" = SpywareBlaster 4.2
 "Virtools3DLifePlayer" = Virtools 3D Life Player
 "WIC" = Windows Imaging Component
 "Windows Media Format Runtime" = Windows Media Format 11 runtime
 "Windows Media Player" = Lecteur Windows Media 11
 "Windows XP Service" = Windows XP Service Pack 3
 "WinGimp-2.0_is1" = GIMP 2.6.6
 "WinLiveSuite_Wave3" = Windows Live Beta (all programs)
 "WMFDist11" = Windows Media Format 11 runtime
 "wmp11" = Windows Media Player 11
 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 "XnView_is1" = XnView 1.91.5
 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 "YoutubeGet_is1" = YoutubeGet 3.0
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\.DEFAULT\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Uninstall]
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\S-1-5-18\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Uninstall]
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\S-1-5-21-299502267-​1788223648-725345543-1004\SOFT​WARE\Microsoft\Windows\Current​Version\Uninstall]
 "f1475314c4a9bbcc" = AWBarre
 
 ========== Last 10 Event Log Errors ==========
 
 [ Application Events ]
 Error - 12/12/2009 03:04:14 | Computer Name = M-WMJ9X8V6ZNQPM | Source = .NET Runtime Optimization Service | ID = 1101
 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_3​2)
 - Failed to compile: I:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDete​ctive.Client.exe
 . Error code = 0x80131047  
 
 Error - 13/12/2009 07:31:51 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MsiInstaller | ID = 1013
 Description = Programme : Kaspersky Anti-Virus 2010 -- Vous devez redémarrer l'ordinateur
 pour poursuivre l'installation.
 
 Error - 13/12/2009 07:33:07 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MsiInstaller | ID = 1013
 Description = Programme : Kaspersky Anti-Virus 2010 -- Vous devez redémarrer l'ordinateur
 pour poursuivre l'installation.
 
 Error - 15/12/2009 14:35:27 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MPSampleSubmission | ID = 5000
 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4
 2.0.6212.0, P5 mpsigdwn.dll, P6 2.0.6212.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861f​cbcfcde),
 P8 NIL, P9 NIL, P10 NIL.
 
 Error - 15/12/2009 22:17:20 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MPSampleSubmission | ID = 5000
 Description = EventType avsubmit, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861f​cbcfcde),
 P2 2.0.6212.0, P3 timeout, P4 1.1.5302.0, P5 unspecified, P6 NIL, P7 NIL, P8 NIL,
 P9 NIL, P10 NIL.
 
 Error - 16/12/2009 21:32:12 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MsiInstaller | ID = 11706
 Description = Product: SPAMfighter -- Error 1706.No valid source could be found
 for product SPAMfighter.  The Windows Installer cannot continue.
 
 Error - 16/12/2009 21:41:13 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MPSampleSubmission | ID = 5000
 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4
 2.0.6212.0, P5 mpsigdwn.dll, P6 2.0.6212.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861f​cbcfcde),
 P8 NIL, P9 NIL, P10 NIL.
 
 Error - 18/12/2009 05:15:03 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MPSampleSubmission | ID = 5000
 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4
 2.0.6212.0, P5 mpsigdwn.dll, P6 2.0.6212.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861f​cbcfcde),
 P8 NIL, P9 NIL, P10 NIL.
 
 Error - 18/12/2009 07:08:31 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MPSampleSubmission | ID = 5000
 Description = EventType mptelemetry, P1 0, P2 system file cache, P3 cacheflush,
 P4 2.0.6212.0, P5 microsoft antimalware, P6 2, P7 unspecified, P8 NIL, P9 NIL, P10
 NIL.
 
 Error - 19/12/2009 10:16:47 | Computer Name = M-WMJ9X8V6ZNQPM | Source = MPSampleSubmission | ID = 5000
 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4
 2.0.6212.0, P5 mpsigdwn.dll, P6 2.0.6212.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861f​cbcfcde),
 P8 NIL, P9 NIL, P10 NIL.
 
 [ System Events ]
 Error - 19/12/2009 12:22:20 | Computer Name = M-WMJ9X8V6ZNQPM | Source = Service Control Manager | ID = 7023
 Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
  %%126
 
 Error - 19/12/2009 12:22:50 | Computer Name = M-WMJ9X8V6ZNQPM | Source = DCOM | ID = 10010
 Description = Le serveur {E60687F7-01A1-40AA-86AC-DB1CB​F673334} ne s'est pas enregistré
 sur DCOM avant la fin du temps imparti.
 
 Error - 19/12/2009 13:22:50 | Computer Name = M-WMJ9X8V6ZNQPM | Source = Service Control Manager | ID = 7023
 Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
  %%126
 
 Error - 19/12/2009 13:23:20 | Computer Name = M-WMJ9X8V6ZNQPM | Source = DCOM | ID = 10010
 Description = Le serveur {E60687F7-01A1-40AA-86AC-DB1CB​F673334} ne s'est pas enregistré
 sur DCOM avant la fin du temps imparti.
 
 Error - 19/12/2009 14:23:20 | Computer Name = M-WMJ9X8V6ZNQPM | Source = Service Control Manager | ID = 7023
 Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
  %%126
 
 Error - 19/12/2009 14:23:50 | Computer Name = M-WMJ9X8V6ZNQPM | Source = DCOM | ID = 10010
 Description = Le serveur {E60687F7-01A1-40AA-86AC-DB1CB​F673334} ne s'est pas enregistré
 sur DCOM avant la fin du temps imparti.
 
 Error - 19/12/2009 15:23:50 | Computer Name = M-WMJ9X8V6ZNQPM | Source = Service Control Manager | ID = 7023
 Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
  %%126
 
 Error - 19/12/2009 15:24:20 | Computer Name = M-WMJ9X8V6ZNQPM | Source = DCOM | ID = 10010
 Description = Le serveur {E60687F7-01A1-40AA-86AC-DB1CB​F673334} ne s'est pas enregistré
 sur DCOM avant la fin du temps imparti.
 
 Error - 19/12/2009 16:24:20 | Computer Name = M-WMJ9X8V6ZNQPM | Source = Service Control Manager | ID = 7023
 Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
  %%126
 
 Error - 19/12/2009 16:24:50 | Computer Name = M-WMJ9X8V6ZNQPM | Source = DCOM | ID = 10010
 Description = Le serveur {E60687F7-01A1-40AA-86AC-DB1CB​F673334} ne s'est pas enregistré
 sur DCOM avant la fin du temps imparti.
 
 
 < End of report >

 J'ai des difficultés à accéder a la discution et à poster, je suis obligé de poster plusieurs fois.

 Cordialement

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 20/12/2009 à 16:19:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Tu collectionnes les logiciels de sécurité ; cela peut entrainer des conflits.
 Lire : Phénomène de sur-multiplication des logiciels de protection

 De nombreux utilitaires de désinfection sont présents sur ton système. As-tu déjà suivi une désinfection ?


 Désactive tes logiciels de sécurité durant la procédure.

 1) Désactive les application ci-dessous (si présentes) via ajout/suppression de programmes :

 Panda ActiveScan
 Ad-Remover
 a-squared Free (il est dépassé)
 Download Accelerator Plus ; il contient un spyware
 SLOW-PCfighter (si tu ne l'as pas acheté)
 VIRUSfighter


 2) Télécharge le Norton Removal Tool afin de supprimer les éléments résiduels de Norton.

 - Clique deux fois sur l'icône Norton Removal Tool.
 - Suis les instructions. L'ordinateur pourra être redémarré plusieurs fois et tu seras peut-être invité à répéter certaines étapes.


 3) Relance OTL

 - Copie-colle l'entièreté de ceci ci dessous dans la partie "Customs Scans/Fixes" :



:Processes
 explorer.exe

 :otl
 DRV - (NGS) -- i:\VIRUSfighter\Nvc\Bin\ngs.sy​s (Norman ASA)
 IE - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\URLSearc​hHook: {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Reg Error: Key error. File not found
 [2009/11/10 05:34:56 | 00,000,000 | ---D | M] (IObitCom Toolbar) -- I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4}
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - No CLSID value found.
 O2 - BHO: (no name) - {24180B00-2EB6-11d7-BD6F-00485​4603DCE} - No CLSID value found.
 O2 - BHO: (no name) - {60270dc7-9ea0-472f-9b77-66652​c06246e} - No CLSID value found.
 O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​ShellBrowser: (no name) - {60270DC7-9EA0-472F-9B77-66652​C06246E} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​WebBrowser: (no name) - {71AAABE5-1F0F-11D7-BD6F-00485​4603DCE} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​WebBrowser: (no name) - {A057A204-BACC-4D26-C39E-35F1D​2A32EC8} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKU\S-1-5-21-299502267-1788223​648-725345543-1004\..\Toolbar\​WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - No CLSID value found
 O4 - Startup: I:\Documents and Settings\M\Menu Démarrer\Programmes\Démarrage\​Anti-Autorun-inf.lnk = I:\Program Files\Prg Chris\Anti-Autorun.inf\Anti-Au​torun.inf.exe File not found
 I:\Documents and Settings\M\Bureau\FxRajump
 I:\found.000
 I:\Documents and Settings\All Users\AVP9
 I:\UsbFix
 [2009/11/24 00:40:00 | 00,093,360 | ---- | C] (Sunbelt Software) -- I:\WINDOWS\System32\drivers\SB​REDrv.sys
 [2009/11/24 00:14:38 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Symantec
 [2009/11/24 00:14:36 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Norton
 [2009/11/24 00:04:57 | 00,000,000 | ---D | C] -- I:\Program Files\NortonInstaller
 [2009/11/24 00:04:57 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\NortonInstaller
 [2009/12/19 15:10:44 | 00,000,408 | -H-- | M] () -- I:\WINDOWS\tasks\MP Scheduled Scan.job
 [2009/12/19 15:05:47 | 00,000,452 | ---- | M] () -- I:\WINDOWS\tasks\SLOW-PCfighte​r.job
 [2009/12/18 15:00:00 | 00,000,400 | ---- | M] () -- I:\WINDOWS\tasks\Norton Security Scan.job
 [2009/12/17 06:31:00 | 00,000,492 | ---- | M] () -- I:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
 [2009/12/16 11:55:37 | 00,081,984 | ---- | M] () -- I:\WINDOWS\System32\bdod.bin
 [2009/12/15 08:04:47 | 00,000,970 | ---- | M] () -- I:\Documents and Settings\M\Bureau\Anti-Autorun​.inf.lnk
 [2009/12/15 06:22:16 | 00,014,152 | ---- | M] () -- I:\Documents and Settings\M\Bureau\UsbFix_Uploa​d_Me_M-WMJ9X8V6ZNQPM.zip
 [2009/12/15 05:26:57 | 00,000,214 | ---- | M] () -- I:\Documents and Settings\M\Bureau\Rapport - GenProc[1].URL
 [2009/12/13 06:55:58 | 00,000,023 | -HS- | M] () -- I:\WINDOWS\System32\aafabdbdb5​.dat
 [2009/12/13 06:55:58 | 00,000,023 | ---- | M] () -- I:\WINDOWS\System32\bcbebcaeea​ff.xml
 [2009/12/13 06:47:18 | 00,237,710 | ---- | M] () -- I:\WINDOWS\System32\def.vpc
 [2009/12/13 06:46:44 | 00,237,710 | ---- | M] () -- I:\Documents and Settings\M\def.vpc
 [2009/12/11 03:31:55 | 00,056,816 | ---- | M] (Avira GmbH) -- I:\WINDOWS\System32\drivers\av​gntflt.sys
 [2009/03/05 00:34:57 | 00,000,000 | ---D | M] -- I:\Documents and Settings\EM\Application Data\EoRezo
 [2009/11/29 02:52:55 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\IObit
 [2009/09/28 03:45:27 | 00,000,000 | ---D | M] -- I:\Documents and Settings\M\Application Data\uniblue

 :reg
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\KasperskyAntiVirus]
 "DisableMonitoring"=-
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\gupdate​]
 "Start"=dword:00000003
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\JavaQui​ckStarterService]
 "Start"=dword:00000003
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\gusvc]
 "Start"=dword:00000003

 :Commands
 [Purity]
 [emptytemp]
 [start explorer]
 [Reboot]



 Clique ensuite sur "Run Fix". L'ordinateur peut demander à redémarrer, accepte.
 Une fois l'opération terminée, un fichier texte apparaîtra à l'écran. Copie/colle son contenu ici.

 Comment se comporte le système ?


 Cordialement.

erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/12/2009 à 16:54:14  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour

 Internet explorer est toujours très lent.
 Rien de changé !

 Voici le fichier texte.

 All processes killed
 ========== PROCESSES ==========
 No active process named explorer.exe was found!
 ========== OTL ==========
 Service NGS stopped successfully!
 Service NGS deleted successfully!
 i:\VIRUSfighter\Nvc\Bin\ngs.sy​s moved successfully.
 Registry value HKEY_USERS\S-1-5-21-299502267-​1788223648-725345543-1004\Soft​ware\Microsoft\Internet Explorer\URLSearchHooks\\{EF99​BD32-C1FB-11D2-892F-0090271D4F​88} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{EF99BD32-C1FB-11D​2-892F-0090271D4F88}\ deleted successfully.
 I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4}\searchplugin folder moved successfully.
 I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4}\META-INF folder moved successfully.
 I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4}\lib folder moved successfully.
 I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4}\defaults folder moved successfully.
 I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4}\components folder moved successfully.
 I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4}\chrome folder moved successfully.
 I:\Documents and Settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\extensions\{3​1c7d459-9cc3-44f2-9dca-fc11795​309b4} folder moved successfully.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B​51-7695ECA05670}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{02478D38-C3F9-4ef​b-9B51-7695ECA05670}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{24180B00-2EB6-11d7-BD​6F-004854603DCE}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{24180B00-2EB6-11d​7-BD6F-004854603DCE}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{60270dc7-9ea0-472f-9b​77-66652c06246e}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{60270dc7-9ea0-472​f-9b77-66652c06246e}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-83​33-CF10577473F7}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{AA58ED58-01DD-4d9​1-8333-CF10577473F7}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{CCC7A320-B3​CA-4199-B1A6-9F516DD69829} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CCC7A320-B3CA-419​9-B1A6-9F516DD69829}\ not found.
 Registry value HKEY_USERS\S-1-5-21-299502267-​1788223648-725345543-1004\Soft​ware\Microsoft\Internet Explorer\Toolbar\ShellBrowser\​\{60270DC7-9EA0-472F-9B77-6665​2C06246E} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{60270DC7-9EA0-472​F-9B77-66652C06246E}\ not found.
 Registry value HKEY_USERS\S-1-5-21-299502267-​1788223648-725345543-1004\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​71AAABE5-1F0F-11D7-BD6F-004854​603DCE} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{71AAABE5-1F0F-11D​7-BD6F-004854603DCE}\ not found.
 Registry value HKEY_USERS\S-1-5-21-299502267-​1788223648-725345543-1004\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​A057A204-BACC-4D26-C39E-35F1D2​A32EC8} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{A057A204-BACC-4D2​6-C39E-35F1D2A32EC8}\ not found.
 Registry value HKEY_USERS\S-1-5-21-299502267-​1788223648-725345543-1004\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​CCC7A320-B3CA-4199-B1A6-9F516D​D69829} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CCC7A320-B3CA-419​9-B1A6-9F516DD69829}\ not found.
 Registry value HKEY_USERS\S-1-5-21-299502267-​1788223648-725345543-1004\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​EF99BD32-C1FB-11D2-892F-009027​1D4F88} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{EF99BD32-C1FB-11D​2-892F-0090271D4F88}\ not found.
 I:\Documents and Settings\M\Menu Démarrer\Programmes\Démarrage\​Anti-Autorun-inf.lnk moved successfully.
 I:\WINDOWS\system32\drivers\SB​REDrv.sys moved successfully.
 I:\Documents and Settings\All Users\Application Data\Symantec\SubEng folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\Symantec folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\Norton\00000082\00000105\​0000034f folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\Norton\00000082\00000105 folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\Norton\00000082 folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\Norton folder moved successfully.
 Folder I:\Program Files\NortonInstaller\ not found.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​5-2009-01h22m26s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​5-2009-01h22m20s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​5-2009-01h13m32s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-15h39m29s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-15h39m21s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-15h39m13s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-15h39m07s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-15h38m55s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-15h38m47s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-15h38m40s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-15h38m30s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\11-2​4-2009-00h04m56s folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs folder moved successfully.
 I:\Documents and Settings\All Users\Application Data\NortonInstaller folder moved successfully.
 I:\WINDOWS\tasks\MP Scheduled Scan.job moved successfully.
 I:\WINDOWS\tasks\SLOW-PCfighte​r.job moved successfully.
 I:\WINDOWS\tasks\Norton Security Scan.job moved successfully.
 I:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
 I:\WINDOWS\system32\bdod.bin moved successfully.
 I:\Documents and Settings\M\Bureau\Anti-Autorun​.inf.lnk moved successfully.
 I:\Documents and Settings\M\Bureau\UsbFix_Uploa​d_Me_M-WMJ9X8V6ZNQPM.zip moved successfully.
 I:\Documents and Settings\M\Bureau\Rapport - GenProc[1].URL moved successfully.
 I:\WINDOWS\system32\aafabdbdb5​.dat moved successfully.
 I:\WINDOWS\system32\bcbebcaeea​ff.xml moved successfully.
 I:\WINDOWS\system32\def.vpc moved successfully.
 I:\Documents and Settings\M\def.vpc moved successfully.
 I:\WINDOWS\system32\drivers\av​gntflt.sys moved successfully.
 I:\Documents and Settings\EM\Application Data\EoRezo\eoStats folder moved successfully.
 I:\Documents and Settings\EM\Application Data\EoRezo\eoDesktop folder moved successfully.
 I:\Documents and Settings\EM\Application Data\EoRezo folder moved successfully.
 I:\Documents and Settings\M\Application Data\IObit\SmartRAM folder moved successfully.
 I:\Documents and Settings\M\Application Data\IObit\InternetBooster folder moved successfully.
 I:\Documents and Settings\M\Application Data\IObit\Common folder moved successfully.
 I:\Documents and Settings\M\Application Data\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
 I:\Documents and Settings\M\Application Data\IObit\Advanced SystemCare\Backup folder moved successfully.
 I:\Documents and Settings\M\Application Data\IObit\Advanced SystemCare folder moved successfully.
 I:\Documents and Settings\M\Application Data\IObit folder moved successfully.
 I:\Documents and Settings\M\Application Data\uniblue\registry booster\temp folder moved successfully.
 I:\Documents and Settings\M\Application Data\uniblue\registry booster\History folder moved successfully.
 I:\Documents and Settings\M\Application Data\uniblue\registry booster\Backup\200909280452.28 folder moved successfully.
 I:\Documents and Settings\M\Application Data\uniblue\registry booster\Backup folder moved successfully.
 I:\Documents and Settings\M\Application Data\uniblue\registry booster folder moved successfully.
 I:\Documents and Settings\M\Application Data\uniblue folder moved successfully.
 ========== REGISTRY ==========
 Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\KasperskyAnt​iVirus\\DisableMonitoring deleted successfully.
 HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\gupdate​\\"Start"|dword:00000003 /E : value set successfully!
 HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\JavaQui​ckStarterService\\"Start"|dwor​d:00000003 /E : value set successfully!
 HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\gusvc\\​"Start"|dword:00000003 /E : value set successfully!
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default User
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: EM
 ->Temp folder emptied: 16628 bytes
 ->Temporary Internet Files folder emptied: 364566 bytes
 
 User: LocalService
 ->Temp folder emptied: 66016 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 ->FireFox cache emptied: 3953383 bytes
 
 User: M
 ->Temp folder emptied: 444292312 bytes
 ->Temporary Internet Files folder emptied: 4067496 bytes
 ->Java cache emptied: 13716695 bytes
 ->FireFox cache emptied: 107000547 bytes
 ->Google Chrome cache emptied: 0 bytes
 
 User: NetworkService
 ->Temp folder emptied: 103844 bytes
 ->Temporary Internet Files folder emptied: 32902 bytes
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 1139202 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 Windows Temp folder emptied: 4497061 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temp folder emptied: 13509540 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 86683 bytes
 RecycleBin emptied: 0 bytes
 
 Total Files Cleaned = 565,00 mb
 
 
 OTL by OldTimer - Version 3.1.19.0 log created on 12222009_152105

 Files\Folders moved on Reboot...

 Registry entries deleted on Reboot...

(Publicité)
May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 22/12/2009 à 23:04:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Pour vérification :
 Désactive les logiciels de protection (Antivirus, Antispywares) puis :

 1) Télécharge Combofix de sUBs et sauvegarde le sur ton bureau et pas ailleurs!


 2) Double-clic sur combofix ; si l'outil te propose d'installer la console de récupération Windows, accepte.

 Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.


 Cordialement.

erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/12/2009 à 16:29:39  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour

 Impossible de placer ou de déplacer Combofix sur le bureau.
 J'ai utilisé un raccourci.
 A chaque démarrage de Windows depuis le début du problème, une fenêtre indique qu'un fichier du registre à été restauré avec succès.
 Depuis la liste tous les programme, je ne peu plus placer de raccourcis sur le bureau.


 Rapport

 ComboFix 09-12-22.06 - M 23/12/2009  14:48:04.2.2 - x86
 Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.102​3.543 [GMT 1:00]
 Lancé depuis: i:\documents and settings\M\Mes documents\Téléchargements\Comb​oFix.exe
 AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E2524​35469C0}
 AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861F​CBCFCDF}
 FW: Kaspersky Anti-Virus *disabled* {2C4D4BC6-0793-4956-A9F9-E2524​35469C0}
 .

 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .

 i:\program files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 i:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dl​l
 i:\windows\monitor.exe
 i:\windows\patch.exe

 .
 (((((((((((((((((((((((((((((   Fichiers créés du 2009-11-23 au 2009-12-23  ))))))))))))))))))))))))))))))​))))))
 .

 2009-12-22 14:21 . 2009-12-22 14:21 -------- d-----w- I:\_OTL
 2009-12-21 14:39 . 2009-12-21 14:39 2560 ----a-w- i:\windows\_MSRSTRT.EXE
 2009-12-21 14:14 . 2009-12-21 14:14 -------- d-----w- i:\program files\SpeedBit Video Downloader
 2009-12-16 07:33 . 2009-12-16 07:33 -------- d-----w- i:\program files\Softwin
 2009-12-16 01:15 . 2009-12-16 01:35 103232 ----a-w- i:\windows\system32\drivers\sf​i.dat
 2009-12-16 01:05 . 2009-12-17 01:29 -------- d-----w- i:\program files\COMODO
 2009-12-15 18:38 . 2009-11-02 19:42 195456 ------w- i:\windows\system32\MpSigStub.​exe
 2009-12-15 18:33 . 2009-12-15 18:33 -------- d-----w- i:\program files\Microsoft Security Essentials
 2009-12-15 07:04 . 2009-12-15 07:04 -------- d-----w- i:\program files\Prg Chris
 2009-12-15 05:15 . 2009-12-15 05:15 -------- d-----w- I:\found.000
 2009-12-13 12:00 . 2009-12-13 12:00 80400 ----a-w- i:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporar​y Files\temporaryFolder\AutoPatc​hes\kav9exec\9.0.0.736\fssync.​dll
 2009-12-13 12:00 . 2009-12-13 12:00 80400 ----a-w- i:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporar​y Files\rollback\patch\AutoPatch​es\kav9exec\9.0.0.736\fssync.d​ll
 2009-12-13 11:53 . 2009-12-13 11:53 -------- d--h--we i:\documents and settings\All Users\AVP9
 2009-12-13 11:53 . 2009-12-13 11:53 95259 ----a-w- i:\windows\system32\drivers\kl​ick.dat
 2009-12-13 11:53 . 2009-12-13 11:53 108059 ----a-w- i:\windows\system32\drivers\kl​in.dat
 2009-12-13 11:51 . 2009-12-23 10:13 -------- d-----w- i:\documents and settings\All Users\Application Data\Kaspersky Lab
 2009-12-13 11:51 . 2009-12-13 11:51 -------- d-----w- i:\program files\Kaspersky Lab
 2009-12-13 08:58 . 2009-12-21 14:03 -------- d-----w- i:\program files\Panda Security
 2009-12-13 06:52 . 2009-12-13 06:52 -------- d-----w- i:\documents and settings\All Users\Application Data\Panda Security
 2009-12-13 06:52 . 2009-12-13 06:52 -------- d-----w- i:\program files\Panda USB Vaccine
 2009-12-13 05:55 . 2009-12-13 05:55 -------- d-----w- i:\program files\jv16 PowerTools 2009
 2009-12-13 01:43 . 2009-12-15 05:22 -------- d-----w- I:\UsbFix
 2009-12-12 06:28 . 2009-12-12 06:29 -------- dc-h--w- i:\windows\ie8
 2009-12-12 06:23 . 2009-12-12 06:29 -------- d-----w- I:\af03c1621035ac4832bd0638c0e​45b67
 2009-12-12 05:30 . 2009-12-12 05:30 -------- d-----w- i:\program files\Microsoft Synchronization Services
 2009-12-12 05:30 . 2009-12-12 05:30 187808 ----a-w- i:\documents and settings\All Users\Application Data\Microsoft\VBExpress\9.0\1​033\ResourceCache.dll
 2009-12-12 05:28 . 2009-12-12 05:28 416 ----a-w- i:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\R​esourceCache.dll
 2009-12-12 05:28 . 2009-12-12 05:28 -------- d-----w- i:\documents and settings\M\Local Settings\Application Data\Microsoft Help
 2009-12-12 05:25 . 2009-12-12 05:30 -------- d-----w- i:\program files\Microsoft Visual Studio 9.0
 2009-12-12 05:25 . 2009-12-12 05:25 -------- d-----w- i:\program files\Microsoft.NET
 2009-12-12 05:25 . 2009-12-12 05:30 -------- d-----w- i:\documents and settings\All Users\Application Data\Microsoft Help
 2009-12-12 05:24 . 2009-12-12 05:24 -------- d-----w- i:\program files\Microsoft SDKs
 2009-12-12 05:11 . 2009-12-14 03:23 -------- d-----w- i:\program files\Liberty BASIC v4.03
 2009-12-12 05:06 . 2009-12-12 05:07 -------- d-----w- i:\program files\FreeBASIC
 2009-12-11 10:08 . 2009-12-12 05:43 86576 ----a-w- i:\documents and settings\M\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
 2009-12-11 10:08 . 2009-12-12 05:43 132672 ----a-w- i:\documents and settings\M\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
 2009-12-11 10:08 . 2009-12-12 05:43 392728 ----a-w- i:\documents and settings\M\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
 2009-12-11 10:08 . 2009-12-11 10:08 135680 ----a-w- i:\documents and settings\M\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
 2009-12-01 20:24 . 2009-12-01 20:24 -------- d-----w- i:\program files\Fichiers communs\xing shared
 2009-11-30 03:48 . 2009-11-30 03:48 58 ----a-w- i:\windows\system32\DonationCo​der_ScreenshotCaptor_InstallIn​fo.dat
 2009-11-30 03:48 . 2009-11-30 03:48 58 ----a-w- i:\documents and settings\M\Local Settings\Application Data\DonationCoder_ScreenshotC​aptor_InstallInfo.dat
 2009-11-30 03:48 . 2009-11-30 03:48 -------- d-----w- i:\documents and settings\M\Application Data\DonationCoder
 2009-11-30 03:48 . 2009-11-30 03:48 -------- d-----w- i:\documents and settings\All Users\Application Data\DonationCoder
 2009-11-30 03:48 . 2009-11-30 04:10 -------- d-----w- i:\program files\ScreenshotCaptor
 2009-11-26 02:56 . 2009-11-26 06:28 -------- d-----w- i:\program files\Eurobarre
 2009-11-25 21:25 . 2009-11-25 21:25 -------- d-----w- i:\windows\system32\IOSUBSYS
 2009-11-24 14:40 . 2009-11-24 14:40 -------- d-----w- i:\documents and settings\LocalService\Local Settings\Application Data\Downloaded Installations
 2009-11-23 23:20 . 2009-11-24 14:41 -------- d-----w- i:\documents and settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-​A7420338BF3B}
 2009-11-23 23:20 . 2009-11-23 23:20 -------- d-----w- i:\documents and settings\M\Local Settings\Application Data\Downloaded Installations

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2009-12-23 13:37 . 2009-06-28 06:34 -------- d-----w- i:\program files\SPAMfighter
 2009-12-23 12:34 . 2007-07-12 04:51 -------- d-----w- i:\documents and settings\All Users\Application Data\Google Updater
 2009-12-21 14:40 . 2003-01-01 02:41 -------- d-----w- i:\program files\DAP
 2009-12-21 14:37 . 2008-08-24 21:04 -------- d-----w- i:\documents and settings\All Users\Application Data\SpeedBit
 2009-12-21 14:37 . 2003-01-01 02:41 -------- d---a-w- i:\documents and settings\All Users\Application Data\TEMP
 2009-12-21 14:01 . 2009-09-22 07:06 -------- d-----w- i:\program files\a-squared Free
 2009-12-21 14:01 . 2009-10-10 05:35 -------- d-----w- i:\program files\Ad-Remover
 2009-12-20 08:19 . 2008-07-07 17:42 -------- d-----w- i:\documents and settings\M\Application Data\OpenOffice.org2
 2009-12-20 08:19 . 2008-07-07 17:43 1 ----a-w- i:\documents and settings\M\Application Data\OpenOffice.org2\user\uno_​packages\cache\stamp.sys
 2009-12-16 10:56 . 2007-11-01 21:15 -------- d-----w- i:\program files\Fichiers communs\Softwin
 2009-12-15 18:23 . 2009-08-16 14:24 -------- d-----w- i:\documents and settings\All Users\Application Data\avg8
 2009-12-13 09:11 . 2007-03-28 00:09 -------- d-----w- i:\program files\Lavasoft
 2009-12-13 09:11 . 2003-01-08 22:23 -------- d-----w- i:\documents and settings\All Users\Application Data\Lavasoft
 2009-12-13 09:06 . 2009-06-20 03:29 -------- d-----w- i:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
 2009-12-13 07:12 . 2009-10-28 15:40 -------- d-----w- i:\program files\Fichiers communs\Apple
 2009-12-12 05:30 . 2008-12-10 00:22 -------- d-----w- i:\program files\Microsoft SQL Server Compact Edition
 2009-12-11 06:53 . 2009-08-03 15:56 -------- d-----w- i:\program files\AWBarre
 2009-12-11 06:53 . 2003-01-03 22:58 -------- d-----w- i:\program files\Malwarebytes' Anti-Malware
 2009-12-10 03:34 . 2008-08-19 11:28 4844296 ----a-w- i:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes​' Anti-Malware\mbam-setup.exe
 2009-12-04 03:43 . 2007-06-17 06:51 -------- d-----w- i:\program files\Google
 2009-12-03 15:14 . 2003-01-03 22:58 38224 ----a-w- i:\windows\system32\drivers\mb​amswissarmy.sys
 2009-12-03 15:13 . 2003-01-03 22:58 19160 ----a-w- i:\windows\system32\drivers\mb​am.sys
 2009-12-01 20:25 . 2008-07-01 22:42 -------- d-----w- i:\program files\Fichiers communs\Real
 2009-11-30 04:47 . 2009-03-18 23:25 -------- d-----w- i:\documents and settings\M\Application Data\Vso
 2009-11-30 03:46 . 2007-10-19 03:18 -------- d-----w- i:\documents and settings\M\Application Data\XnView
 2009-11-29 20:53 . 2003-01-22 21:10 -------- d-----w- i:\documents and settings\M\Application Data\Apple Computer
 2009-11-29 03:25 . 2003-01-08 05:11 -------- d-----w- i:\documents and settings\M\Application Data\Podmailing
 2009-11-29 00:47 . 2009-03-17 23:15 -------- d-----w- i:\program files\Hemera Products
 2009-11-29 00:47 . 2007-03-01 00:59 -------- d-----w- i:\program files\Windows Media Connect 2
 2009-11-26 00:10 . 2009-11-20 03:27 -------- d-----w- i:\documents and settings\M\Application Data\gtk-2.0
 2009-11-23 01:29 . 2007-02-24 21:13 -------- d-----w- i:\program files\Fichiers communs\Adobe
 2009-11-20 03:24 . 2009-11-20 03:23 -------- d-----w- i:\program files\GIMP-2.0
 2009-11-20 03:13 . 2009-11-20 03:05 -------- d-----w- i:\program files\PhotoFiltre
 2009-11-14 13:24 . 2009-11-14 13:24 64072 ----a-w- i:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2010 9.0.0.736\French\setup.exe
 2009-11-12 22:46 . 2009-11-12 22:46 15872 ------w- i:\windows\system32\winskfr.dl​l
 2009-11-09 15:29 . 2009-11-09 15:29 -------- d-----w- i:\program files\TRELLIAN
 2009-11-04 13:56 . 2007-11-26 05:23 -------- d-----w- i:\program files\Java
 2009-11-04 13:53 . 2009-11-04 13:53 152576 ----a-w- i:\documents and settings\M\Application Data\Sun\Java\jre1.6.0_17\lzma​.dll
 2009-10-28 15:50 . 2009-10-28 15:49 -------- d-----w- i:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-​C52491DAA8BD}
 2009-10-28 15:49 . 2009-10-28 15:39 -------- d-----w- i:\documents and settings\All Users\Application Data\Apple Computer
 2009-10-28 15:40 . 2009-10-28 15:39 -------- d-----w- i:\program files\QuickTime
 2009-10-27 15:56 . 2003-04-24 12:00 85974 ----a-w- i:\windows\system32\perfc00C.d​at
 2009-10-27 15:56 . 2003-04-24 12:00 511800 ----a-w- i:\windows\system32\perfh00C.d​at
 2009-10-20 18:34 . 2009-10-20 18:34 219664 ----a-w- i:\windows\system32\klogon.dll
 2009-10-14 19:18 . 2009-10-14 19:18 36880 ----a-w- i:\windows\system32\drivers\kl​bg.sys
 2009-10-11 03:17 . 2003-01-01 18:38 411368 ----a-w- i:\windows\system32\deploytk.d​ll
 2009-10-02 17:39 . 2009-10-02 17:39 19472 ----a-w- i:\windows\system32\drivers\kl​mouflt.sys
 2009-09-29 03:23 . 2009-09-28 08:34 78216 ----a-w- i:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
 2009-09-28 01:56 . 2009-09-28 01:57 401408 ----a-w- i:\windows\system32\CF17842.ex​e
 .

 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B}]
 2009-12-21 14:14 2655736 ----a-w- i:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "ISUSPM Startup"="i:\progra~1\FICHIE~1​\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 196608]
 "ISUSScheduler"="i:\program files\Fichiers communs\InstallShield\UpdateSe​rvice\issch.exe" [2004-04-13 69632]
 "SPAMfighter Agent"="i:\program files\SPAMfighter\SFAgent.exe" [2009-08-27 336520]
 "Share-to-Web Namespace Daemon"="i:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-11 69632]
 "QuickTime Task"="i:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
 "SunJavaUpdateSched"="i:\progr​am files\Java\jre6\bin\jusched.ex​e" [2009-10-11 149280]
 "Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
 "Adobe ARM"="i:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe" [2009-09-04 935288]
 "TkBellExe"="i:\program files\Fichiers communs\Real\Update_OB\realsch​ed.exe" [2009-12-01 198160]
 "MSSE"="i:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="i:\windows\Syste​m32\CTFMON.EXE" [2008-04-14 15360]

 i:\documents and settings\M\Menu D‚marrer\Programmes\D‚marrage\
 PandaUSBVaccine.lnk - i:\program files\Panda USB Vaccine\USBVaccine.exe [2009-12-13 1287176]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\policies\system]
 "ConsentPromptBehaviorAdmin"= 0 (0x0)

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\policies\explorer]
 "HonorAutoRunSetting"= 0 (0x0)
 "NoResolveTrack"= 1 (0x1)

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​policies\explorer]
 "HonorAutoRunSetting"= 0 (0x0)

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\control\session manager]
 BootExecute REG_MULTI_SZ    autocheck autochk *\0aswBoot.exe /M:57b12e00e19

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\MsMpSvc]
 @="Service"

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "i:\\WINDOWS\\system32\\sessmg​r.exe"=
 "i:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueS​oleil.exe"=
 "i:\\Documents and Settings\\M\\Mes documents\\My Completed Downloads\\MOSCHIP-7784-7703\\​MosSir\\Win2k\\monitor.exe"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "%windir%\\system32\\sessmgr.e​xe"=

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "3587:TCP"= 3587:TCP:Groupement homologue Windows
 "3540:UDP"= 3540:UDP:Protocole PNRP (Peer Name Resolution Protocol)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\IcmpSettings]
 "AllowInboundEchoRequest"= 1 (0x1)

 R0 klbg;Kaspersky Lab Boot Guard Driver;i:\windows\system32\dri​vers\klbg.sys [14/10/2009 20:18 36880]
 R2 DbgMsg;Debug Message;i:\windows\system32\dr​ivers\DbgMsg.sys [23/01/2003 02:20 18240]
 R2 SPAMfighter Update Service;SPAMfighter Update Service;i:\program files\SPAMfighter\sfus.exe [27/08/2009 09:24 189064]
 R3 klim5;Kaspersky Anti-Virus NDIS Filter;i:\windows\system32\dri​vers\klim5.sys [14/09/2009 13:42 32272]
 R3 klmouflt;Kaspersky Lab KLMOUFLT;i:\windows\system32\d​rivers\klmouflt.sys [02/10/2009 18:39 19472]
 R3 SiS7012;Service for AC'97 Sample Driver (WDM);i:\windows\system32\driv​ers\sis7012.sys [24/02/2007 22:16 820197]
 S0 Lbd;Lbd;i:\windows\system32\DR​IVERS\Lbd.sys --> i:\windows\system32\DRIVERS\Lb​d.sys [?]
 S3 EverestDriver;Lavalys EVEREST Kernel Driver;i:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [17/08/2005 23:00 7168]
 S3 gupdate;Google Update Service (gupdate);i:\program files\Google\Update\GoogleUpda​te.exe [04/12/2009 04:36 135664]
 S3 Mossir;Mossir;i:\documents and settings\M\Mes documents\My Completed Downloads\MOSCHIP-7784-7703\Mo​sSir\Win2k\MosSir.sys [23/08/2004 11:18 47360]
 S3 s3m;s3m;i:\windows\system32\dr​ivers\s3m.sys [09/07/2009 18:04 166720]
 S3 uir1100a;UIR1100A;i:\windows\s​ystem32\drivers\uir1100a.sys [22/01/2003 21:29 31048]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\svchost]
 p2psvc REG_MULTI_SZ    p2psvc p2pimsvc p2pgasvc PNRPSvc
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://aliceadsl.fr/
 uDefault_search_url = hxxp://www.google.com/ie
 mWindow Title =
 uSearchURL,(Default) = hxxp://www.google.com/search?q​=%s
 FF - ProfilePath - i:\documents and settings\M\Application Data\Mozilla\Firefox\Profiles\​8r5e8dgh.default\
 FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results​.aspx?FORM=IEFM1&q=
 FF - prefs.js: browser.search.selectedEngine - Live Search
 FF - prefs.js: browser.startup.homepage - hxxp://search.speedbit.com/
 FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/sea​rchresults.asp?src=default&q=
 FF - component: i:\program files\Mozilla Firefox\extensions\linkfilter@​kaspersky.ru\components\KavLin​kFilter.dll
 FF - component: i:\program files\Real\RealPlayer\browserr​ecord\firefox\ext\components\n​prpffbrowserrecordext.dll
 FF - plugin: i:\program files\Google\Google Earth\plugin\npgeplugin.dll
 FF - plugin: i:\program files\Google\Google Updater\2.4.1536.6592\npCIDete​ct13.dll
 FF - plugin: i:\program files\Google\Update\1.2.183.13​\npGoogleOneClick8.dll
 FF - plugin: i:\program files\Mozilla Firefox\plugins\np-mswmp.dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - i:\windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\

 ---- PARAMETRES FIREFOX ----
 FF - user.js: browser.cache.memory.capacity - 16000
 FF - user.js: browser.chrome.favicons - false
 FF - user.js: browser.display.show_image_pla​ceholders - true
 FF - user.js: browser.turbo.enabled - true
 FF - user.js: browser.urlbar.autocomplete.en​abled - true
 FF - user.js: browser.urlbar.autofill - true
 FF - user.js: content.max.tokenizing.time - 3000000
 FF - user.js: content.maxtextrun - 4095
 FF - user.js: content.notify.backoffcount - 5
 FF - user.js: content.notify.interval - 1000000
 FF - user.js: content.notify.ontimer - true
 FF - user.js: content.switch.threshold - 1000000
 FF - user.js: dom.disable_window_status_chan​ge - true
 FF - user.js: network.http.max-connections - 48
 FF - user.js: network.http.max-connections-p​er-server - 16
 FF - user.js: network.http.max-persistent-co​nnections-per-proxy - 16
 FF - user.js: network.http.max-persistent-co​nnections-per-server - 8
 FF - user.js: network.http.pipelining - true
 FF - user.js: network.http.pipelining.firstr​equest - true
 FF - user.js: network.http.pipelining.maxreq​uests - 8
 FF - user.js: network.http.proxy.pipelining - true
 FF - user.js: network.http.request.max-start​-delay - 0
 FF - user.js: nglayout.initialpaint.delay - 1000
 FF - user.js: plugin.expose_full_path - true
 FF - user.js: ui.submenuDelay - 0
 FF - user.js: yahoo.homepage.dontask - true.

 ******************************​******************************​**************

 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2009-12-23 14:52
 Windows 5.1.2600 Service Pack 3 NTFS

 Recherche de processus cachés ...

 Recherche d'éléments en démarrage automatique cachés ...

 Recherche de fichiers cachés ...

 Scan terminé avec succès
 Fichiers cachés: 0

 ******************************​******************************​**************

 [HKEY_LOCAL_MACHINE\System\Cont​rolSet004\Services\EverestDriv​er]
 "ImagePath"="\??\i:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
 .
 --------------------- CLES DE REGISTRE BLOQUEES ---------------------

 [HKEY_USERS\S-1-5-20\Software\M​icrosoft\Multimedia\Audio Compression Manager\MSACM]
 @DACL=(02 0000)

 [HKEY_USERS\S-1-5-20\Software\M​icrosoft\Multimedia\Audio Compression Manager\Priority v4.00]
 @DACL=(02 0000)
 .
 Heure de fin: 2009-12-23  14:55:51
 ComboFix-quarantined-files.txt  2009-12-23 13:55
 ComboFix2.txt  2008-07-26 14:05

 Avant-CF: 50 062 237 696 octets libres
 Après-CF: 50 009 481 216 octets libres

 WindowsXP-KB310994-SP2-Home-Bo​otDisk-FRA.exe
 [boot loader]
 timeout=2
 default=multi(0)disk(0)rdisk(0​)partition(1)\WINDOWS
 [operating systems]
 i:\cmdcons\BOOTSECT.DAT="Micro​soft Windows Recovery Console" /cmdcons
 multi(0)disk(0)rdisk(0)partiti​on(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

 - - End Of File - - B0541B17FF4B145F6D90DD5AB1F83B​E6

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 23/12/2009 à 17:13:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Le rapport ne montre rien de particulier.
 Peux-tu retranscrire ici le message apparaissant au démarrage de Windows ?

 Cordialement.

(Publicité)
erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/12/2009 à 21:25:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour

 Le message est dans une fenêtre avec une barre de titre bleue:
 Windows-Restauration de Registre.
 "i dans une bulle bleue"
 Un des fichiers contenant les données du Registre système a dû être restauré au moyen d'un journal ou d'une copie.
 La restauration a réussi.
 OK dans un bouton.
 Quand on clique sur le bouton la fenêtre disparait, sinon elle reste à l'écran sans gêner le fonctionnement.
 Elle est déplaçable.

 Cordialement

erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/12/2009 à 21:26:05  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour

 Le message est dans une fenêtre avec une barre de titre bleue:
 Windows-Restauration de Registre.
 "i dans une bulle bleue"
 Un des fichiers contenant les données du Registre système a dû être restauré au moyen d'un journal ou d'une copie.
 La restauration a réussi.
 OK dans un bouton.
 Quand on clique sur le bouton la fenêtre disparait, sinon elle reste à l'écran sans gêner le fonctionnement.
 Elle est déplaçable.

 Cordialement

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 23/12/2009 à 22:05:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Plusieurs causes possibles peuvent expliquer ce message.
 Voir : Comment résoudre l’erreur Système "1014" ?

 Dans ton cas, une barrette de RAM défectueuse est très probablement en cause ; cela explique les plantages et instabilités système.

 1) Relance OTL

 - Copie-colle l'entièreté de ceci ci dessous dans la partie "Customs Scans/Fixes" :



:Processes
 explorer.exe

 :Services
 Lbd

 :reg
 [HKEY_LOCAL_MACHINE\SYSTEM\Cont​rolSet001\Control\Session Manager]
 "BootExecute"=hex(7):61,00,75,​00,74,00,6f,00,63,00,68,00,65,​00,63,00,6b,00,20,\
 00,61,00,75,00,74,00,6f,00,63,​00,68,00,6b,00,20,00,2a,00,00,​00,00,00
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Session Manager]
 "BootExecute"=hex(7):61,00,75,​00,74,00,6f,00,63,00,68,00,65,​00,63,00,6b,00,20,\
 00,61,00,75,00,74,00,6f,00,63,​00,68,00,6b,00,20,00,2a,00,00,​00,00,00
 [HKEY_LOCAL_MACHINE\SYSTEM\Cont​rolSet002\Control\Session Manager]
 "BootExecute"=hex(7):61,00,75,​00,74,00,6f,00,63,00,68,00,65,​00,63,00,6b,00,20,\
 00,61,00,75,00,74,00,6f,00,63,​00,68,00,6b,00,20,00,2a,00,00,​00,00,00

 :files
 I:\found.000
 i:\program files\a-squared Free
 i:\program files\Ad-Remover
 i:\program files\Lavasoft
 i:\documents and settings\All Users\Application Data\Lavasoft
 i:\windows\system32\perfc00C.d​at
 i:\windows\system32\perfh00C.d​at
 i:\windows\system32\CF17842.ex​e
 i:\windows\system32\DRIVERS\Lb​d.sys


 :Commands
 [start explorer]




 Clique ensuite sur "Run Fix". L'ordinateur peut demander à redémarrer, accepte.
 Une fois l'opération terminée, un fichier texte apparaîtra à l'écran. Copie/colle son contenu ici.


 2) Vérifie tes barrettes de RAM avec Memtest86+. Lire : Tester sa RAM avec Memtest86+

 Si l'utilitaire détecte des erreurs, il s'agit d'un problème purement matériel.


 Cordialement.

(Publicité)
erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/12/2009 à 00:33:36  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir

 L'ordinateur se met toujours à se bloquer avec des accès disque important comme pour un scan.

 Je ferai le test mémoire demain.

 Rapport

 ========== PROCESSES ==========
 Process explorer.exe killed successfully!
 ========== SERVICES/DRIVERS ==========
 Service Lbd stopped successfully!
 Service Lbd deleted successfully!
 ========== REGISTRY ==========
 HKEY_LOCAL_MACHINE\SYSTEM\Cont​rolSet001\Control\Session Manager\\"BootExecute"|hex(7):​61,00,75,00,74,00,6f,00,63,00,​68,00,65,00,63,00,6b,00,20,00,​61,00,75,00,74,00,6f,00,63,00,​68,00,6b,00,20,00,2a,00,00,00,​00,00 /E : value set successfully!
 HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Session Manager\\"BootExecute"|hex(7):​61,00,75,00,74,00,6f,00,63,00,​68,00,65,00,63,00,6b,00,20,00,​61,00,75,00,74,00,6f,00,63,00,​68,00,6b,00,20,00,2a,00,00,00,​00,00 /E : value set successfully!
 HKEY_LOCAL_MACHINE\SYSTEM\Cont​rolSet002\Control\Session Manager\\"BootExecute"|hex(7):​61,00,75,00,74,00,6f,00,63,00,​68,00,65,00,63,00,6b,00,20,00,​61,00,75,00,74,00,6f,00,63,00,​68,00,6b,00,20,00,2a,00,00,00,​00,00 /E : value set successfully!
 ========== FILES ==========
 I:\found.000\dir0000.chk folder moved successfully.
 I:\found.000 folder moved successfully.
 i:\program files\a-squared Free folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\WI​NDOWS\Prefetch folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\WI​NDOWS folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\PR​OGRA~1\EUROBA~1\skin folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\PR​OGRA~1\EUROBA~1 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\PR​OGRA~1 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\Cookies folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\Bureau folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV\3.0.1.13 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV\3.0.0.9 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV\3.0.0.8 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV\3.0.0.7 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV\3.0.0.6 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV\3.0.0.5 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV\3.0.0.4 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV\3.0.0.3 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\itsTV folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software\eoengine folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1\Software folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\SOFTW​A~1 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\eoSta​ts folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\eoDes​ktop folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo\db folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1\EoRezo folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M\APPLIC~1 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1\M folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE\DO​CUME~1 folder moved successfully.
 i:\program files\Ad-Remover\QUARANTINE folder moved successfully.
 i:\program files\Ad-Remover\BACKUP\Regist​ry 10-10-2009\Users\00000002 folder moved successfully.
 i:\program files\Ad-Remover\BACKUP\Regist​ry 10-10-2009\Users\00000001 folder moved successfully.
 i:\program files\Ad-Remover\BACKUP\Regist​ry 10-10-2009\Users folder moved successfully.
 i:\program files\Ad-Remover\BACKUP\Regist​ry 10-10-2009 folder moved successfully.
 i:\program files\Ad-Remover\BACKUP folder moved successfully.
 i:\program files\Ad-Remover folder moved successfully.
 i:\program files\Lavasoft\Ad-Aware SE Personal folder moved successfully.
 i:\program files\Lavasoft folder moved successfully.
 i:\documents and settings\All Users\Application Data\Lavasoft\MiniMessage folder moved successfully.
 i:\documents and settings\All Users\Application Data\Lavasoft\License folder moved successfully.
 i:\documents and settings\All Users\Application Data\Lavasoft folder moved successfully.
 i:\windows\system32\perfc00C.d​at moved successfully.
 i:\windows\system32\perfh00C.d​at moved successfully.
 i:\windows\system32\CF17842.ex​e moved successfully.
 File\Folder i:\windows\system32\DRIVERS\Lb​d.sys not found.
 ========== COMMANDS ==========
 Error: Unable to interpret <[start explorer]cd..> in the current context!
 Error: Unable to interpret <cd> in the current context!
 
 OTL by OldTimer - Version 3.1.19.0 log created on 12232009_232605

 Cordialement

erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/12/2009 à 21:19:01  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir

 J'ai testé la mémoire avec Memtest86+ V4.00 en 2 pass. 58 minutes de test.
 Aucune erreur détectée.

 Une petite fenêtre s'affiche parfois au démarrage:
 Titre: Usbvaccine
 Texte: Cannot createshell notification icon.

 Cordialement

erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/12/2009 à 21:19:36  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir

 J'ai testé la mémoire avec Memtest86+ V4.00 en 2 pass. 58 minutes de test.
 Aucune erreur détectée.

 Une petite fenêtre s'affiche parfois au démarrage:
 Titre: Usbvaccine
 Texte: Cannot createshell notification icon.

 Cordialement

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 27/12/2009 à 21:28:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Ce message est causé par Panda USB Vaccine.
 



O4 - Startup: PandaUSBVaccine.lnk = I:\Program Files\Panda USB Vaccine\USBVaccine.exe



 Sinon, je ne vois aucun élément infectieux dans tes rapports. Il s'agit probablement d'un problème logiciel, aussi je te conseille d'ouvrir un nouveau sujet dans la catégorie Windows & logiciels.


 Désolé de ne pouvoir t'aider davantage.
 Cordialement.

erickpierre
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/12/2009 à 21:31:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir

 Il m'est toujours difficile de poster, mais aussi de plus en plus dfficile d'accéder au forum.
 Résultat, ce double post.

 Cordialement

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 27/12/2009 à 21:34:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Le forum est quasiment inutilisable, c'est la même chose pour tout le monde.

 Cordialement.

 Page :
1

Aller à :
 

Sujets relatifs
Pc très ralenti et démarrage très long. RESOLU. [Résolu] PC très lent
pc très lent à cause de services.exe PC tres lent au demarrage (sur le bureau) =>RESOLU
PClent mais lent ...tiens une tortue a dépassé mon PC....!  
Plus de sujets relatifs à : PClent, parfois très lent

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
saturation de la ram quand la cable ethernet est branché 0
XCuejcf.exe 1
infecté par Win.32.tdss et autres!! 1
Freeze, redirections internet 35
Virus MSN 32