Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business
 

LOGICIELS : boxlee, 1 utilisateur anonyme et 109 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1  2
Dernière Page
Page Suivante
Page Précédente
Première Page
Auteur
 Sujet :

Suspiçion de trojans et fenêtre intempestive[résolu]

Prévenir les modérateurs en cas d'abus 
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 04/01/2011 à 00:05:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Reprise du message précédent :
 Salut DS76


 Double-clique sur SystemLook.exe pour le lancer.

 - Copie le contenu du cadre ci-dessous et colle-le dans la zone texte de SystemLook :
 



 :dir
 C:\Program Files\Yahoo! /s



 - Clique sur le bouton Look pour démarrer l'examen.
 - A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/01/2011 à 11:33:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Voici le rapport demandé, merci :

 SystemLook 04.09.10 by jpshortstuff
 Log created at 10:32 on 04/01/2011 by allain TURPIN
 Administrator - Elevation successful

 ========== dir ==========

 C:\Program Files\Yahoo! - Parameters: "/s"

 ---Files---
 None found.

 C:\Program Files\Yahoo!\Common d------ [15:09 22/03/2006]
 inst-yinstaller.log --a--c- 1035 bytes [08:49 30/03/2008] [16:24 16/05/2008]
 npyaxmpb.dll --a--c- 189496 bytes [23:16 09/03/2007] [23:16 09/03/2007]
 unynss.exe --a--c- 154712 bytes [08:16 10/11/2006] [15:17 27/07/2006]
 YDPCTL.dll --a--c- 437544 bytes [17:42 27/11/2007] [17:42 27/11/2007]
 yinsthelper.dll --a--c- 209448 bytes [02:13 16/03/2007] [02:13 16/03/2007]
 YUnload.dll --a--c- 69144 bytes [21:19 07/03/2007] [21:19 07/03/2007]
 YVerGlance.dll --a--c- 75312 bytes [22:44 12/03/2007] [22:44 12/03/2007]
 yverinfo.dll --a--c- 79128 bytes [15:41 27/08/2007] [15:41 27/08/2007]

 C:\Program Files\Yahoo!\Widgets d------ [08:48 30/03/2008]
 msvcr71.dll --a--c- 348160 bytes [17:22 08/03/2007] [17:22 08/03/2007]

 -= EOF =-

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 04/01/2011 à 20:08:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Pas de chance il n'y a pas de fichier pour la désinstallation, on y va manuellement :

 Double clic sur OTL.exe pour le lancer.
 (Vista/Seven --> Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

 * Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

 



:Files
 C:\Documents and Settings\All Users\Application Data\Yahoo!
 C:\Documents and Settings\allain TURPIN\Application Data\Yahoo!
 C:\Documents and Settings\allain TURPIN\Application Data\Mozilla\Firefox\Profiles\​w76twfd8.default\Yahoo! Inc
 C:\Documents and Settings\allain TURPIN\Application Data\Mozilla\Firefox\Profiles\​w76twfd8.default\extensions\to​olbar_extras@fr.yahoo.com
 C:\Documents and Settings\allain TURPIN\Local Settings\Application Data\Yahoo
 C:\Documents and Settings\allain TURPIN\Local Settings\Application Data\Microsoft\Messenger\alant​2@wanadoo.fr\Sharing Folders\gisou1951@yahoo.fr d------ [23:39 10/02/2008]
 C:\Documents and Settings\allain TURPIN\Local Settings\Application Data\Microsoft\Messenger\alant​2@wanadoo.fr\SharingMetadata\g​isou1951@yahoo.fr d------ [23:39 10/02/2008]
 C:\Program Files\Yahoo!
 C:\Program Files\Yahoo! Games
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\c​om.yahoo.go.sync
 C:\Program Files\Mozilla Firefox\extensions\toolbar_ext​ras@fr.yahoo.com

 :Commands
 [Emptytemp]





 * Clique sur " Correction " pour lancer la suppression.

 * Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

 * Au redémarrage , autorise OTL a s'exécuter.

 * Poste le rapport généré par OTL.


 -----


 - double clique sur le raccourci d'HijackThis sur ton Bureau
 (Pour Vista, clique droit sur le raccourci d'HijackThis sur ton Bureau, puis "Exécuter en tant qu'administrateur".
 - et clique sur Do a system scan and save a logfile pour lancer le scan

 Quand le rapport apparaît dans le bloc note, allez dans Edition, puis Sélectionner Tout, le texte est alors sélectionné, retourne dans Edition toujours en laissant le texte sélectionné, et cliquez sur copier.

 Dans ta prochaine réponse, faire un clic droit et coller, je procéderai a son analyse.
 Ferme le bloc note et la fenêtre de HJT


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/01/2011 à 22:26:58  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
              Bonjour,

voici le rapport demandé,merci:All processes killed
 Error: Unable to interpret <C:\Documents and Settings\All Users\Application Data\Yahoo!> in the current context!
 Error: Unable to interpret <C:\Documents and Settings\allain TURPIN\Application Data\Yahoo!> in the current context!
 Error: Unable to interpret <C:\Documents and Settings\allain TURPIN\Application Data\Mozilla\Firefox\Profiles\​w76twfd8.default\Yahoo! Inc> in the current context!
 Error: Unable to interpret <C:\Documents and Settings\allain TURPIN\Application Data\Mozilla\Firefox\Profiles\​w76twfd8.default\extensions\to​olbar_extras@fr.yahoo.com> in the current context!
 Error: Unable to interpret <C:\Documents and Settings\allain TURPIN\Local Settings\Application Data\Yahoo> in the current context!
 Error: Unable to interpret <C:\Documents and Settings\allain TURPIN\Local Settings\Application Data\Microsoft\Messenger\alant​2@wanadoo.fr\Sharing Folders\gisou1951@yahoo.fr d------ [23:39 10/02/2008]> in the current context!
 Error: Unable to interpret <C:\Documents and Settings\allain TURPIN\Local Settings\Application Data\Microsoft\Messenger\alant​2@wanadoo.fr\SharingMetadata\g​isou1951@yahoo.fr d------ [23:39 10/02/2008]> in the current context!
 Error: Unable to interpret <C:\Program Files\Yahoo!> in the current context!
 Error: Unable to interpret <C:\Program Files\Yahoo! Games> in the current context!
 Error: Unable to interpret <C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app> in the current context!
 Error: Unable to interpret <C:\Program Files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\c​om.yahoo.go.sync> in the current context!
 Error: Unable to interpret <C:\Program Files\Mozilla Firefox\extensions\toolbar_ext​ras@fr.yahoo.com> in the current context!
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: allain TURPIN
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: Documents and Settings
 
 User: LocalService
 
 User: NetworkService
 
 User: Propriétaire
 
 User: report
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\dllcache .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 0 bytes
 RecycleBin emptied: 0 bytes
 
 Total Files Cleaned = 0,00 mb
 
 
 OTL by OldTimer - Version 3.2.20.1 log created on 01042011_211121

 Files\Folders moved on Reboot...

 Registry entries deleted on Reboot...

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/01/2011 à 22:34:06  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voici le resultat demandé,
 Scan saved at 21:30:31, on 04/01/2011
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\TGTSoft\StyleXP\StyleXPS​ervice.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\Explorer.EXE
 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe
 C:\WINDOWS\RTHDCPL.EXE
 C:\Facemoi\facemoi.exe
 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
 C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\one\O​rangeInside.exe
 C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Messenger\msmsgs.exe
 C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 C:\Program Files\Uniblue\PowerSuite\power​suite.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Ares\Ares.exe
 C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
 C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertMod​ule.exe
 C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe
 C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe
 C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivi​tymanager.exe
 C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\Co​reCom.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAge​nt.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\AVG\AVG9\avgwdsvc.exe
 C:\Program Files\AVG\AVG9\avgfws9.exe
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\WINDOWS\system32\drivers\CD​AC11BA.EXE
 C:\WINDOWS\system32\cisvc.exe
 C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\WINDOWS\System32\PAStiSvc.e​xe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\wbem\wmiap​srv.exe
 C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\Or​aConfigRecover.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Uniblue\DriverScanner\dr​iverscanner.exe
 C:\WINDOWS\system32\wuauclt.ex​e
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Mozilla Firefox\plugin-container.exe
 C:\WINDOWS\system32\cidaemon.e​xe
 C:\Program Files\Trend Micro\HijackThis\HiJackThis.ex​e

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - c:\program files\google\googletoolbar1.dl​l
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027​CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60​AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - c:\program files\google\googletoolbar1.dl​l
 O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE​54A95A9} - C:\Program Files\orange\ToolbarFR\Toolbar​Container101000320.dll
 O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe /nogui
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
 O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionM​anager.exe"
 O4 - HKLM\..\Run: [Facemoi] c:\Facemoi\facemoi.exe
 O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.e​xe
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
 O4 - HKCU\..\Run: [orangeinside] C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\one\O​rangeInside.exe
 O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.​exe -Hide
 O4 - HKCU\..\Run: [PowerSuite] "C:\Program Files\Uniblue\PowerSuite\launc​her.exe" delay 20000  -m
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
 O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [Facemoi] C:\Facemoi\facemoi.exe
 O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPho​tos.scr/200
 O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\src\a​ddfavorites_html\addfavorites.​html
 O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\src\s​endsmsselectedtext_html\sendsm​sselectedtext.html
 O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\src\s​endsms_html\sendsms.html
 O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\src\s​endmail_html\sendmail.html
 O8 - Extra context menu item: orange.fr - C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\src\o​range_html\orange.html
 O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\src\s​electedsearch_html\selectedsea​rch.html
 O8 - Extra context menu item: traduire la page - C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\src\t​ranslate_html\translate.html
 O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\allain TURPIN\Application Data\Orange\OrangeInside\src\t​ranslateSelectedText_html\tran​slateSelectedText.html
 O9 - Extra button: (no name) - {8354F0FE-550E-4E14-AFE1-E5CEF​9009311} - C:\Program Files\orange\ToolbarFR\Toolbar​Container101000320.dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B​3CFCFE1} - C:\Program Files\orange\ToolbarFR\Toolbar​Container101000320.dll
 O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.d​ll
 O15 - Trusted Zone: http://logicielsgratuits.orange.fr
 O15 - Trusted Zone: http://download.windowsupdate.com
 O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C​90312E1} - C:\WINDOWS\system32\browseui.d​ll
 O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\WINDOWS\system32\browseui.d​ll
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.e​xe
 O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
 O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
 O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAge​nt.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
 O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CD​AC11BA.EXE
 O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.ex​e
 O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
 O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
 O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1​1\Intel 32\IDriverT.exe
 O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
 O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLn​ch.exe
 O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.ex​e
 O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.e​xe
 O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.e​xe
 O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPS​ervice.exe
 O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.e​xe
 O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
 O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
 O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiap​srv.exe
 O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
 O24 - Desktop Component 0: (no name) - http://www.screenscenes.com/im [...] yOasis.jpg
 O24 - Desktop Component 1: (no name) - http://www.fond-ecran.net/icones/mer10.jpg

 --
 End of file - 13783 bytes





(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 04/01/2011 à 22:54:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 OK cela est bon, j'avais pas remarqué que tu avais deux Antivirus(Avast et AVG)  :pt1cable:

 Deux Antivirus peuvent causer des conflits et plantages, lequel veux-tu garder, es-ce deux versions gratuites?


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/01/2011 à 22:58:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
je prefere conserver avast

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/01/2011 à 23:06:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
réponse demandé,
 je prefere conserver avast version gratuite

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 05/01/2011 à 00:08:16  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 OK, voir a le désinstaller via Ajout/Suppression de programmes, après utilise cet utilitaire de AVG pour vérifier qu'il soit bien désinstaller :
 http://www.avg.com/filedir/uti [...] emover.exe


 -----


 Pour des raisons de sécurité et surtout pour garder ton PC propre, on va désactiver la restauration système sur tous les lecteurs :

 - Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système

 - Coche la case désactiver la restauration et applique

 Redémarre l’ordinateur et réactive la restauration système.

 Tutoriel XP :  http://www.libellules.ch/desac [...] ration.php


 -----


 On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :

 http://pc-system.fr/TC/ToolsCleaner2.exe


 - Double clique sur ToolsCleaner2.exe sur le bureau
 - (Vista/Seven - Clique droit sur ToolsCleaner2.exe sur le bureau, et choisi exécuter en tant qu'administrateur)
 - Clique sur Recherche et laisse le scan agir.
 - Clique sur Suppression pour finaliser.
 - Tu peux, si tu le souhaites, te servir des Options facultatives.
 - Clique sur Quitter pour obtenir le rapport.
 - Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
 - Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.


 -----


 Important de mettre à jour Windows et tes logiciels :
 Mettre Windows(catégories critique, Services Pack et Services Release) à jour : http://www.windowsupdate.com/

 Faire un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités et mettre à jour :
 http://www.malekal.com/scan_vulnerabilite.php

 Faire un ménage des fichiers inutiles et de la base de registre :
 http://www.malekal.com/tutorial_CCleaner.html

 Dis moi quand cela est fais où si tu as des soucis et on voie pour l'autre PC par la suite.


 @++    :)  

 P.S. -Je me répète peut-être, bien lire chaque pages du programme d'installation   ;)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 05/01/2011 à 13:34:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
             bonjour,


 comme demandé je poste le rapport:


 tein & dj QUIOU) ]

 --> Recherche:

 C:\Rsit: trouvé !
 C:\Documents and Settings\allain TURPIN\Application Data\Microsoft\Installer\{45A6​6726-69BC-466B-A7A4-12FCBA4883​D7}\HijackThis.exe: trouvé !
 C:\Documents and Settings\allain TURPIN\Application Data\Registry Mechanic\SystemReport.txt: trouvé !
 C:\Documents and Settings\allain TURPIN\Bureau\HijackThis.lnk: trouvé !
 C:\Documents and Settings\allain TURPIN\Menu Démarrer\Programmes\HijackThis​: trouvé !
 C:\Documents and Settings\allain TURPIN\Menu Démarrer\Programmes\HiJackThis​\HijackThis.lnk: trouvé !
 C:\Documents and Settings\allain TURPIN\Mes documents\Téléchargements\Rsit​.exe: trouvé !
 C:\Program Files\Ad-remover: trouvé !
 C:\Program Files\Ad-Remover\Backup\Ad-R.e​xe: trouvé !
 C:\Program Files\Trend Micro\HijackThis.exe: trouvé !
 C:\Program Files\Trend Micro\hijackthis.log: trouvé !
 C:\Program Files\Trend Micro\HijackThis: trouvé !
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e: trouvé !
 C:\Program Files\Trend Micro\HijackThis\hijackthis.lo​g: trouvé !

 ------------------------------​---
 --> Suppression:

 C:\Documents and Settings\allain TURPIN\Application Data\Microsoft\Installer\{45A6​6726-69BC-466B-A7A4-12FCBA4883​D7}\HijackThis.exe: ERREUR DE SUPPRESSION !!
 C:\Documents and Settings\allain TURPIN\Bureau\HijackThis.lnk: supprimé !
 C:\Documents and Settings\allain TURPIN\Menu Démarrer\Programmes\HiJackThis​\HijackThis.lnk: supprimé !
 C:\Program Files\Ad-Remover\Backup\Ad-R.e​xe: supprimé !
 C:\Program Files\Trend Micro\HijackThis.exe: supprimé !
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e: supprimé !
 C:\Documents and Settings\allain TURPIN\Application Data\Registry Mechanic\SystemReport.txt: supprimé !
 C:\Documents and Settings\allain TURPIN\Mes documents\Téléchargements\Rsit​.exe: supprimé !
 C:\Program Files\Trend Micro\hijackthis.log: supprimé !
 C:\Program Files\Trend Micro\HijackThis\hijackthis.lo​g: supprimé !
 C:\Rsit: supprimé !
 C:\Documents and Settings\allain TURPIN\Menu Démarrer\Programmes\HijackThis​: supprimé !
 C:\Program Files\Ad-remover: supprimé !
 C:\Program Files\Trend Micro\HijackThis: supprimé !

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 05/01/2011 à 15:08:39  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 


bonjour,

j'ai éffectué toutes les recommandations tout c'est très bien déroulé

je tenais a te remercié pour ce travail trés reussi.on se voie plus tard pour l'autre pc

amicalement merci DS76
























(Publicité)
virgin076
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 05/01/2011 à 21:55:17  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Coucou ds76  :hello: ,

 Tu vois maintenant ton pc est clean  :super:

 Je te recontacte en MP,

 A tout à l'heure.

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 05/01/2011 à 22:33:05  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Surement un de tes copains  :D

 Pour le PC de ta douce moitié :
 Télécharge RSIT (de random/random) sur le bureau ici :
 http://images.malwareremoval.com/random/RSIT.exe

 - Double clique sur RSIT.exe qui est sur le bureau
 - Clique sur Continue dans la fenêtre
 - RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
 - Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

 Utilise cjoint.com pour poster en lien tes rapports :
 http://cjoint.com/

 - Clique sur Parcourir pour aller chercher le rapport   C:\rsit\log.txt
 - Clique sur Ouvrir ensuite sur Créer le lien Cjoint

 - Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

 Faire la même chose avec l'autre rapport C:\rsit\info.txt


 @++    :)  

 @ Virgin076  Bon moyen d'attirer l'attention, j'ai répondu a ton poste   :lol:  

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 11/01/2011 à 17:29:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir, voila je suis sur le pc de mon épouse:

 je te joints les deux rapports: merci pour ton aide;DS76info.txt logfile of random's system information tool 1.08 2011-01-11 16:13:43

 ======Uninstall list======

 -->C:\Program Files\Ahead\nero\uninstall\UNN​ERO.exe /UNINSTALL
 -->C:\Program Files\DivX\DivXConverterUninst​all.exe /CONVERTER
 -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
 -->rundll32.exe setupapi.dll,InstallHinfSectio​n DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
 7 Wonders II-->"C:\Program Files\7 Wonders II\Uninstall.exe"
 Acer eDataSecurity Management 2.0.3077-->C:\PROGRA~1\FICHIE~​1\INSTAL~1\Driver\1150\INTEL3~​1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33​753F89908} /l1036
 Acer eDataSecurity Management-->C:\Acer\Empowerin​g Technology\eDataSecurity\eDStb​mngr.exe UNINSTALL 1
 Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-498​7-BD9E-A076E2848EE2}\setup.exe​" -l0x40c  -removeonly
 Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F3​0-8000-9E72BC771887}\setup.exe​" -l0x40c  -removeonly
 Acer WLAN 11g USB Dongle-->C:\PROGRA~1\FICHIE~1\​INSTAL~1\Driver\1050\INTEL3~1\​IDriver.exe /M{0CB98AC0-D691-4B21-AD3D-959​82517021D} /l1036
 Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\​Macromed\Flash\FlashUtil10h_Ac​tiveX.exe -maintain activex
 Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\M​acromed\Flash\FlashUtil10l_Plu​gin.exe -maintain plugin
 Adobe Reader 9.4.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A94​000000001}
 Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Ad​obe\Shockwave 11\uninstaller.exe"
 Adobe® Photoshop® Album Starter Edition 3.0.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9618743-1A5C-461​E-91C4-E013A3D70F3C}\Setup.exe​" -l0x9
 Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3​D1F10D79B}
 Apple Software Update-->MsiExec.exe /I{A260B422-70E1-41E2-957D-F76​FA21266D5}
 Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
 Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23F​ED836E9F2}
 Asterix & Obelix XXL-->C:\PROGRA~1\FICHIE~1\INS​TAL~1\Driver\7\INTEL3~1\IDrive​r.exe /M{D562E689-0ECD-4239-B1A0-323​252893405} /l1036
 avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface​.dll" RunSetup
 Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B43​0DB4EFE45}
 Bejeweled 3 Deluxe-->"C:\Program Files\Zylom Games\Bejeweled 3 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
 Big Fish Games: Game Manager-->C:\Program Files\bfgclient\Uninstall.exe
 Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5C​BC7385E7C}
 Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B​5B1DF0E}
 Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D​4B5B1DF0E}
 commercial-->MsiExec.exe /I{38C65D12-79E3-49C0-B211-DE3​BE0A7AB39}
 Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7up​dates\KB947864-IE7\spuninst\sp​uninst.exe"
 Correctif pour Windows XP (KB2443685)-->"C:\WINDOWS\$NtU​ninstallKB2443685$\spuninst\sp​uninst.exe"
 Dark Tales: Le Chat Noir par Edgar Allan Poe Edition Collector-->"C:\Program Files\Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector\Uninstall.exe"
 Dark Tales: ™ Le Chat Noir Edgar Allan Poe-->"C:\Program Files\Dark Tales - Le Chat Noir Edgar Allan Poe\Uninstall.exe"
 DDD Pool-->"C:\Program Files\DDD Pool\unins000.exe"
 Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBF​CAE852976}
 Disk Investigator 1.4-->C:\Program Files\Disk Investigator\uninst.exe
 Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD9​24EB67A70}
 DivX Converter-->C:\Program Files\DivX\DivXConverterUninst​all.exe /CONVERTER
 DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall​.exe /PLAYER
 DivX Pro Trial-->C:\Program Files\DivX\DivXCodecUninstall.​exe /CODEC
 DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninst​all.exe /PLUGIN
 ebgcInfra-->MsiExec.exe /X{39B1BD87-561E-4762-AED9-7C5​213B06C24}
 ebgcRes-->MsiExec.exe /X{18709D89-3957-46BD-BAEB-7E1​632428C8F}
 ebgcSDK-->MsiExec.exe /X{13AD768A-9E04-499D-AE80-967​A65DCCBA5}
 Echoes of the Past: Le Château des Ombres-->"C:\Program Files\Echoes of the Past - Le Chateau des Ombres\Uninstall.exe"
 eMule-->"C:\Program Files\eMule\Uninstall.exe"
 Escape from Frankenstein's Castle-->"C:\Program Files\Escape from Frankensteins Castle\Uninstall.exe"
 Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C​52BA20C2D}
 Favorit-->"c:\documents and settings\annie turpin\local settings\application data\eeowg.exe" -uninstall
 Galerie de photos Windows Live-->MsiExec.exe /X{1EE04769-91C4-4A06-92B7-FCA​FE6BABDD9}
 GamesBar 2.0.1.12-->C:\Program Files\GamesBar\uninst.exe
 GdPicture ToolKit Pro Edition-->"C:\Program Files\GdPicture ToolKit Pro Edition\unins000.exe"
 Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA​4F0EA21E3}
 Gutterball-->C:\PROGRA~1\GAMEH​O~1\GUTTER~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\GUTTER~1\​INSTALL.LOG
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A​786E658} /qb+ REBOOTPROMPT=""
 HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr​01.exe -datfile hpqhsc01.dat
 HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
 HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC0​26019C900}
 HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\​hpzscr01.exe -datfile hpqbud01.dat
 HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{3A316611-45D1-429C-AA​26-B71259C44689}\setup\hpzscr0​1.exe -datfile hposcr11.dat
 HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98​C9-DF7A270DECB3}\setup\hpzscr0​1.exe" -datfile hposcr06.dat
 HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351​009325D7D}
 HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
 Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
 Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-786​31D9AD8B8}
 J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0150100}
 J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0150060}
 Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F8​3216020FF}
 Jeux - 3961-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{CE2BDCB9-6FD3-41E​C-B3B7-99CEB6E44AAA}\SETUP.EXE​" -l0x40c
 Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE​906D59619}
 La Crapette-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{DA678E43-A888-496​4-A23B-C9F11FEC15FF}\SETUP.EXE​" -l0x40c
 Le Retour de Monte Cristo-->"C:\Program Files\Le Retour de Monte Cristo\Uninstall.exe"
 Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
 Les Tr&eacute;sors de l'Ile Myst&eacute;rieuse-->"C:\Progr​am Files\Les Tresors de l'Ile Mysterieuse\Uninstall.exe"
 Lost Realms: L'Héritage de la Princesse du Soleil-->"C:\Program Files\Lost Realms - L'Heritage de la Princesse du Soleil\Uninstall.exe"
 Lost Secrets: Bermuda Triangle-->"C:\Program Files\Lost Secrets - Bermuda Triangle\Uninstall.exe"
 Luxor 3-->"C:\Program Files\Luxor 3\ReflexiveArcade\unins000.exe​"
 Luxor Deluxe-->"C:\Program Files\Zylom Games\Luxor Deluxe\GameInstlr.exe" --uninstall UnInstall.log
 Luxor Great Adventures Deluxe-->"C:\Program Files\Zylom Games\Luxor Great Adventures Deluxe\GameInstlr.exe" --uninstall UnInstall.log
 Luxor-->C:\PROGRA~1\GAMEHO~1\L​uxor\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Luxor\INS​TALL.LOG
 Mahjongg Artifacts Chapter 2-->"C:\Program Files\Mahjongg Artifacts Chapter 2\ReflexiveArcade\unins000.exe​"
 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
 MediaBar-->C:\Program Files\iMesh Applications\MediaBar\uninstal​l.exe
 Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86F​FD98EC929}
 Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B​559F4E700}
 Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Micr​osoft.NET\Framework\v1.1.4322\​Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Fram​ework\v1.1.4322\Updates\M24164​47\M2416447Uninstall.msp"
 Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Micro​soft.NET\Framework\v1.1.4322\U​pdates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Fram​ework\v1.1.4322\Updates\M97990​6\M979906Uninstall.msp"
 Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52E​AE172A1}
 Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F5​2EAE172A1}
 Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1​D67F2073F}
 Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8D​CCDE8F8C7}
 Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET​\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
 Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4​DCF5C5BD9}
 Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C​8A0C4D570}
 Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallM​SCompPackV1$\spuninst\spuninst​.exe"
 Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallIDNMitigationAPIs$​\spuninst\spuninst.exe"
 Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallNLSDownlevelMappin​g$\spuninst\spuninst.exe"
 Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE6​74F72F24E}
 Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5​A4BB71E00}
 Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3​DD01FD0B8}
 Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA​42211AAA5}
 Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCD​DF05208AB}
 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C8​3EC895118}
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-181​8da5d550d}
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725​134ADF989}
 Mise à jour de sécurité pour le Codeur Windows Media (KB2447961)-->"C:\WINDOWS\$NtU​ninstallKB2447961_WM9L$\spunin​st\spuninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7u​pdates\KB2183461-IE7\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7u​pdates\KB2360131-IE7\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7u​pdates\KB2416400-IE7\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7up​dates\KB928090-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7up​dates\KB929969\spuninst\spunin​st.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7up​dates\KB931768-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7up​dates\KB933566-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7up​dates\KB937143-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7up​dates\KB938127-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7up​dates\KB939653-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7up​dates\KB942615-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7up​dates\KB944533-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7up​dates\KB950759-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7up​dates\KB953838-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7up​dates\KB956390-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7up​dates\KB958215-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7up​dates\KB960714-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7up​dates\KB961260-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7up​dates\KB963027-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7up​dates\KB969897-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7up​dates\KB982381-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB2296199)-->"C:\WINDOWS\$NtU​ninstallKB2296199$\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB2423089)-->"C:\WINDOWS\$NtU​ninstallKB2423089$\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB2436673)-->"C:\WINDOWS\$NtU​ninstallKB2436673$\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB2440591)-->"C:\WINDOWS\$NtU​ninstallKB2440591$\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB2443105)-->"C:\WINDOWS\$NtU​ninstallKB2443105$\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system​32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\F​lash\KB913433.inf
 Mise à jour pour Windows XP (KB2467659)-->"C:\WINDOWS\$NtU​ninstallKB2467659$\spuninst\sp​uninst.exe"
 Monopoly Here And Now-->"C:\Program Files\Zylom Games\Monopoly Here And Now\GameInstlr.exe" --uninstall UnInstall.log
 Monopoly-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{D7E7EC5E-4349-4E4​0-B37C-4342188B86EC}\Setup.exe​" -l0x40c
 Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
 MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5​E3257BD94}
 MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-696​9D703A9EF}
 MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5​DCDC52A71}
 MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C1​1F044BDEC}
 Mystery Case Files: Ravenhearst ™-->"C:\Program Files\Mystery Case Files - Ravenhearst\Uninstall.exe"
 Mystery Legends: Sleepy Hollow-->"C:\Program Files\Mystery Legends - Sleepy Hollow\Uninstall.exe"
 Mystery Legends: The Phantom of the Opera Edition Collector-->"C:\Program Files\Mystery Legends - The Phantom of the Opera Edition Collector\Uninstall.exe"
 Mysteryville 2-->"C:\Program Files\Mysteryville 2\Uninstall.exe"
 Mysteryville Deluxe-->"C:\Program Files\Zylom Games\Mysteryville Deluxe\GameInstlr.exe" --uninstall UnInstall.log
 Mystic Diary: L'Île Hantée-->"C:\Program Files\Mystic Diary - LIle Hantee\Uninstall.exe"
 Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.​exe /uninstall ExtraUninstallID=""
 NVIDIA Drivers-->C:\WINDOWS\system32\​nvudisp.exe UninstallGUI
 OCA Client history tool install-->"C:\WINDOWS\$Uninsta​llOCA-X86Fre-ENU$\spuninst\spu​ninst.exe"
 OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{F242B06B-517F-4D62-B654-16B​11564A912}
 Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
 Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A0​93F35A238}
 Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B​44739871F4D539FA473F57A832EA4B​6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\a​mdk8_C7A451815AD6A55564D6F47B5​A12C61D8B4DCFD1\amdk8.inf
 Package de pilotes Windows - AMD System  (04/06/2006 1.0.1.0)-->C:\PROGRA~1\DIFX\7B​44739871F4D539FA473F57A832EA4B​6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\a​mdaway_6BBB63755B7B133065E435E​51557E416289081C4\amdaway.inf
 Photocite Collection 4-->"C:\Program Files\Photocite Collection 4\Photocite Collection 4\uninstall.exe"
 PhotoImpression-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{EA57EFB9-A257-4DD​0-BC6D-0FA5625F3421}\Setup.exe​" -l0x40c
 Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall​.exe"
 PIF DESIGNER-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46F​D-B1F1-0C86DA40E443}\SETUP.EXE​" -l0x40c anything
 PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D​4-9EA1-0050BAE317E1}\setup.exe​"  -uninstall
 Puzzle Mania-->"C:\Program Files\Puzzle Mania\ReflexiveArcade\unins000​.exe"
 QuickTime-->MsiExec.exe /I{5E863175-E85D-44A6-8968-825​07D34AE7F}
 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4ED​E-8A7C-958108FE7DBC}\SETUP.exe​" -l0x40c  -removeonly
 Ricochet Infinity-->"C:\Program Files\Ricochet Infinity\ReflexiveArcade\unins​000.exe"
 Royal Trouble Deluxe-->"C:\Program Files\Zylom Games\Royal Trouble Deluxe\GameInstlr.exe" --uninstall UnInstall.log
 SA31xx Device Manager & Media Converter-->C:\Program Files\InstallShield Installation Information\{E572B060-C98B-498​4-A48E-E4FA56265903}\setup.exe -runfromtemp -l0x040c -removeonly
 Sally's Salon Deluxe-->"C:\Program Files\Zylom Games\Sally's Salon Deluxe\GameInstlr.exe" --uninstall UnInstall.log
 Sandlot Games Client Services 1.2.2-->"C:\Program Files\Fichiers communs\Sandlot Shared\unins000.exe"
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\syste​m32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0C​CE56A5B} /qb+ REBOOTPROMPT=""
 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F​8D1E69FB7}
 Skymist: Les Pierres Mystiques-->"C:\Program Files\Skymist - Les Pierres Mystiques\Uninstall.exe"
 Software Informer 1.0 BETA-->"C:\Program Files\Software Informer\unins000.exe"
 Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A​9815CC011}
 Super Collapse! Puzzle Gallery 4-->"C:\Program Files\Zylom Games\Super Collapse! Puzzle Gallery 4\GameInstlr.exe" --uninstall UnInstall.log
 Super Mahjong-->"C:\Program Files\Super Mahjong\unins000.exe"
 Super Patiences et Réussites 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{9CD87918-F6A8-440​F-BE54-E725040B15E3}\SETUP.EXE​" -l0x40c
 SweetIM for Messenger 2.5-->MsiExec.exe /X{CFA9C824-A778-47EB-90CD-BB4​DB82CF348}
 SweetIM Toolbar for Internet Explorer 3.2-->MsiExec.exe /X{83FA27D5-25B5-4D24-B796-DF7​42F08A5CF}
 The Sultan's Labyrinth: Le Sacrifice de Bahar-->"C:\Program Files\The Sultan's Labyrinth - Le Sacrifice de Bahar\Uninstall.exe"
 Tornado: Le Secret de la Grotte Magique-->"C:\Program Files\Tornado - Le Secret de la Grotte Magique\Uninstall.exe"
 Tropix-->C:\PROGRA~1\GAMEHO~1\​Tropix\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Tropix\IN​STALL.LOG
 Twisted Lands: L'Île Fantôme-->"C:\Program Files\Twisted Lands - Lile Fantome\Uninstall.exe"
 Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275​C4F3607} /qb+ REBOOTPROMPT=""
 UpdateStar-->MsiExec.exe /X{A693D0D0-0EF2-4D90-96AA-11C​C1A4793ED}
 Versal FileDownload ActiveX Control Trial Version-->C:\Program Files\Universal\UFileDownloadD​\USetup.exe
 Victorian Mysteries: La Femme en Blanc-->"C:\Program Files\Victorian Mysteries - La Femme en Blanc\Uninstall.exe"
 Web Media Player 0.62e-->"C:\Program Files\Web Media Player\unins000.exe"
 Webcam 5500-->C:\Program Files\InstallShield Installation Information\{96163790-42E6-4A4​C-9EA6-9D28531EB887}\setup.exe -runfromtemp -l0x040c -removeonly
 Windows Imaging Component-->"C:\WINDOWS\$NtUni​nstallWIC$\spuninst\spuninst.e​xe"
 Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\s​puninst.exe"
 Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28​082CEB504}
 Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9​FB04514D1}
 Windows Live Contrôle parental-->MsiExec.exe /X{9FF9FDF7-F84A-4F99-B4BB-066​B6F95F33D}
 Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B31​7A344BD66}
 Windows Live FolderShare-->MsiExec.exe /X{76810709-A7D3-468D-9167-A17​80C1E766C}
 Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E90​5E91AC818}
 Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11​355CA657B}
 Windows Live Toolbar-->MsiExec.exe /X{9D6524E6-15CF-4852-BF70-04F​E973A3DE1}
 Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8​168661FEA}
 Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
 Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUnins​tallWMFDist11$\spuninst\spunin​st.exe"
 Windows Media Player 11-->"C:\WINDOWS\$NtUninstallw​mp11$\spuninst\spuninst.exe"
 Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867​DC9D0A2A4}
 Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePack​Uninstall$\spuninst\spuninst.e​xe"
 Zuma Deluxe-->"C:\Program Files\Zylom Games\Zuma Deluxe\GameInstlr.exe" --uninstall UnInstall.log

 ======Hosts File======

 127.0.0.1 localhost

 ======Security center information======

 AV: avast! Antivirus

 ======System event log======

 Computer Name: ACER-7989E0343A
 Event Code: 7035
 Message: Un contrôle Démarrer a correctement été envoyé au service avast! Mail Scanner.

 Record Number: 132469
 Source Name: Service Control Manager
 Time Written: 20110104183516.000000+060
 Event Type: Informations
 User: AUTORITE NT\SYSTEM

 Computer Name: ACER-7989E0343A
 Event Code: 7035
 Message: Un contrôle Arrêter a correctement été envoyé au service Fax.

 Record Number: 132468
 Source Name: Service Control Manager
 Time Written: 20110104183505.000000+060
 Event Type: Informations
 User: AUTORITE NT\SYSTEM

 Computer Name: ACER-7989E0343A
 Event Code: 121
 Message: Port A is up with 100 Mbps

 Record Number: 132467
 Source Name: yukonwxp
 Time Written: 20110104183417.000000+060
 Event Type: Informations
 User:

 Computer Name: ACER-7989E0343A
 Event Code: 6005
 Message: Le service d'Enregistrement d'événement a démarré.

 Record Number: 132466
 Source Name: EventLog
 Time Written: 20110104183357.000000+060
 Event Type: Informations
 User:

 Computer Name: ACER-7989E0343A
 Event Code: 6009
 Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

 Record Number: 132465
 Source Name: EventLog
 Time Written: 20110104183357.000000+060
 Event Type: Informations
 User:

 =====Application event log=====

 Computer Name: ACER-7989E0343A
 Event Code: 0
 Message:
 Record Number: 34799
 Source Name: gusvc
 Time Written: 20100928113900.000000+120
 Event Type: Informations
 User:

 Computer Name: ACER-7989E0343A
 Event Code: 0
 Message: La commande du service a été traitée avec succès.

 Record Number: 34798
 Source Name: AcerMemUsageCheckService
 Time Written: 20100928095202.000000+120
 Event Type: Informations
 User:

 Computer Name: ACER-7989E0343A
 Event Code: 0
 Message: La commande du service a été traitée avec succès.

 Record Number: 34797
 Source Name: AcerMemUsageCheckService
 Time Written: 20100928095202.000000+120
 Event Type: Informations
 User:

 Computer Name: ACER-7989E0343A
 Event Code: 0
 Message:
 Record Number: 34796
 Source Name: gusvc
 Time Written: 20100928095121.000000+120
 Event Type: Informations
 User:

 Computer Name: ACER-7989E0343A
 Event Code: 1001
 Message: Échec de détection du produit '{172975EB-9465-4861-95B5-C7BB​6D3DE62A}', fonctionnalité 'DocViewerExe' lors de la demande du composant '{ECD95215-CDCE-4AAB-AFC2-717E​CCB8DA52}'

 Record Number: 34795
 Source Name: MsiInstaller
 Time Written: 20100928095107.000000+120
 Event Type: Avertissement
 User: ACER-7989E0343A\annie turpin

 ======Environment variables======

 "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_10\lib\ext​\QTJava.zip
 "ComSpec"=%SystemRoot%\system3​2\cmd.exe
 "FP_NO_HOST_CHECK"=NO
 "NUMBER_OF_PROCESSORS"=1
 "OS"=Windows_NT
 "Path"=%SystemRoot%\system32;%​SystemRoot%;%SystemRoot%\Syste​m32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\P​rogram Files\Samsung\Samsung PC Studio 3\
 "PATHEXT"=.COM;.EXE;.BAT;.CMD;​.VBS;.VBE;.JS;.JSE;.WSF;.WSH
 "PROCESSOR_ARCHITECTURE"=x86
 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
 "PROCESSOR_LEVEL"=15
 "PROCESSOR_REVISION"=4f02
 "QTJAVA"=C:\Program Files\Java\jre1.5.0_10\lib\ext​\QTJava.zip
 "TEMP"=%SystemRoot%\TEMP
 "TMP"=%SystemRoot%\TEMP
 "windir"=%SystemRoot%

 -----------------EOF----------​-------

(Publicité)
ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 11/01/2011 à 17:33:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ci joint le deuxieme rapport                  
 Logfile of random's system information tool 1.08 (written by random/random)
 Run by annie turpin at 2011-01-11 16:13:10
 Microsoft Windows XP Professionnel Service Pack 3
 System drive C: has 15 GB (21%) free of 73 GB
 Total RAM: 767 MB (30% free)

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 16:13:37, on 11/01/2011
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v7.00 (7.00.6000.17093)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 C:\WINDOWS\eHome\ehRecvr.exe
 C:\WINDOWS\eHome\ehSched.exe
 c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\dllhost.ex​e
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\vsnp2uvc.exe
 C:\Program Files\SweetIM\Messenger\SweetI​M.exe
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe
 C:\Program Files\QuickTime\qttask.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\PROGRA~1\IMESHA~1\MediaBar\​Datamngr\DATAMN~1.EXE
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\Messenger\msmsgs.exe
 C:\Documents and Settings\annie turpin\Application Data\UpdateStar\UpdateStar.exe
 C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Launcher.exe
 C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\WINDOWS\system32\wbem\wmiap​srv.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Mozilla Firefox\plugin-container.exe
 C:\Documents and Settings\annie turpin\Mes documents\Téléchargements\RSIT​.exe
 C:\Program Files\trend micro\annie turpin.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.msn.com/
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://search.imesh.com/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.qaadi.com/
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 R3 - URLSearchHook: (no name) - 95B187DB-43C8-4AC7-AF7F-C93B79​D21F1A} - (no file)
 R3 - URLSearchHook: (no name) - EEE6C35D-6118-11DC-9C72-001320​C79847} - (no file)
 R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgHelper.dll
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E​497C8C0} - (no file)
 O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA​51E2871} - (no file)
 O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7​341384E} - C:\PROGRA~1\IMESHA~1\MediaBar\​Datamngr\IEBHO.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5​AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\​ToolBar\iMeshMediaBarDx.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.6.5612.1312\swg.dll
 O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E​24B23A5} - C:\Program Files\GamesBar\oberontb.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\WINDOWS\system32\eDStoolbar​.dll
 O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll
 O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449​A05863D} - (no file)
 O3 - Toolbar: (no name) - {4322A444-92F8-4C3E-BD4C-013BA​51E2871} - (no file)
 O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - (no file)
 O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5​AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\​ToolBar\iMeshMediaBarDx.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIV​ERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
 O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
 O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetI​M.exe
 O4 - HKLM\..\Run: [InternetDownload_upgrade] "C:\Program Files\VersalSoft\InternetDownl​oad\InternetDownload.exe" /upgrade
 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe /nogui
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\​Datamngr\DATAMN~1.EXE
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe"
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
 O4 - HKCU\..\Run: [UpdateStar] C:\Documents and Settings\annie turpin\Application Data\UpdateStar\UpdateStar.exe -A
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Global Startup: Acer Empowering Technology.lnk = ?
 O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
 O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPho​tos.scr/200
 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
 O8 - Extra context menu item: Download by VersalSoft Internet Download - C:\Program Files\VersalSoft\InternetDownl​oad\adddownload.htm
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_89D8574934B26A​C4.dll/cmsidewiki.html
 O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A​7003239} - C:\WINDOWS\system32\shdocvw.dl​l
 O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A​7003239} - C:\WINDOWS\system32\shdocvw.dl​l
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.d​ll
 O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\​Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\​Datamngr\IEBHO.dll
 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C​90312E1} - C:\WINDOWS\system32\browseui.d​ll
 O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\WINDOWS\system32\browseui.d​ll
 O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
 O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.ex​e
 O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe
 O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe
 O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
 O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.ex​e
 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.ex​e
 O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.e​xe
 O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.e​xe
 O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
 O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiap​srv.exe
 O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

 --
 End of file - 13446 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\avast! Antivirus.job
 C:\WINDOWS\tasks\Google Software Updater.job
 C:\WINDOWS\tasks\Schedule Task Weekly.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
 Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll [2010-09-22 75200]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{4322A444-92F8-4C3E-BD4C-013BA51E2871}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
 UrlHelper Class - C:\PROGRA~1\IMESHA~1\MediaBar\​Datamngr\IEBHO.dll [2010-10-13 585096]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
 Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]
 MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\​ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
 Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNoti​fier\5.6.5612.1312\swg.dll [2010-09-29 842296]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}]
 GamesBarBHO Class - C:\Program Files\GamesBar\oberontb.dll [2008-01-06 540672]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
 Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
 JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll [2010-11-24 79648]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
 SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll [2008-07-06 1164600]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar​.dll [2006-03-08 106496]
 {EEE6C35B-6118-11DC-9C72-00132​0C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll [2008-07-06 1164600]
 {6F282B65-56BF-4BD1-A8B2-A4449​A05863D}
 {4322A444-92F8-4C3E-BD4C-013BA​51E2871}
 {CCC7A320-B3CA-4199-B1A6-9F516​DD69829}
 {ABB49B3B-AB7D-4ED0-9135-93FD5​AA4F69F} - MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\​ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472]
 {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "NvCplDaemon"=C:\WINDOWS\syste​m32\NvCpl.dll [2006-07-11 7626752]
 "EPSON Stylus DX3800 Series"=C:\WINDOWS\System32\sp​ool\DRIVERS\W32X86\3\E_FATIACE​.EXE /P26 EPSON Stylus DX3800 Series /O6 USB001 /M Stylus DX3800 []
 "snp2uvc"=C:\WINDOWS\vsnp2uvc.​exe [2007-03-13 569344]
 "SweetIM"=C:\Program Files\SweetIM\Messenger\SweetI​M.exe [2008-07-06 111928]
 "InternetDownload_upgrade"=C:\​Program Files\VersalSoft\InternetDownl​oad\InternetDownload.exe [2008-11-24 361472]
 "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
 "NeroFilterCheck"=C:\WINDOWS\s​ystem32\NeroCheck.exe [2001-07-09 155648]
 "avast5"=C:\PROGRA~1\ALWILS~1\​Avast5\avastUI.exe [2010-09-07 2838912]
 "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-02-16 282624]
 "SunJavaUpdateSched"=C:\Progra​m Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552]
 "DATAMNGR"=C:\PROGRA~1\IMESHA~​1\MediaBar\Datamngr\DATAMN~1.E​XE [2010-10-13 985008]
 "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
 "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe [2010-09-20 932288]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "CTFMON.EXE"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]
 "swg"=C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe [2007-04-04 68856]
 "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
 "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
 "UpdateStar"=C:\Documents and Settings\annie turpin\Application Data\UpdateStar\UpdateStar.exe [2010-09-01 4739312]

 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
 Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Launcher.exe
 Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
 Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
 Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
 HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Windows]
 "AppInit_DLLs"="C:\PROGRA~1\IM​ESHA~1\MediaBar\Datamngr\datam​ngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\​Datamngr\IEBHO.dll"

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
 C:\WINDOWS\system32\WgaLogon.d​ll [2007-03-15 236928]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad]
 WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D52​4869DB5} - C:\WINDOWS\system32\WPDShServi​ceObj.dll [2006-10-18 133632]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Lsa]
 "authentication packages"=msv1_0
 nwprovau

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1
 "InstallVisualStyle"=C:\WINDOW​S\Resources\Themes\Royale\Roya​le.msstyles
 "InstallTheme"=C:\WINDOWS\Reso​urces\Themes\Royale.theme

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveTypeAutoRun"=255

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "HonorAutoRunSetting"=1
 "NoDriveTypeAutoRun"=255

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\Messenger\msmsgs.exe"="C​:\Program Files\Messenger\msmsgs.exe:*:E​nabled:Windows Messenger"
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "C:\WINDOWS\system32\rundll32.​exe"="C:\WINDOWS\system32\rund​ll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
 "C:\Program Files\eMule\emule.exe"="C:\Pro​gram Files\eMule\emule.exe:*:Enable​d:eMule"
 "C:\Program Files\VideoLAN\VLC\vlc.exe"="C​:\Program Files\VideoLAN\VLC\vlc.exe:*:E​nabled:VLC media player"
 "C:\StubInstaller.exe"="C:\Stu​bInstaller.exe:*:Enabled:LimeW​ire swarmed installer"
 "C:\Program Files\LimeWire\LimeWire.exe"="​C:\Program Files\LimeWire\LimeWire.exe:*:​Enabled:LimeWire"
 "C:\Program Files\IncrediMail\bin\IMApp.ex​e"="C:\Program Files\IncrediMail\bin\IMApp.ex​e:*:Enabled:IncrediMail"
 "C:\Program Files\IncrediMail\bin\IncMail.​exe"="C:\Program Files\IncrediMail\bin\IncMail.​exe:*:Enabled:IncrediMail"
 "C:\Program Files\IncrediMail\bin\ImpCnt.e​xe"="C:\Program Files\IncrediMail\bin\ImpCnt.e​xe:*:Enabled:IncrediMail"
 "C:\Program Files\Magentic\bin\MgImp.exe"=​"C:\Program Files\Magentic\bin\MgImp.exe:*​:Enabled:Magentic"
 "C:\Program Files\Magentic\bin\Magentic.ex​e"="C:\Program Files\Magentic\bin\Magentic.ex​e:*:Enabled:Magentic"
 "C:\Program Files\Magentic\bin\MgApp.exe"=​"C:\Program Files\Magentic\bin\MgApp.exe:*​:Enabled:Magentic"
 "C:\Program Files\RayV\RayV\RayV.exe"="C:\​Program Files\RayV\RayV\RayV.exe:*:Ena​bled:RayV"
 "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Progr​am Files\Mozilla Firefox\firefox.exe:*:Enabled:​Firefox"
 "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersk​y Anti-Virus"
 "C:\WINDOWS\pchealth\helpctr\b​inaries\HelpCtr.exe"="C:\WINDO​WS\pchealth\helpctr\binaries\H​elpCtr.exe:*:Enabled:Assistanc​e à distance - Windows Messenger et voix"
 "C:\DOCUME~1\ANNIET~1\LOCALS~1​\Temp\services.exe"="C:\DOCUME​~1\ANNIET~1\LOCALS~1\Temp\serv​ices.exe:*:Enabled:Flash Media"
 "C:\Documents and Settings\annie turpin\Bureau\WLM Lite 8.5 Finale FR [www.msncreative.net].exe"​="C:\Documents and Settings\annie turpin\Bureau\WLM Lite 8.5 Finale FR [www.msncreative.net].exe:*:Ena​bled:Windows Live Messenger Lite"
 "C:\WINDOWS\system32\dpvsetup.​exe"="C:\WINDOWS\system32\dpvs​etup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
 "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:Gam​eSpy Arcade"
 "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"=​"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*​:Enabled:Veoh Client"
 "C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe:*:Enabled:Veoh Web Player "
 "E:\setup\HPZNET01.EXE"="E:\se​tup\HPZNET01.EXE:*:Enabled:hpz​net01.exe"
 "E:\setup\HPONICIFS01.EXE"="E:​\setup\HPONICIFS01.EXE:*:Enabl​ed:hponicifs01.exe"
 "C:\Program Files\Opera\opera.exe"="C:\Pro​gram Files\Opera\opera.exe:*:Enable​d:Opera Internet Browser"
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Ena​bled:hpofxm08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Ena​bled:hposfx08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Ena​bled:hpqscnvw.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enab​led:hpqcopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Ena​bled:hpfccopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Ena​bled:hpzwiz01.exe"
 "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="​C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:​Enabled:hpqphunl.exe"
 "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:​\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:En​abled:hpqdia.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Ena​bled:hpqnrs08.exe"
 "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"=​"C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*​:Enabled:iMesh"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"=​"C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*​:Enabled:iMesh"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"

 ======List of files/folders created in the last 1 months======

 2011-01-11 16:13:11 ----D---- C:\Program Files\trend micro
 2011-01-11 16:13:10 ----DC---- C:\rsit
 2011-01-11 12:49:37 ----A---- C:\WINDOWS\system32\javaws.exe
 2011-01-11 12:49:37 ----A---- C:\WINDOWS\system32\javaw.exe
 2011-01-11 12:49:37 ----A---- C:\WINDOWS\system32\java.exe
 2011-01-04 22:15:36 ----D---- C:\Documents and Settings\annie turpin\Application Data\SevenSails
 2011-01-02 18:01:19 ----D---- C:\Documents and Settings\annie turpin\Application Data\quickclick
 2010-12-29 16:31:45 ----D---- C:\Program Files\PokerStars.FR
 2010-12-20 18:17:08 ----D---- C:\Documents and Settings\annie turpin\Application Data\Mutant Arcade
 2010-12-20 17:39:21 ----D---- C:\Documents and Settings\annie turpin\Application Data\SunRay Games
 2010-12-18 16:21:42 ----D---- C:\Documents and Settings\annie turpin\Application Data\Ten Heavens
 2010-12-18 16:15:17 ----D---- C:\Documents and Settings\annie turpin\Application Data\PlayPond
 2010-12-18 15:39:08 ----D---- C:\Documents and Settings\annie turpin\Application Data\Freeze Tag
 2010-12-18 14:38:07 ----D---- C:\Documents and Settings\annie turpin\Application Data\Boolat Games
 2010-12-18 12:12:30 ----D---- C:\Program Files\The Sultan's Labyrinth - Le Sacrifice de Bahar
 2010-12-18 11:52:53 ----D---- C:\Program Files\Victorian Mysteries - La Femme en Blanc
 2010-12-18 11:37:40 ----D---- C:\Program Files\Skymist - Les Pierres Mystiques
 2010-12-18 11:36:47 ----D---- C:\Program Files\Tornado - Le Secret de la Grotte Magique
 2010-12-18 11:34:33 ----D---- C:\Program Files\Twisted Lands - Lile Fantome
 2010-12-18 11:24:52 ----D---- C:\Program Files\Mystic Diary - LIle Hantee
 2010-12-18 11:23:24 ----D---- C:\Program Files\Mystery Legends - The Phantom of the Opera Edition Collector
 2010-12-18 11:20:37 ----D---- C:\Program Files\Le Retour de Monte Cristo
 2010-12-18 11:20:02 ----D---- C:\Program Files\Escape from Frankensteins Castle
 2010-12-18 11:15:22 ----D---- C:\Program Files\Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector
 2010-12-18 11:13:53 ----D---- C:\Program Files\Dark Tales - Le Chat Noir Edgar Allan Poe
 2010-12-18 11:11:04 ----D---- C:\Program Files\Echoes of the Past - Le Chateau des Ombres
 2010-12-15 23:25:16 ----HDC---- C:\WINDOWS\$NtUninstallKB22961​99$
 2010-12-15 23:25:09 ----HDC---- C:\WINDOWS\$NtUninstallKB24431​05$
 2010-12-15 23:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB24405​91$
 2010-12-15 23:24:57 ----HDC---- C:\WINDOWS\$NtUninstallKB24436​85$
 2010-12-15 23:24:52 ----HDC---- C:\WINDOWS\$NtUninstallKB24366​73$
 2010-12-15 23:24:46 ----HDC---- C:\WINDOWS\$NtUninstallKB24676​59$
 2010-12-15 23:24:13 ----HDC---- C:\WINDOWS\$NtUninstallKB24479​61_WM9L$
 2010-12-15 23:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB24230​89$

 ======List of files/folders modified in the last 1 months======

 2011-01-11 16:13:11 ----RD---- C:\Program Files
 2011-01-11 16:12:59 ----D---- C:\WINDOWS\Prefetch
 2011-01-11 15:13:05 ----D---- C:\WINDOWS\temp
 2011-01-11 14:08:10 ----SD---- C:\WINDOWS\Tasks
 2011-01-11 12:49:49 ----SHD---- C:\WINDOWS\Installer
 2011-01-11 12:49:49 ----HD---- C:\Config.Msi
 2011-01-11 12:49:37 ----AD---- C:\WINDOWS\system32
 2011-01-11 12:49:34 ----D---- C:\Program Files\Java
 2011-01-11 11:09:15 ----AD---- C:\WINDOWS
 2011-01-11 11:08:16 ----D---- C:\WINDOWS\system32\ias
 2011-01-11 11:08:11 ----A---- C:\WINDOWS\ModemLog_Câble de communication entre deux ordinateurs.txt
 2011-01-11 11:08:11 ----A---- C:\WINDOWS\ModemLog_Câble de communication entre deux ordinateurs #2.txt
 2011-01-11 11:08:08 ----D---- C:\WINDOWS\Registration
 2011-01-10 23:08:55 ----A---- C:\WINDOWS\SchedLgU.Txt
 2011-01-10 20:20:13 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
 2011-01-09 23:36:38 ----D---- C:\WINDOWS\system32\CatRoot2
 2011-01-09 19:56:03 ----D---- C:\Program Files\Google
 2011-01-09 19:25:19 ----RSD---- C:\WINDOWS\assembly
 2011-01-08 23:01:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
 2011-01-08 14:47:35 ----D---- C:\Documents and Settings\annie turpin\Application Data\Identities
 2011-01-08 14:47:33 ----D---- C:\Documents and Settings\annie turpin\Application Data\Zylom
 2011-01-08 14:44:46 ----D---- C:\Program Files\Zylom Games
 2011-01-06 22:40:01 ----D---- C:\Program Files\Microsoft Silverlight
 2011-01-06 22:39:45 ----D---- C:\WINDOWS\ime
 2011-01-06 22:39:45 ----AD---- C:\WINDOWS\system32\drivers
 2011-01-06 00:38:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
 2011-01-06 00:38:34 ----HD---- C:\WINDOWS\inf
 2011-01-06 00:38:34 ----D---- C:\WINDOWS\system32\fr-fr
 2011-01-06 00:38:32 ----D---- C:\WINDOWS\system32\CatRoot
 2011-01-04 22:32:27 ----D---- C:\Documents and Settings\annie turpin\Application Data\Orneon
 2011-01-04 21:57:24 ----D---- C:\Documents and Settings\annie turpin\Application Data\PlayFirst
 2011-01-04 18:33:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
 2010-12-30 23:12:23 ----D---- C:\Program Files\Mystery Case Files - Ravenhearst
 2010-12-22 22:09:04 ----AC---- C:\WINDOWS\GECKOS.INI
 2010-12-22 19:30:59 ----D---- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
 2010-12-20 17:58:09 ----D---- C:\Documents and Settings\annie turpin\Application Data\Lazy Turtle Games
 2010-12-19 18:09:36 ----D---- C:\Documents and Settings\annie turpin\Application Data\ERS Game Studios
 2010-12-17 21:32:02 ----D---- C:\Documents and Settings\annie turpin\Application Data\UpdateStar
 2010-12-15 23:25:12 ----A---- C:\WINDOWS\imsins.BAK
 2010-12-15 23:25:02 ----HD---- C:\WINDOWS\$hf_mig$
 2010-12-15 23:24:35 ----D---- C:\Program Files\Internet Explorer
 2010-12-15 23:24:25 ----D---- C:\WINDOWS\ie7updates
 2010-12-15 23:18:56 ----A---- C:\WINDOWS\system32\MRT.exe
 2010-12-15 23:18:44 ----D---- C:\Program Files\Outlook Express
 2010-12-13 10:08:43 ----D---- C:\WINDOWS\Microsoft.NET
 2010-12-13 09:54:37 ----D---- C:\Program Files\Windows Live
 2010-12-13 09:53:04 ----D---- C:\WINDOWS\system32\DirectX

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nv​atabus.sys [2006-06-28 105088]
 R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\drivers\nv​raid.sys [2006-06-28 89344]
 R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\oh​ci1394.sys [2008-04-13 61696]
 R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\Px​Help20.sys [2007-11-14 43840]
 R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aa​vmker4.sys [2010-09-07 28880]
 R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AF​S2K.sys [2009-11-05 82380]
 R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\Am​dK8.sys [2006-06-18 43520]
 R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\as​wSP.sys [2010-09-07 165584]
 R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\as​wTdi.sys [2010-09-07 46672]
 R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
 R1 prodrv04;Star Force copy protection driver v4; C:\WINDOWS\System32\drivers\pr​odrv04.sys [2008-06-09 114496]
 R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\St​arOpen.sys [2006-07-24 5632]
 R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\as​wFsBlk.sys [2010-09-07 17744]
 R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\as​wMon2.sys [2010-09-07 100176]
 R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fs​sfltr_tdi.sys [2009-08-05 54752]
 R2 hwpsgt;hwpsgt; C:\WINDOWS\system32\DRIVERS\hw​psgt.sys [2007-04-28 137344]
 R2 lemsgt;lemsgt; C:\WINDOWS\system32\DRIVERS\le​msgt.sys [2007-04-28 9472]
 R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nw​lnkipx.sys [2008-04-13 88320]
 R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nw​lnknb.sys [2004-08-10 63232]
 R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nw​lnkspx.sys [2004-08-10 55936]
 R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Af​c.sys [2005-02-23 11776]
 R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\ar​p1394.sys [2008-04-13 60800]
 R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\as​wRdr.sys [2010-09-07 23376]
 R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HD​AudBus.sys [2008-04-13 144384]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\Rt​kHDAud.sys [2006-06-05 4284928]
 R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\ni​c1394.sys [2008-04-13 61824]
 R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NT​IDrvr.sys [2006-08-11 6144]
 R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv​4_mini.sys [2006-07-11 3934592]
 R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nw​rdr.sys [2008-04-13 163584]
 R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\Ro​otMdm.sys [2004-08-10 5888]
 R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\sn​p2uvc.sys [2007-07-05 9607552]
 R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\us​baudio.sys [2008-04-13 60032]
 R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-13 26368]
 R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk​51x86.sys [2006-06-29 244864]
 R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZD​PSp50.sys [2004-10-25 17664]
 S3 ARCSOFTVIRTUALCAPTURE;Magic-i Virtual Driver; C:\WINDOWS\system32\DRIVERS\Ar​cSoftVirtualCapture.sys [2006-12-07 15104]
 S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HP​Zid412.sys [2005-03-08 51120]
 S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HP​Zipr12.sys [2005-03-08 16496]
 S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HP​Zius12.sys [2005-03-08 21744]
 S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
 S3 ipgd;IC Plus IP1000 Family Gigabit Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\ip​gdnd51.sys [2005-11-04 33408]
 S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mh​ndrv.sys [2004-08-10 11008]
 S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2004-08-10 12288]
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Driver​s\psdfilter.sys []
 S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Driver​s\psdvdisk.sys []
 S3 SaiH5F0D;SaiH5F0D; C:\WINDOWS\system32\DRIVERS\Sa​iH5F0D.sys [2005-11-14 176640]
 S3 SaiU5F0D;SaiU5F0D; C:\WINDOWS\system32\DRIVERS\Sa​iU5F0D.sys [2005-11-14 27264]
 S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bprint.sys [2008-04-13 25856]
 S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\us​bscan.sys [2008-04-13 15104]
 S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\us​bvideo.sys [2008-04-13 121984]
 S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wp​dusb.sys [2006-10-18 38528]
 S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]
 S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd​1211Bu.sys [2005-10-28 402432]
 S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd​1211u.sys [2005-10-04 280064]
 S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZT​Eusbmdm6k.sys []
 S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZT​Eusbnmea.sys []
 S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZT​Eusbser6k.sys []

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 AcerMemUsageCheckService;Memor​y Check Service; C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe [2006-05-11 28672]
 R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
 R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
 R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
 R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
 R2 LightScribeService;LightScribe​Service Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
 R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
 R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.ex​e [2006-07-11 155715]
 R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
 R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
 R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
 S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
 S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe [2009-03-24 183280]
 S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.e​xe [2007-08-09 73728]
 S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\aspnet_state.e​xe [2008-07-25 34312]
 S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2010-08-29 69120]
 S3 clr_optimization_v2.0.50727_32​;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
 S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\WPF\PresentationFont​Cache.exe [2008-07-29 46104]
 S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe [2005-11-14 69632]
 S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
 S3 MHN;MHN; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
 S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 -----------------EOF----------​-------

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 12/01/2011 à 01:22:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Même problème que toi...

 AD-Remover --> l'option Nettoyer
 MalwareByte's --> Sélectionne Exécuter un examen complet

 Après refais un scan avec RSIT et poste le rapport log.txt seulement à la fin de l’analyse

 Le rapport est dans le dossier ici C:\rsit

 P.S. Voir a la première page pour les tuto...


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 12/01/2011 à 12:58:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour,

 comme demandé je joint les rapports:

 OTL Extras logfile created on: 12/01/2011 11:33:21 - Run 1
 OTL by OldTimer - Version 3.2.20.1     Folder = C:\Documents and Settings\annie turpin\Mes documents\Téléchargements
 Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 7.0.5730.13)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 767,00 Mb Total Physical Memory | 321,00 Mb Available Physical Memory | 42,00% Memory free
 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
 Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 71,36 Gb Total Space | 14,77 Gb Free Space | 20,70% Space Free | Partition Type: NTFS
 Drive D: | 71,82 Gb Total Space | 25,96 Gb Free Space | 36,14% Space Free | Partition Type: FAT32
 
 Computer Name: ACER-7989E0343A | User Name: annie turpin | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 
 [HKEY_CURRENT_USER\SOFTWARE\Cla​sses\<extension>]
 .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 exefile [open] -- "%1" %*
 htmlfile [edit] -- Reg Error: Key error.
 http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [Photocite Collection 4][/photo] -- "C:\Program Files\Photocite Collection 4\Photocite Collection 4\Photocite Collection 4.exe" "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "FirstRunDisabled" = 1
 "UpdatesDisableNotify" = 0
 "AntiVirusOverride" = 1
 "FirewallOverride" = 0
 "AntiVirusDisableNotify" = 0
 "FirewallDisableNotify" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\AhnlabAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\KasperskyAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SophosAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TinyFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ZoneLabsFirewall]
 
 ========== System Restore Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\SystemRestore]
 "DisableSR" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\Sr]
 "Start" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SrServi​ce]
 "Start" = 2
 
 ========== Firewall Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll\StandardProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\GloballyOpenPo​rts\List]
 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dl​l,-22004
 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dl​l,-22005
 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dl​l,-22001
 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dl​l,-22002
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "EnableFirewall" = 1
 "DoNotAllowExceptions" = 0
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\GloballyOpen​Ports\List]
 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@​xpsp2res.dll,-22008
 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@​xpsp2res.dll,-22007
 "6246:TCP" = 6246:TCP:*:Enabled:shareaza
 "6346:UDP" = 6346:UDP:*:Enabled:shaeraza
 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@x​psp2res.dll,-22004
 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@x​psp2res.dll,-22005
 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@x​psp2res.dll,-22001
 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@x​psp2res.dll,-22002
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\AuthorizedAppl​ications\List]
 "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*​:Enabled:iMesh -- File not found
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enable​d:eMule -- (http://www.emule-project.net)
 "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:E​nabled:VLC media player -- File not found
 "C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled​:LimeWire swarmed installer -- File not found
 "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:​Enabled:LimeWire -- File not found
 "C:\Program Files\IncrediMail\bin\IMApp.ex​e" = C:\Program Files\IncrediMail\bin\IMApp.ex​e:*:Enabled:IncrediMail -- File not found
 "C:\Program Files\IncrediMail\bin\IncMail.​exe" = C:\Program Files\IncrediMail\bin\IncMail.​exe:*:Enabled:IncrediMail -- File not found
 "C:\Program Files\IncrediMail\bin\ImpCnt.e​xe" = C:\Program Files\IncrediMail\bin\ImpCnt.e​xe:*:Enabled:IncrediMail -- File not found
 "C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*​:Enabled:Magentic -- File not found
 "C:\Program Files\Magentic\bin\Magentic.ex​e" = C:\Program Files\Magentic\bin\Magentic.ex​e:*:Enabled:Magentic -- File not found
 "C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*​:Enabled:Magentic -- File not found
 "C:\Program Files\RayV\RayV\RayV.exe" = C:\Program Files\RayV\RayV\RayV.exe:*:Ena​bled:RayV -- File not found
 "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:​Firefox -- (Mozilla Corporation)
 "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersk​y Anti-Virus -- File not found
 "C:\DOCUME~1\ANNIET~1\LOCALS~1​\Temp\services.exe" = C:\DOCUME~1\ANNIET~1\LOCALS~1\​Temp\services.exe:*:Enabled:Fl​ash Media -- File not found
 "C:\Documents and Settings\annie turpin\Bureau\WLM Lite 8.5 Finale FR [www.msncreative.net].exe" = C:\Documents and Settings\annie turpin\Bureau\WLM Lite 8.5 Finale FR [www.msncreative.net].exe:*:Ena​bled:Windows Live Messenger Lite -- File not found
 "C:\WINDOWS\system32\dpvsetup.​exe" = C:\WINDOWS\system32\dpvsetup.e​xe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
 "C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:Gam​eSpy Arcade -- File not found
 "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*​:Enabled:Veoh Client -- File not found
 "C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe:*:Enabled:Veoh Web Player  -- File not found
 "E:\setup\HPZNET01.EXE" = E:\setup\HPZNET01.EXE:*:Enable​d:hpznet01.exe -- File not found
 "E:\setup\HPONICIFS01.EXE" = E:\setup\HPONICIFS01.EXE:*:Ena​bled:hponicifs01.exe -- File not found
 "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enable​d:Opera Internet Browser -- File not found
 "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Ena​bled:hpofxm08.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Ena​bled:hposfx08.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enab​led:hpqcopy.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Ena​bled:hpfccopy.exe -- (Hewlett-Packard)
 "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Ena​bled:hpzwiz01.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:​Enabled:hpqphunl.exe -- ()
 "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:En​abled:hpqdia.exe -- ( )
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*​:Enabled:iMesh -- File not found
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
 
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 "{03B1B42B-F6DE-41d9-8CFF-DC44​E895C7A7}" = PhotoGallery
 "{0611BD4E-4FE4-4a62-B0C0-18A4​CC463428}" = CP_Package_Variety1
 "{09984AEC-6B9F-4ca7-B78D-CB44​D4771DA3}" = Destinations
 "{0CA6047C-D28B-4295-834A-07C5​2BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
 "{0CB98AC0-D691-4B21-AD3D-9598​2517021D}" = Acer WLAN 11g USB Dongle
 "{0CC70FEF-5068-4CD5-B4DE-86FF​D98EC929}" = Menus intelligents (Windows Live Toolbar)
 "{133742BA-6F46-4D3E-85AF-7863​1D9AD8B8}" = Installation Windows Live
 "{13AD768A-9E04-499D-AE80-967A​65DCCBA5}" = ebgcSDK
 "{15EE79F4-4ED1-4267-9B0F-3510​09325D7D}" = HP Software Update
 "{18709D89-3957-46BD-BAEB-7E16​32428C8F}" = ebgcRes
 "{18D10072035C4515918F7E37EAFA​ACFC}" = AutoUpdate
 "{1C139D7D-9FEA-468d-A9C8-2A6E​3BDE564A}" = CP_Package_Variety3
 "{1D14373E-7970-4F2F-A467-ACA4​F0EA21E3}" = Google Earth
 "{1EE04769-91C4-4A06-92B7-FCAF​E6BABDD9}" = Galerie de photos Windows Live
 "{1F1C2DFC-2D24-3E06-BCB8-7251​34ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 "{205C6BDD-7B73-42DE-8505-9A09​3F35A238}" = Outil de téléchargement Windows Live
 "{21DB3D90-D816-4092-A260-CA3F​6B55A6DD}" = Sonic_PrimoSDK
 "{22B14058-107F-4EFB-A0E4-C25C​73AE0D73}" = SA31xx Device Manager & Media Converter
 "{22B775E7-6C42-4FC5-8E10-9A5E​3257BD94}" = MSVCRT
 "{23A7B376-BBEC-4e76-BBD7-0F15​5E70D74B}" = CP_Panorama1Config
 "{26A24AE4-039D-4CA4-87B4-2F83​216020FF}" = Java(TM) 6 Update 23
 "{2CADCEAB-D5DA-44D6-B5FC-7DEE​87AB3C0C}" = Unload
 "{30C19FF2-7FBA-4d09-B9DE-1659​977F64F6}" = TrayApp
 "{3175E049-F9A9-4A3D-8F19-AC9F​B04514D1}" = Windows Live Communications Platform
 "{3248F0A8-6813-11D6-A77B-00B0​D0150060}" = J2SE Runtime Environment 5.0 Update 6
 "{3248F0A8-6813-11D6-A77B-00B0​D0150100}" = J2SE Runtime Environment 5.0 Update 10
 "{32BDCCB8-9DC8-496d-9DB1-F775​10775BDB}" = InstantShareDevices
 "{350C940c-3D7C-4EE8-BAA9-00BC​B3D54227}" = WebFldrs XP
 "{36E47DA1-10E1-45d9-8B19-14D1​9607CDCF}" = CP_CalendarTemplates1
 "{38C65D12-79E3-49C0-B211-DE3B​E0A7AB39}" = commercial
 "{39B1BD87-561E-4762-AED9-7C52​13B06C24}" = ebgcInfra
 "{3A316611-45D1-429C-AA26-B712​59C44689}" = HP Photosmart, Officejet and Deskjet 7.0.A
 "{3E386744-10FA-44b2-98C9-DF7A​270DECB3}" = HP PSC & OfficeJet 5.3.A
 "{445B183D-F4F1-45C8-B9DB-F113​55CA657B}" = Windows Live Messenger
 "{4634B21A-CC07-4396-890C-2B81​68661FEA}" = Windows Live Writer
 "{4A03706F-666A-4037-7777-5F27​48764D10}" = Java Auto Updater
 "{4AD13F68-CADA-4C6B-9759-C337​53F89908}" = Acer eDataSecurity Management
 "{4BDFD2CE-6329-42E4-9801-9B3D​1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
 "{4CD67A02-DF59-43f7-8E8F-86DC​F40543EF}" = 2570_Help
 "{50E7BB78-02B4-469a-9D8B-B2F4​2835F90E}" = ProductContextNPI
 "{53EE9E42-CECB-4C92-BF76-9CA6​5DAF8F1C}" = FullDPAppQFolder
 "{567C23E1-7580-4185-B8C2-3080​5677297C}" = NewCopy_CDA
 "{56EE8B17-8274-418d-89AC-C057​C5DB251E}" = RandMap
 "{56F8AFC3-FA98-4ff1-9673-8A02​6CBF85BE}" = WebReg
 "{5A01C58E-B0EC-49b9-AD71-7C04​68688087}" = CP_Package_Basic1
 "{5B622B7A-60FB-4630-B11D-F121​D20BCCD6}" = MarketResearch
 "{5DD76286-9BE7-4894-A990-E905​E91AC818}" = Windows Live Mail
 "{5E863175-E85D-44A6-8968-8250​7D34AE7F}" = QuickTime
 "{5F26311C-B135-4F7F-B11E-8E65​0F83651E}" = DeviceFunctionQFolder
 "{66BA8C26-AFE4-4408-807B-43E7​6B57EF53}" = SkinsHP1
 "{66E6CE0C-5A1E-430C-B40A-0C90​FF1804A8}" = eSupportQFolder
 "{6811CAA0-BF12-11D4-9EA1-0050​BAE317E1}" = PowerDVD
 "{69FDFBB6-351D-4B8C-89D8-867D​C9D0A2A4}" = Windows Media Player Firefox Plugin
 "{6BB6627C-694F-4FDC-A3E5-C7F4​BED4C724}" = DocProc
 "{6E15BEDF-7EB5-4010-998E-B430​DB4EFE45}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
 "{6F5E2F4A-377D-4700-B0E3-8F7F​7507EA15}" = CustomerResearchQFolder
 "{7057702F-6D71-4F30-8000-9E72​BC771887}" = Acer ePerformance Management
 "{7299052b-02a4-4627-81f2-1818​da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{76810709-A7D3-468D-9167-A178​0C1E766C}" = Windows Live FolderShare
 "{770657D0-A123-3C07-8E44-1C83​EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 "{786C4AD1-DCBA-49A6-B0EF-B317​A344BD66}" = Windows Live Favorites pour Windows Live Toolbar
 "{7B63B2922B174135AFC0E1377DD8​1EC2}" = DivX Pro Trial
 "{7E27304E-BAA2-4d90-A34E-7664​1FAFABB4}" = CP_AtenaShokunin1Config
 "{7F34A21F-2DEB-4598-BB19-611D​6BD24271}" = Managed DirectX (0900)
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{8A74E887-8F0F-4017-AF53-CBA4​2211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
 "{8ADFC4160D694100B5B8A22DE9DC​ABD9}" = DivX Player
 "{8E5233E1-7495-44FB-8DEB-4BE9​06D59619}" = Junk Mail filter update
 "{923A7F5A-1E8C-4FBE-8DF6-8594​0A60A79F}" = Readme
 "{95120000-00B9-0409-0000-0000​000FF1CE}" = Microsoft Application Error Reporting
 "{96163790-42E6-4A4C-9EA6-9D28​531EB887}" = Webcam 5500
 "{9941F0AA-B903-4AF4-A055-83A9​815CC011}" = Sonic Encoders
 "{9A394342-4A68-4EBA-85A6-55B5​59F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
 "{9C9CEB9D-53FD-49A7-85D2-FE67​4F72F24E}" = Microsoft Search Enhancement Pack
 "{9CD87918-F6A8-440F-BE54-E725​040B15E3}" = Super Patiences et Réussites 3
 "{9D6524E6-15CF-4852-BF70-04FE​973A3DE1}" = Windows Live Toolbar
 "{9FF9FDF7-F84A-4F99-B4BB-066B​6F95F33D}" = Windows Live Contrôle parental
 "{A195B13E-A5E3-4BAF-A995-7F70​F445CD06}" = ScannerCopy
 "{A1F66FC9-11EE-4F2F-98C9-16F8​D1E69FB7}" = Segoe UI
 "{A260B422-70E1-41E2-957D-F76F​A21266D5}" = Apple Software Update
 "{A3051CD0-2F64-3813-A88D-B8DC​CDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
 "{A425C250-A0E1-4D78-B1C1-A5CB​C7385E7C}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)
 "{A5BB5365-EFB4-44c3-A7E2-EB59​B7EFD23D}" = CueTour
 "{A693D0D0-0EF2-4D90-96AA-11CC​1A4793ED}" = UpdateStar
 "{A8D91906-4032-4443-8C49-69F9​0E38F39D}" = 2570
 "{AB5D51AE-EBC3-438D-872C-705C​7C2084B0}" = DeviceManagementQFolder
 "{AB6097D9-D722-4987-BD9E-A076​E2848EE2}" = Acer Empowering Technology
 "{AC76BA86-7AD7-1036-7B44-A940​00000001}" = Adobe Reader 9.4.1 - Français
 "{B13A7C41581B411290FBC0395694​E2A9}" = DivX Converter
 "{B376402D-58EA-45EA-BD50-DD92​4EB67A70}" = Disque de souvenirs HP
 "{B3B487E7-6171-4376-9074-B280​82CEB504}" = Windows Live Call
 "{B4D279F1-4309-49cc-A4B5-3A0D​2E59C7B5}" = PanoStandAlone
 "{B60E7826-F117-4d26-8165-D2DC​5A494AB0}" = Fax_CDA
 "{B64E3AFC-59EF-4f18-BF11-E751​462450D3}" = AiOSoftwareNPI
 "{B7050CBDB2504B34BC2A9CA0A692​CC29}" = DivX Web Player
 "{B824B5C9-849F-4b9e-9EA7-6FD8​CD8116DA}" = CP_Package_Variety2
 "{B90450DF-E781-46FD-B1F1-0C86​DA40E443}" = PIF DESIGNER
 "{BD64AF4A-8C80-4152-AD77-FCDD​F05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
 "{C09FB3CD-3D0C-3F2D-899A-6A1D​67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
 "{C514C594-23AA-4F13-A070-DB8B​DB27594F}" = Windows Live Mail
 "{C8753E28-2680-49BF-BD48-DD38​FD086EFE}" = AiO_Scan_CDA
 "{C9618743-1A5C-461E-91C4-E013​A3D70F3C}" = Adobe® Photoshop® Album Starter Edition 3.0.1
 "{CB2F7EDD-9D1F-43C1-90FC-4F52​EAE172A1}" = Microsoft .NET Framework 1.1
 "{CE2BDCB9-6FD3-41EC-B3B7-99CE​B6E44AAA}" = Jeux - 3961
 "{CE2CDD62-0124-36CA-84D3-9F4D​CF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{D3116CC7-24DC-4CA3-9CE1-23FE​D836E9F2}" = Assistant de connexion Windows Live
 "{D562E689-0ECD-4239-B1A0-3232​52893405}" = Asterix & Obelix XXL
 "{D755C7A3-C03E-4460-8C00-AC6E​55505FB5}" = LightScribe  1.4.74.1
 "{D7E7EC5E-4349-4E40-B37C-4342​188B86EC}" = Monopoly
 "{DA678E43-A888-4964-A23B-C9F1​1FEC15FF}" = La Crapette
 "{E38C00D0-A68B-4318-A8A6-F7D4​B5B1DF0E}" = Codeur Windows Media Série 9
 "{E3F90083-80D4-4b5a-87C7-E97E​12F5516D}" = HPProductAssistant
 "{E572B060-C98B-4984-A48E-E4FA​56265903}" = SA31xx Device Manager & Media Converter
 "{EA103B64-C0E4-4C0E-A506-7515​90E1653D}" = SolutionCenter
 "{EA57EFB9-A257-4DD0-BC6D-0FA5​625F3421}" = PhotoImpression
 "{EE55FD52-0D47-4c5a-96EC-48F7​0FF30520}" = 2570Trb
 "{EFFCB0F1-CFEC-48D4-B793-EBFC​AE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
 "{F0B430D1-B6AA-473D-9B06-AA3D​D01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
 "{F0E12BBA-AD66-4022-A453-A1C8​A0C4D570}" = Microsoft Choice Guard
 "{F132AF7F-7BCA-4EDE-8A7C-9581​08FE7DBC}" = Realtek High Definition Audio Driver
 "{F242B06B-517F-4D62-B654-16B1​1564A912}" = OneCare Advisor (Windows Live Toolbar)
 "{F3760724-B29D-465B-BC53-E5D7​2095BCC4}" = Scan
 "{F4C2E5F5-2970-45f4-ABD3-C180​C4D961C4}" = Status
 "{FE64AE29-0883-4C70-8388-DC02​6019C900}" = HP Image Zone Express
 "3BEF1AFDE8303306594E2ADA27520​E6E700820AE" = Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
 "Adobe Acrobat 5.0" = Adobe Acrobat 5.0
 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
 "Ad-Remover" = Ad-Remover By C_XX
 "avast5" = avast! Free Antivirus
 "Bejeweled 3 Deluxe" = Bejeweled 3 Deluxe
 "BFG-7 Wonders II" = 7 Wonders II
 "BFGC" = Big Fish Games: Game Manager
 "BFG-Dark Tales - Le Chat Noir Edgar Allan Poe" = Dark Tales: ™ Le Chat Noir Edgar Allan Poe
 "BFG-Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector" = Dark Tales: Le Chat Noir par Edgar Allan Poe Edition Collector
 "BFG-Echoes of the Past - Le Chateau des Ombres" = Echoes of the Past: Le Château des Ombres
 "BFG-Escape from Frankensteins Castle" = Escape from Frankenstein's Castle
 "BFG-Le Retour de Monte Cristo" = Le Retour de Monte Cristo
 "BFG-Les Tresors de l'Ile Mysterieuse" = Les Tr&eacute;sors de l'Ile Myst&eacute;rieuse
 "BFG-Lost Realms - L'Heritage de la Princesse du Soleil" = Lost Realms: L'Héritage de la Princesse du Soleil
 "BFG-Lost Secrets - Bermuda Triangle" = Lost Secrets: Bermuda Triangle
 "BFG-Mystery Case Files - Ravenhearst" = Mystery Case Files: Ravenhearst ™
 "BFG-Mystery Legends - Sleepy Hollow" = Mystery Legends: Sleepy Hollow
 "BFG-Mystery Legends - The Phantom of the Opera Edition Collector" = Mystery Legends: The Phantom of the Opera Edition Collector
 "BFG-Mysteryville 2" = Mysteryville 2
 "BFG-Mystic Diary - LIle Hantee" = Mystic Diary: L'Île Hantée
 "BFG-Skymist - Les Pierres Mystiques" = Skymist: Les Pierres Mystiques
 "BFG-The Sultan's Labyrinth - Le Sacrifice de Bahar" = The Sultan's Labyrinth: Le Sacrifice de Bahar
 "BFG-Tornado - Le Secret de la Grotte Magique" = Tornado: Le Secret de la Grotte Magique
 "BFG-Twisted Lands - Lile Fantome" = Twisted Lands: L'Île Fantôme
 "BFG-Victorian Mysteries - La Femme en Blanc" = Victorian Mysteries: La Femme en Blanc
 "DDD Pool_is1" = DDD Pool
 "Disk Investigator" = Disk Investigator 1.4
 "eMule" = eMule
 "F3B506E1FDAEA4DC6669B53B2D3F0​B68FBA20C2D" = Package de pilotes Windows - AMD System  (04/06/2006 1.0.1.0)
 "GdPicture ToolKit Pro Edition_is1" = GdPicture ToolKit Pro Edition
 "Google Updater" = Outil de mise à jour Google
 "Gutterball" = Gutterball
 "HP Imaging Device Functions" = HP Imaging Device Functions 5.3
 "HP Photo & Imaging" = HP Image Zone 5.3
 "HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
 "HPExtendedCapabilities" = HP Extended Capabilities 5.3
 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
 "ie7" = Windows Internet Explorer 7
 "InstallShield_{0CB98AC0-D691-​4B21-AD3D-95982517021D}" = Acer WLAN 11g USB Dongle
 "InstallShield_{4AD13F68-CADA-​4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.3077
 "InstallShield_{D562E689-0ECD-​4239-B1A0-323252893405}" = Asterix & Obelix XXL
 "Luxor" = Luxor
 "Luxor 3_is1" = Luxor 3
 "Luxor Deluxe" = Luxor Deluxe
 "Luxor Great Adventures Deluxe" = Luxor Great Adventures Deluxe
 "Mahjongg Artifacts Chapter 2_is1" = Mahjongg Artifacts Chapter 2
 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
 "Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
 "Monopoly Here And Now" = Monopoly Here And Now
 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
 "Mysteryville Deluxe" = Mysteryville Deluxe
 "NeroMultiInstaller!UninstallK​ey" = Nero Suite
 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
 "NVIDIA Drivers" = NVIDIA Drivers
 "OcaHistoryUpd" = OCA Client history tool install
 "Photocite Collection 4" = Photocite Collection 4
 "Picasa 3" = Picasa 3
 "Puzzle Mania_is1" = Puzzle Mania
 "Ricochet Infinity_is1" = Ricochet Infinity
 "Royal Trouble Deluxe" = Royal Trouble Deluxe
 "Sally's Salon Deluxe" = Sally's Salon Deluxe
 "Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
 "Software Informer_is1" = Software Informer 1.0 BETA
 "Super Collapse! Puzzle Gallery 4" = Super Collapse! Puzzle Gallery 4
 "Super Mahjong_is1" = Super Mahjong
 "Tropix" = Tropix
 "UFileDownloadD" = Versal FileDownload ActiveX Control Trial Version
 "Web Media Player_is1" = Web Media Player 0.62e
 "WIC" = Windows Imaging Component
 "Windows Media Encoder 9" = Codeur Windows Media Série 9
 "Windows Media Format Runtime" = Windows Media Format 11 runtime
 "Windows Media Player" = Lecteur Windows Media 11
 "Windows XP Service" = Windows XP Service Pack 3
 "WinLiveSuite_Wave3" = Installation Windows Live
 "WinRAR archiver" = Archiveur WinRAR
 "WMFDist11" = Windows Media Format 11 runtime
 "wmp11" = Windows Media Player 11
 "Zuma Deluxe" = Zuma Deluxe
 
 ========== HKEY_CURRENT_USER Uninstall List ==========
 
 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Uninstall]
 "Emerald Tale" = Emerald Tale 1.01
 "Jewel of Atlantis" = Jewel of Atlantis 1.91
 "Sun Download Manager 2.0 (web)" = Sun Download Manager 2.0 (web)
 
 ========== Last 10 Event Log Errors ==========
 
 [ Antivirus Events ]
 Error - 03/11/2009 03:37:12 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 03/11/2009 03:37:12 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 03/11/2009 03:37:12 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 03/11/2009 03:37:12 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 26/01/2010 06:07:29 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 08/04/2010 05:44:09 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 27/04/2010 06:44:44 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 27/04/2010 06:44:45 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 27/04/2010 06:44:46 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 27/04/2010 06:44:48 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 [ Application Events ]
 Error - 08/01/2011 06:18:40 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: DocumentViewer -- Error 1706.No valid source could be found
 for product DocumentViewer.  The Windows Installer cannot continue.
 
 Error - 09/01/2011 14:23:14 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: DocumentViewer -- Error 1706.No valid source could be found
 for product DocumentViewer.  The Windows Installer cannot continue.
 
 Error - 09/01/2011 14:43:02 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 10/01/2011 06:10:32 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 11/01/2011 06:11:46 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 05:11:38 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 05:55:22 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 06:16:15 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 06:27:41 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 06:27:51 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 [ System Events ]
 Error - 05/01/2011 10:33:36 | Computer Name = ACER-7989E0343A | Source = RemoteAccess | ID = 20106
 Description = Impossible d'ajouter l'interface {E3B0C7F7-976F-4958-B8F8-ADAFD​53426B8}
 avec le Gestionnaire de routage pour le protocole IP.  L'erreur suivante s'est produite
 : Impossible d'accomplir cette fonction.  
 
 Error - 06/01/2011 17:40:45 | Computer Name = ACER-7989E0343A | Source = Service Control Manager | ID = 7026
 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
 charger :   nvatabus  nvraid
 
 Error - 06/01/2011 17:40:49 | Computer Name = ACER-7989E0343A | Source = RemoteAccess | ID = 20106
 Description = Impossible d'ajouter l'interface {E3B0C7F7-976F-4958-B8F8-ADAFD​53426B8}
 avec le Gestionnaire de routage pour le protocole IP.  L'erreur suivante s'est produite
 : Impossible d'accomplir cette fonction.  
 
 Error - 07/01/2011 06:45:45 | Computer Name = ACER-7989E0343A | Source = RemoteAccess | ID = 20106
 Description = Impossible d'ajouter l'interface {E3B0C7F7-976F-4958-B8F8-ADAFD​53426B8}
 avec le Gestionnaire de routage pour le protocole IP.  L'erreur suivante s'est produite
 : Impossible d'accomplir cette fonction.  
 
 
 < End of report >

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 12/01/2011 à 13:00:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le second rapport:


 OTL logfile created on: 12/01/2011 11:33:21 - Run 1
 OTL by OldTimer - Version 3.2.20.1     Folder = C:\Documents and Settings\annie turpin\Mes documents\Téléchargements
 Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 7.0.5730.13)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 767,00 Mb Total Physical Memory | 321,00 Mb Available Physical Memory | 42,00% Memory free
 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
 Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 71,36 Gb Total Space | 14,77 Gb Free Space | 20,70% Space Free | Partition Type: NTFS
 Drive D: | 71,82 Gb Total Space | 25,96 Gb Free Space | 36,14% Space Free | Partition Type: FAT32
 
 Computer Name: ACER-7989E0343A | User Name: annie turpin | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - [2011/01/12 11:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\annie turpin\Mes documents\Téléchargements\OTL.​exe
 PRC - [2010/12/11 12:28:29 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
 PRC - [2010/12/11 12:28:27 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
 PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 PRC - [2010/09/01 17:03:18 | 004,739,312 | ---- | M] (UpdateStar GmbH) -- C:\Documents and Settings\annie turpin\Application Data\UpdateStar\UpdateStar.exe
 PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
 PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
 PRC - [2008/07/06 11:32:14 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetI​M.exe
 PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 PRC - [2007/04/04 18:35:58 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 PRC - [2007/03/13 08:49:16 | 000,569,344 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe
 PRC - [2006/06/01 17:51:32 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Launcher.exe
 PRC - [2006/05/11 15:22:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 PRC - [2006/02/17 14:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
 PRC - [2005/11/16 19:25:14 | 000,745,472 | ---- | M] (X-Micro Technology Corp.) -- C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
 
 
 ========== Modules (SafeList) ==========
 
 MOD - [2011/01/12 11:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\annie turpin\Mes documents\Téléchargements\OTL.​exe
 MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsof​t.Windows.Common-Controls_6595​b64144ccf1df_6.0.2600.6028_x-w​w_61e65202\comctl32.dll
 MOD - [2008/07/06 11:31:44 | 000,022,328 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\mgAdap​tersProxy.dll
 MOD - [2006/07/11 17:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\SweetIM\Messenger\msvcr7​1.dll
 MOD - [2006/05/03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.d​ll
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dl​l -- (HidServ)
 SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
 SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
 SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
 SRV - [2010/08/29 16:33:11 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
 SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
 SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
 SRV - [2007/08/09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.e​xe -- (Pml Driver HPZ12)
 SRV - [2006/05/11 15:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe -- (AcerMemUsageCheckService)
 SRV - [2006/02/17 14:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
 SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe -- (IDriverT)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbser6k.sys -- (ZTEusbser6k)
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbnmea.sys -- (ZTEusbnmea)
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbmdm6k.sys -- (ZTEusbmdm6k)
 DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\as​wTdi.sys -- (aswTdi)
 DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\as​wSP.sys -- (aswSP)
 DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\as​wRdr.sys -- (aswRdr)
 DRV - [2010/09/07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\as​wmon2.sys -- (aswMon2)
 DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\as​wFsBlk.sys -- (aswFsBlk)
 DRV - [2010/09/07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aa​vmker4.sys -- (Aavmker4)
 DRV - [2009/11/05 18:30:19 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AF​S2K.SYS -- (AFS2K)
 DRV - [2009/08/05 21:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fs​sfltr_tdi.sys -- (fssfltr)
 DRV - [2008/06/09 18:38:30 | 000,114,496 | ---- | M] (Protection Technology Co.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pr​odrv04.sys -- (prodrv04)
 DRV - [2008/04/13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nw​lnkipx.sys -- (NwlnkIpx)
 DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\us​baudio.sys -- (usbaudio) Pilote USB audio (WDM)
 DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hd​audbus.sys -- (HDAudBus)
 DRV - [2008/02/13 15:37:46 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
 DRV - [2007/07/05 06:44:08 | 009,607,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sn​p2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
 DRV - [2007/04/28 17:08:27 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hw​psgt.sys -- (hwpsgt)
 DRV - [2007/04/28 17:08:27 | 000,009,472 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\le​msgt.sys -- (lemsgt)
 DRV - [2006/12/07 14:56:02 | 000,015,104 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ar​cSoftVirtualCapture.sys -- (ARCSOFTVIRTUALCAPTURE)
 DRV - [2006/08/11 18:52:28 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NT​IDrvr.sys -- (NTIDrvr)
 DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\St​arOpen.sys -- (StarOpen)
 DRV - [2006/07/11 23:19:00 | 003,934,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv​4_mini.sys -- (nv)
 DRV - [2006/06/29 09:53:00 | 000,244,864 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk​51x86.sys -- (yukonwxp)
 DRV - [2006/06/28 18:39:02 | 000,089,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv​raid.sys -- (nvraid) NVIDIA nForce(tm)
 DRV - [2006/06/28 18:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv​atabus.sys -- (nvatabus)
 DRV - [2006/06/18 22:40:44 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Am​dK8.sys -- (AmdK8)
 DRV - [2006/06/05 21:09:26 | 004,284,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rt​kHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
 DRV - [2006/04/07 20:17:34 | 000,012,288 | ---- | M] (HiTRUST) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ps​dfilter.sys -- (psdfilter)
 DRV - [2006/03/08 17:10:52 | 000,060,416 | ---- | M] (HiTRUST) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ps​dvdisk.sys -- (psdvdisk)
 DRV - [2005/11/14 07:19:28 | 000,027,264 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sa​iU5F0D.sys -- (SaiU5F0D)
 DRV - [2005/11/14 07:19:26 | 000,176,640 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sa​iH5F0D.sys -- (SaiH5F0D)
 DRV - [2005/11/04 02:14:22 | 000,033,408 | ---- | M] (IC Plus Corp.                                                                                                    ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip​gdnd51.sys -- (ipgd)
 DRV - [2005/10/28 10:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD​1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
 DRV - [2005/10/04 14:38:24 | 000,280,064 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD​1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
 DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\af​c.sys -- (Afc)
 DRV - [2005/01/13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
 DRV - [2004/10/25 12:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZD​PSp50.sys -- (ZDPSp50)
 DRV - [2004/08/10 21:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nw​lnknb.sys -- (NwlnkNb)
 DRV - [2004/08/10 21:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nw​lnkspx.sys -- (NwlnkSpx)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = %SystemRoot%\system32\blank.ht​m
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Secondary Start Pages = http://www.live.com/ [binary data]
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Secondar​y_Page_URL = http://www.live.com/ [binary data]
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchMigratedDe​faultName = Live Search
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchMigratedDe​faultURL = http://search.live.com/results [...] r:source?}
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Search,Default_Search​_URL = http://www.google.com/ie
 IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
 IE - HKCU\..\URLSearchHook: 95B187DB-43C8-4AC7-AF7F-C93B79​D21F1A} - Reg Error: Key error. File not found
 IE - HKCU\..\URLSearchHook: EEE6C35D-6118-11DC-9C72-001320​C79847} - Reg Error: Key error. File not found
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.search.defau​ltenginename: "iMesh Web Search"
 FF - prefs.js..browser.search.defau​ltthis.engineName: "Radio Bar 2 Customized Web Search"
 FF - prefs.js..browser.search.order​.1: "iMesh Web Search"
 FF - prefs.js..browser.search.selec​tedEngine: "iMesh Web Search"
 FF - prefs.js..browser.search.useDB​ForOrder: true
 FF - prefs.js..browser.startup.home​page: "http://search.imesh.com/"
 FF - prefs.js..extensions.enabledIt​ems: {0fc85f5d-6207-4515-a490-45a54​9d285c0}:3.2.5.2
 FF - prefs.js..extensions.enabledIt​ems: {95f24680-9e31-11da-a746-08002​00c9a66}:0.1.5.5
 FF - prefs.js..extensions.enabledIt​ems: {9bb815eb-3f9f-4e11-9150-cb70e​29b40fc}:3.2.5.2
 FF - prefs.js..extensions.enabledIt​ems: {d10d0bf8-f5b5-c8b4-a8b2-2b987​9e08c5d}:1.3.3
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20
 FF - prefs.js..extensions.enabledIt​ems: jqs@sun.com:1.0
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA}:6.0.21
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0023-ABCDE​FFEDCBA}:6.0.23
 FF - prefs.js..keyword.URL: "http://search.imesh.com/web?s​rc=ffb&systemid=1&q="
 FF - prefs.js..network.proxy.no_pro​xies_on: "localhost,127.0.0.1"
 
 
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/12 10:47:23 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/19 11:13:20 | 000,000,000 | ---D | M]
 
 [2010/10/23 23:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Extensions
 [2011/01/12 11:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions
 [2011/01/06 23:19:45 | 000,000,000 | ---D | M] (Radio Bar 1 Community Toolbar) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{0​fc85f5d-6207-4515-a490-45a549d​285c0}
 [2010/07/16 17:04:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{2​0a82645-c095-46ed-80e3-0882576​0534b}
 [2010/07/06 18:18:17 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}
 [2010/07/16 17:20:15 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{9​5f24680-9e31-11da-a746-0800200​c9a66}
 [2011/01/06 23:19:43 | 000,000,000 | ---D | M] (Radio Bar 2 Community Toolbar) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{9​bb815eb-3f9f-4e11-9150-cb70e29​b40fc}
 [2011/01/06 23:19:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{d​10d0bf8-f5b5-c8b4-a8b2-2b9879e​08c5d}
 [2010/07/06 18:18:18 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{E​EE6C361-6118-11DC-9C72-001320C​79847}
 [2008/12/18 17:31:55 | 000,000,000 | ---D | M] (Oberon Game Host) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\Ob​eronGameHost@OberonGames.com
 [2010/07/06 16:06:32 | 000,001,820 | ---- | M] () -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\searchplugins​\bing.xml
 [2007/06/20 16:24:42 | 000,001,830 | ---- | M] () -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\searchplugins​\LiveSearch.xml
 [2011/01/12 11:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 [2010/09/06 00:14:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0​016-0000-0020-ABCDEFFEDCBA}
 [2010/09/08 09:10:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0​016-0000-0021-ABCDEFFEDCBA}
 [2011/01/11 12:49:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0​016-0000-0023-ABCDEFFEDCBA}
 [2010/09/06 00:14:47 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS​\FF
 [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.​dll
 [2007/12/19 13:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadget​PluginFirefoxWin.dll
 [2009/10/26 15:53:52 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamespl​ayer.dll
 [2010/06/26 08:59:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-f​rance.xml
 [2010/06/26 08:59:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2010/06/26 08:59:00 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-fra​nce.xml
 [2010/06/26 08:59:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedi​a-fr.xml
 [2010/06/26 08:59:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: ([2008/03/02 23:46:01 | 000,000,687 | ---- | M]) - C:\WINDOWS\system32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1 localhost
 O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll (Adobe Systems Incorporated)
 O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E​497C8C0} - No CLSID value found.
 O2 - BHO: (no name) - {4322A444-92F8-4C3E-BD4C-013BA​51E2871} - No CLSID value found.
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - No CLSID value found.
 O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
 O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.6.5612.1312\swg.dll (Google Inc.)
 O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKLM\..\Toolbar: (no name) - {4322A444-92F8-4C3E-BD4C-013BA​51E2871} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\WINDOWS\system32\eDStoolbar​.dll (HiTRUST)
 O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB​0476E29} - C:\WINDOWS\system32\eDStoolbar​.dll (HiTRUST)
 O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe (Adobe Systems Incorporated)
 O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
 O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIV​ERS\W32X86\3\E_FATIACE.EXE File not found
 O4 - HKLM..\Run: [InternetDownload_upgrade] C:\Program Files\VersalSoft\InternetDownl​oad\InternetDownload.exe (TODO: <Company name> )
 O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe (Ahead Software Gmbh)
 O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
 O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
 O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
 O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetI​M.exe (SweetIM Technologies Ltd.)
 O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe (Google Inc.)
 O4 - HKCU..\Run: [UpdateStar] C:\Documents and Settings\annie turpin\Application Data\UpdateStar\UpdateStar.exe (UpdateStar GmbH)
 O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Launcher.exe (Acer Inc.)
 O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe (X-Micro Technology Corp.)
 O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe File not found
 O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: HonorAutoRunSetting = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoCDBurning = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveTypeAutoRun = 255
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Ro​yale\Royale.msstyles (Microsoft)
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: InstallTheme = C:\WINDOWS\Resources\Themes\Ro​yale.theme ()
 O7 - HKCU\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveTypeAutoRun = 255
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.sc​r (Google Inc.)
 O8 - Extra context menu item: Download by VersalSoft Internet Download - C:\Program Files\VersalSoft\InternetDownl​oad\adddownload.htm ()
 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000004 [] - C:\WINDOWS\system32\nwprovau.d​ll (Microsoft Corporation)
 O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_23)
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} http://messenger.zone.msn.com/ [...] b56907.cab (MessengerStatsClient Class)
 O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDE​FFEDCBA} http://java.sun.com/update/1.5 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDE​FFEDCBA} http://java.sun.com/update/1.5 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_23)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_23)
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} http://download.macromedia.com [...] wflash.cab (Shockwave Flash Object)
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} http://platformdl.adobe.com/NO [...] 1.6/gp.cab (Reg Error: Key error.)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Handler\http\0x000000​01 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\https\0x00000​001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\ipp\0x0000000​1 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\0x000​00001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
 O24 - Desktop WallPaper: C:\Documents and Settings\annie turpin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
 O24 - Desktop BackupWallPaper: C:\Documents and Settings\annie turpin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
 O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.d​ll (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/08/11 18:52:52 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
 O33 - MountPoints2\{0c1e2aac-965b-11​de-a2ce-0019215357f5}\Shell - "" = AutoRun
 O33 - MountPoints2\{0c1e2aac-965b-11​de-a2ce-0019215357f5}\Shell\Au​toRun\command - "" = J:\autorunner.exe www.CCE-ADECCO.com -- File not found
 O33 - MountPoints2\{4a4142e0-f7f6-11​de-a349-0019215357f5}\Shell - "" = AutoRun
 O33 - MountPoints2\{cf760e4e-173d-11​df-a373-0019215357f5}\Shell - "" = AutoRun
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: 6to4 -  File not found
 NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dl​l File not found
 NetSvcs: Ias -  File not found
 NetSvcs: Iprip -  File not found
 NetSvcs: Irmon -  File not found
 NetSvcs: WmdmPmSp -  File not found
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/01/12 10:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
 [2011/01/11 16:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
 [2011/01/11 16:13:10 | 000,000,000 | ---D | C] -- C:\rsit
 [2011/01/11 12:49:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
 [2011/01/11 12:49:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
 [2011/01/11 12:49:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
 [2011/01/04 22:15:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\SevenSails
 [2011/01/02 18:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\quickclick
 [2010/12/29 16:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.FR
 [2010/12/20 18:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\Mutant Arcade
 [2010/12/20 17:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\SunRay Games
 [2010/12/18 16:21:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\Ten Heavens
 [2010/12/18 16:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\PlayPond
 [2010/12/18 15:39:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\Freeze Tag
 [2010/12/18 14:38:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\Boolat Games
 [2010/12/18 12:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\The Sultan's Labyrinth - Le Sacrifice de Bahar
 [2010/12/18 12:12:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\The Sultan's Labyrinth - Le Sacrifice de Bahar
 [2010/12/18 11:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Victorian Mysteries - La Femme en Blanc
 [2010/12/18 11:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Victorian Mysteries - La Femme en Blanc
 [2010/12/18 11:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Skymist - Les Pierres Mystiques
 [2010/12/18 11:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skymist - Les Pierres Mystiques
 [2010/12/18 11:36:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Tornado - Le Secret de la Grotte Magique
 [2010/12/18 11:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\Tornado - Le Secret de la Grotte Magique
 [2010/12/18 11:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Twisted Lands - Lile Fantome
 [2010/12/18 11:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Twisted Lands - Lile Fantome
 [2010/12/18 11:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mystic Diary - LIle Hantee
 [2010/12/18 11:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mystic Diary - LIle Hantee
 [2010/12/18 11:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mystery Legends - The Phantom of the Opera Edition Collector
 [2010/12/18 11:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mystery Legends - The Phantom of the Opera Edition Collector
 [2010/12/18 11:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\Le Retour de Monte Cristo
 [2010/12/18 11:20:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Le Retour de Monte Cristo
 [2010/12/18 11:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\Escape from Frankensteins Castle
 [2010/12/18 11:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Escape from Frankensteins Castle
 [2010/12/18 11:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector
 [2010/12/18 11:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector
 [2010/12/18 11:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Tales - Le Chat Noir Edgar Allan Poe
 [2010/12/18 11:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dark Tales - Le Chat Noir Edgar Allan Poe
 [2010/12/18 11:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Echoes of the Past - Le Chateau des Ombres
 [2010/12/18 11:11:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Echoes of the Past - Le Chateau des Ombres
 [2010/12/15 21:48:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\n​dproxy.sys
 [2008/05/13 19:11:57 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.d​ll
 [2008/05/13 19:11:54 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.d​ll
 [2006/12/15 17:38:58 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Sh​ell32.dll
 [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2011/01/12 11:25:58 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
 [2011/01/12 11:25:31 | 000,073,451 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
 [2011/01/12 11:25:15 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
 [2011/01/12 11:24:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
 [2011/01/12 11:24:27 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
 [2011/01/12 10:45:59 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\AD-R.lnk
 [2011/01/10 12:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
 [2011/01/09 20:49:58 | 000,000,054 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
 [2011/01/08 14:45:13 | 000,000,972 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\Bejeweled 3 Deluxe.lnk
 [2011/01/02 19:10:45 | 000,000,252 | ---- | M] () -- C:\WINDOWS\CRAPETTE.JEU
 [2010/12/27 12:55:58 | 000,193,536 | ---- | M] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E​0D61DEA3FDF.ini
 [2010/12/22 22:09:04 | 000,000,299 | ---- | M] () -- C:\WINDOWS\GECKOS.INI
 [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mb​amswissarmy.sys
 [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mb​am.sys
 [2010/12/19 11:13:22 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
 [2010/12/18 20:21:22 | 000,000,980 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\Royal Trouble Deluxe.lnk
 [2010/12/18 12:12:52 | 000,001,976 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à The Sultan's Labyrinth - Le Sacrifice de Bahar.lnk
 [2010/12/18 12:12:52 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Encore plus de jeux.lnk
 [2010/12/18 11:54:26 | 000,001,853 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Victorian Mysteries - La Femme en Blanc.lnk
 [2010/12/18 11:40:54 | 000,001,076 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\Luxor Great Adventures Deluxe.lnk
 [2010/12/18 11:38:58 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Skymist - Les Pierres Mystiques.lnk
 [2010/12/18 11:37:38 | 000,001,846 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Tornado - Le Secret de la Grotte Magique.lnk
 [2010/12/18 11:36:40 | 000,001,770 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Twisted Lands - Lile Fantome.lnk
 [2010/12/18 11:26:45 | 000,001,766 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Mystic Diary - LIle Hantee.lnk
 [2010/12/18 11:26:43 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\annie turpin\Application Data\Microsoft\Internet Explorer\Quick Launch\Jewel of Atlantis.lnk
 [2010/12/18 11:24:18 | 000,002,032 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Mystery Legends - The Phantom of the Opera Edition Collector.lnk
 [2010/12/18 11:21:09 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Le Retour de Monte Cristo.lnk
 [2010/12/18 11:20:36 | 000,001,826 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Escape from Frankensteins Castle.lnk
 [2010/12/18 11:16:59 | 000,002,087 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector.lnk
 [2010/12/18 11:15:18 | 000,001,889 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Dark Tales - Le Chat Noir Edgar Allan Poe.lnk
 [2010/12/18 11:12:26 | 000,001,936 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Echoes of the Past - Le Chateau des Ombres.lnk
 [2010/12/18 10:01:00 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\avast! Antivirus.job
 [2010/12/17 21:32:02 | 000,002,145 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\UpdateStar.lnk
 [2010/12/17 21:32:02 | 000,002,123 | ---- | M] () -- C:\Documents and Settings\annie turpin\Application Data\Microsoft\Internet Explorer\Quick Launch\UpdateStar.lnk
 [2010/12/16 10:21:18 | 000,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.D​AT
 [2010/12/15 23:25:12 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
 [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2011/01/12 10:45:59 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\annie turpin\Bureau\AD-R.lnk
 [2011/01/08 14:45:13 | 000,000,972 | ---- | C] () -- C:\Documents and Settings\annie turpin\Bureau\Bejeweled 3 Deluxe.lnk
 [2010/12/18 20:21:22 | 000,000,980 | ---- | C] () -- C:\Documents and Settings\annie turpin\Bureau\Royal Trouble Deluxe.lnk
 [2010/12/18 12:12:52 | 000,001,976 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à The Sultan's Labyrinth - Le Sacrifice de Bahar.lnk
 [2010/12/18 12:12:52 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Encore plus de jeux.lnk
 [2010/12/18 11:54:26 | 000,001,853 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Victorian Mysteries - La Femme en Blanc.lnk
 [2010/12/18 11:38:58 | 000,001,767 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Skymist - Les Pierres Mystiques.lnk
 [2010/12/18 11:37:38 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Tornado - Le Secret de la Grotte Magique.lnk
 [2010/12/18 11:36:40 | 000,001,770 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Twisted Lands - Lile Fantome.lnk
 [2010/12/18 11:26:45 | 000,001,766 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Mystic Diary - LIle Hantee.lnk
 [2010/12/18 11:24:18 | 000,002,032 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Mystery Legends - The Phantom of the Opera Edition Collector.lnk
 [2010/12/18 11:21:09 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Le Retour de Monte Cristo.lnk
 [2010/12/18 11:20:36 | 000,001,826 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Escape from Frankensteins Castle.lnk
 [2010/12/18 11:16:59 | 000,002,087 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector.lnk
 [2010/12/18 11:15:18 | 000,001,889 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Dark Tales - Le Chat Noir Edgar Allan Poe.lnk
 [2010/12/18 11:12:26 | 000,001,936 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Echoes of the Past - Le Chateau des Ombres.lnk
 [2010/07/29 10:43:47 | 000,003,271 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\PatchUpdate_InstantShareJ​PG.log
 [2010/07/29 10:43:47 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.​ini
 [2010/07/29 10:43:18 | 000,004,117 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\PatchUpdate_IZClosingDisc​Error.log
 [2010/07/29 10:43:18 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErr​orPatch.ini
 [2010/07/29 10:41:57 | 000,105,572 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\PatchUpdate_HP_CounterRep​ort_Update_HPSU.log
 [2010/07/29 10:41:57 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Up​date_HPSU.ini
 [2010/07/29 10:40:26 | 000,004,354 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\HPSU_48BitScanUpdate.log
 [2010/07/29 10:40:26 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdateP​atch.ini
 [2010/07/29 10:30:39 | 000,092,555 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Update_HP_RedboxHprblog_H​PSU.log
 [2010/07/29 10:30:39 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HP​SU.ini
 [2010/07/15 17:28:23 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\WebpageIcons.db
 [2010/02/27 09:39:34 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
 [2010/02/24 17:53:35 | 000,006,414 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Hewlett-PackardHP Photosmart 2570 series1267028802_PROTOCOL.log
 [2010/02/24 17:53:35 | 000,001,865 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Hewlett-PackardHP Photosmart 2570 series1267028802_UI.log
 [2010/02/24 17:53:35 | 000,000,341 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Hewlett-PackardHP Photosmart 2570 series1267028802_API.log
 [2010/02/24 17:53:35 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
 [2010/02/24 17:25:56 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.d​ll
 [2010/02/24 17:03:17 | 000,021,670 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
 [2010/02/22 18:03:49 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Acroread.ini
 [2010/02/15 20:47:47 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.s​ys
 [2010/01/25 12:24:29 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\CC660D6FB2​.sys
 [2010/01/06 23:00:05 | 000,000,067 | ---- | C] () -- C:\WINDOWS\pool.ini
 [2009/11/05 18:24:35 | 000,004,400 | ---- | C] () -- C:\WINDOWS\hpdj5600.ini
 [2009/10/05 18:44:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
 [2009/10/05 18:43:19 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\St​arOpen.sys
 [2009/06/04 14:48:54 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\yekww.exe
 [2009/05/18 14:39:00 | 000,000,282 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
 [2009/03/22 14:10:37 | 000,002,402 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\RayV_22.03.09_13-10-30.rp​rt
 [2009/03/17 10:45:50 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
 [2009/02/25 17:46:47 | 000,000,204 | ---- | C] () -- C:\WINDOWS\mb.ini
 [2008/12/20 12:53:28 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\zlibwapi.d​ll
 [2008/11/04 20:23:49 | 000,000,051 | ---- | C] () -- C:\WINDOWS\SOL.INI
 [2008/10/31 11:51:26 | 000,000,299 | ---- | C] () -- C:\WINDOWS\GECKOS.INI
 [2008/09/30 11:31:43 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Raccourci vers Flood Light Games.lnk
 [2008/09/19 22:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.d​ll
 [2008/09/19 22:54:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExt​Type.dll
 [2008/07/03 17:51:34 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
 [2008/05/13 19:11:57 | 009,607,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\sn​p2uvc.sys
 [2008/05/13 19:11:57 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sn​cduvc.sys
 [2008/05/13 19:11:57 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
 [2008/03/03 02:04:50 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
 [2008/02/02 18:13:21 | 000,000,074 | ---- | C] () -- C:\WINDOWS\Pool3DWin.ini
 [2007/10/22 15:45:30 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
 [2007/04/28 17:08:27 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\hw​psgt.sys
 [2007/04/28 17:08:27 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\le​msgt.sys
 [2007/01/07 20:24:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
 [2006/12/17 18:18:05 | 000,193,536 | ---- | C] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E​0D61DEA3FDF.ini
 [2006/12/15 17:41:25 | 000,000,294 | ---- | C] () -- C:\WINDOWS\PowerOption.ini
 [2006/12/15 17:38:58 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarL​ib.dll
 [2006/12/15 17:31:26 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\fusioncache.dat
 [2006/08/11 18:56:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
 [2006/08/11 18:54:50 | 000,000,050 | ---- | C] () -- C:\WINDOWS\commercial.ini
 [2006/08/11 18:54:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MWLPS.dll
 [2006/08/11 18:53:12 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dl​l
 [2006/08/11 18:52:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.d​ll
 [2006/08/11 18:52:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
 [2006/08/11 18:52:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dl​l
 [2006/08/11 18:52:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.d​ll
 [2006/08/11 18:29:20 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
 [2006/07/11 23:19:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.d​ll
 [2006/07/11 23:19:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
 [2006/07/11 23:19:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
 [2006/07/11 23:19:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dl​l
 [2006/07/11 23:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dl​l
 [2006/07/11 23:19:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.d​ll
 [2006/07/11 23:19:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
 [2006/04/12 14:08:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallChe​ck.dll
 [2006/03/08 17:19:28 | 001,421,824 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
 [2006/03/08 17:11:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.d​ll
 [2005/11/10 11:27:42 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WI​NIO.sys
 [2005/10/31 03:17:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.d​ll
 [2005/10/26 07:25:28 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.in​i
 [2005/10/12 17:43:40 | 000,000,095 | ---- | C] () -- C:\WINDOWS\alaunch.ini
 [2005/08/05 14:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.d​ll
 [2005/07/12 13:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64​.DLL
 [2005/04/04 08:44:04 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Clearlnk.ini
 [2004/10/26 23:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.d​ll
 [2004/08/10 21:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.in​i
 [2004/03/23 15:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.d​ll
 [2001/12/26 14:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_​vcd.dll
 [2001/09/03 21:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
 [2001/07/30 14:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.​dll
 [2001/07/23 20:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_​MMX.dll
 [2001/07/06 15:30:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.I​NI
 [1998/10/26 23:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
 [1998/10/26 23:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.D​LL
 
 ========== Custom Scans ==========
 
 
 < %SYSTEMDRIVE%\*.* >
 [2011/01/12 10:47:43 | 000,009,927 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt
 [2011/01/12 11:20:32 | 000,002,429 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt
 [2006/08/11 18:52:52 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
 [2006/12/15 17:30:36 | 000,000,221 | RHS- | M] () -- C:\boot.ini
 [2004/08/10 21:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
 [2009/10/05 18:53:18 | 000,000,074 | ---- | M] () -- C:\CMLoader.log
 [2006/08/11 18:29:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
 [2010/08/07 17:21:46 | 000,000,372 | ---- | M] () -- C:\content_update_notification​.xml
 [2011/01/12 11:24:27 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
 [2006/08/11 18:29:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
 [2008/02/28 15:59:00 | 000,000,125 | ---- | M] () -- C:\ioSpecial.ini
 [2006/08/11 18:29:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
 [2008/03/02 23:53:34 | 000,000,748 | ---- | M] () -- C:\MSNCleaner.txt
 [2004/08/10 21:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
 [2008/09/17 23:49:02 | 000,252,240 | RHS- | M] () -- C:\ntldr
 [2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
 [2011/01/12 11:24:25 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys
 [2008/07/02 15:52:49 | 000,079,500 | ---- | M] () -- C:\playground.log
 [2006/08/11 20:18:22 | 000,000,079 | ---- | M] () -- C:\preload.aaa
 [2006/08/11 18:41:40 | 000,000,499 | ---- | M] () -- C:\RHDSetup.log
 [2006/12/18 21:41:06 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
 [2010/09/26 15:15:42 | 000,005,120 | -HS- | M] () -- C:\Thumbs.db
 
 < %SYSTEMDRIVE%\*.exe >
 
 < %PROGRAMFILES%\*.* >
 
 < %PROGRAMFILES%\*. >
 [2009/03/03 13:34:46 | 000,000,000 | ---D | M] -- C:\Program Files\7 Wonders II
 [2006/09/30 07:10:20 | 000,000,000 | ---D | M] -- C:\Program Files\Acer WLAN 11g USB Dongle
 [2011/01/12 10:46:00 | 000,000,000 | ---D | M] -- C:\Program Files\Ad-Remover
 [2010/10/25 19:52:42 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
 [2010/04/21 17:04:45 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
 [2010/08/22 10:28:09 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
 [2007/04/18 18:23:05 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
 [2008/05/21 15:49:58 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
 [2010/03/27 10:09:29 | 000,000,000 | ---D | M] -- C:\Program Files\Atari
 [2009/06/08 19:40:55 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
 [2008/01/14 12:03:15 | 000,000,000 | ---D | M] -- C:\Program Files\AxBx
 [2010/12/04 18:08:17 | 000,000,000 | ---D | M] -- C:\Program Files\bfgclient
 [2010/08/29 16:22:49 | 000,000,000 | ---D | M] -- C:\Program Files\Boonty
 [2010/09/23 16:28:21 | 000,000,000 | ---D | M] -- C:\Program Files\BoontyGames
 [2008/12/04 17:59:05 | 000,000,000 | ---D | M] -- C:\Program Files\Cake Mania 2
 [2006/09/30 07:10:25 | 000,000,000 | ---D | M] -- C:\Program Files\commercial
 [2006/09/30 07:10:25 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
 [2010/12/18 11:15:18 | 000,000,000 | ---D | M] -- C:\Program Files\Dark Tales - Le Chat Noir Edgar Allan Poe
 [2010/12/18 11:16:59 | 000,000,000 | ---D | M] -- C:\Program Files\Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector
 [2008/11/01 16:58:27 | 000,000,000 | ---D | M] -- C:\Program Files\DDD Pool
 [2007/01/05 20:03:53 | 000,000,000 | ---D | M] -- C:\Program Files\DFX
 [2006/09/30 07:10:30 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
 [2008/10/25 18:00:08 | 000,000,000 | ---D | M] -- C:\Program Files\directx
 [2008/03/03 01:22:17 | 000,000,000 | ---D | M] -- C:\Program Files\Disk Investigator
 [2010/02/15 20:47:50 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
 [2010/12/18 11:12:26 | 000,000,000 | ---D | M] -- C:\Program Files\Echoes of the Past - Le Chateau des Ombres
 [2007/12/31 16:23:23 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
 [2010/11/21 19:59:48 | 000,000,000 | ---D | M] -- C:\Program Files\Emerald Tale
 [2010/08/07 17:43:45 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
 [2010/02/27 08:57:45 | 000,000,000 | ---D | M] -- C:\Program Files\epson
 [2010/12/18 11:20:36 | 000,000,000 | ---D | M] -- C:\Program Files\Escape from Frankensteins Castle
 [2011/01/12 10:47:26 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
 [2008/11/15 22:27:32 | 000,000,000 | ---D | M] -- C:\Program Files\GameHouse
 [2007/03/04 12:01:20 | 000,000,000 | ---D | M] -- C:\Program Files\Gamenext
 [2009/05/21 09:26:50 | 000,000,000 | ---D | M] -- C:\Program Files\GameSpy Arcade
 [2008/12/20 12:53:41 | 000,000,000 | ---D | M] -- C:\Program Files\GdPicture ToolKit Pro Edition
 [2007/03/23 22:32:24 | 000,000,000 | ---D | M] -- C:\Program Files\GemMasterFrench
 [2011/01/09 19:56:03 | 000,000,000 | ---D | M] -- C:\Program Files\Google
 [2007/03/28 18:43:00 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft
 [2010/04/09 10:37:36 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
 [2010/04/09 10:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\HP
 [2007/07/19 09:38:23 | 000,000,000 | ---D | M] -- C:\Program Files\IncrediMail
 [2008/10/25 18:22:19 | 000,000,000 | ---D | M] -- C:\Program Files\Infogrames
 [2010/09/23 16:38:00 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
 [2010/12/15 23:24:35 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
 [2011/01/11 12:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\Java
 [2010/11/21 17:13:17 | 000,000,000 | ---D | M] -- C:\Program Files\Jewel of Atlantis
 [2010/12/18 11:21:09 | 000,000,000 | ---D | M] -- C:\Program Files\Le Retour de Monte Cristo
 [2010/07/29 11:22:08 | 000,000,000 | ---D | M] -- C:\Program Files\Les Aventures de Robinson Crusoe
 [2009/02/25 14:53:40 | 000,000,000 | ---D | M] -- C:\Program Files\Les Tresors de l'Ile Mysterieuse
 [2009/05/22 17:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\Lost Realms - L'Heritage de la Princesse du Soleil
 [2009/02/08 12:10:45 | 000,000,000 | ---D | M] -- C:\Program Files\Lost Secrets - Bermuda Triangle
 [2008/10/01 08:58:07 | 000,000,000 | ---D | M] -- C:\Program Files\Macrogaming
 [2007/11/16 15:56:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mahjongg Artifacts Chapter 2
 [2011/01/04 18:33:47 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2007/02/01 20:52:56 | 000,000,000 | ---D | M] -- C:\Program Files\Managed DirectX (0900)
 [2008/09/30 11:44:21 | 000,000,000 | ---D | M] -- C:\Program Files\McDonaldsDragons
 [2008/09/18 00:03:23 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
 [2008/07/05 15:35:08 | 000,000,000 | ---D | M] -- C:\Program Files\Micro Application
 [2010/07/05 19:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
 [2007/05/10 22:00:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
 [2006/09/30 07:10:36 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
 [2011/01/06 22:40:01 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
 [2007/12/18 16:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
 [2010/07/05 19:30:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
 [2010/08/12 22:26:30 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
 [2010/12/11 12:28:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
 [2009/12/24 20:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\MPMAN
 [2010/07/06 13:24:35 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
 [2008/03/03 10:44:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
 [2007/11/07 21:01:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Games
 [2006/09/30 07:10:37 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
 [2008/07/22 12:33:56 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
 [2010/12/30 23:12:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Case Files - Ravenhearst
 [2009/02/08 21:10:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Legends - Sleepy Hollow
 [2010/12/18 11:24:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Legends - The Phantom of the Opera Edition Collector
 [2008/06/03 17:37:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mysteryville 2
 [2010/12/18 11:26:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mystic Diary - LIle Hantee
 [2008/09/17 23:51:20 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
 [2008/05/21 17:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\NewTech Infosystems
 [2008/06/12 15:14:19 | 000,000,000 | ---D | M] -- C:\Program Files\NRJ
 [2009/02/26 22:26:37 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
 [2006/09/30 07:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\Oca History Tool
 [2006/09/30 07:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
 [2010/07/06 15:46:33 | 000,000,000 | ---D | M] -- C:\Program Files\Opera
 [2007/03/17 18:20:13 | 000,000,000 | ---D | M] -- C:\Program Files\orange
 [2010/12/15 23:18:44 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
 [2008/05/24 09:29:34 | 000,000,000 | ---D | M] -- C:\Program Files\Philips
 [2010/09/25 10:40:50 | 000,000,000 | ---D | M] -- C:\Program Files\Photocite Collection 4
 [2010/12/29 16:48:09 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars.FR
 [2010/04/25 10:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Puzzle Mania
 [2007/04/18 18:23:42 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
 [2006/09/30 07:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
 [2010/07/06 13:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
 [2007/03/28 12:04:51 | 000,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
 [2010/03/15 12:03:22 | 000,000,000 | ---D | M] -- C:\Program Files\Registry Easy
 [2008/05/25 16:51:54 | 000,000,000 | ---D | M] -- C:\Program Files\Ricochet Infinity
 [2010/07/21 14:40:23 | 000,000,000 | ---D | M] -- C:\Program Files\Robinson Crusoe et les Pirates Maudits
 [2009/10/05 18:28:04 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
 [2006/09/30 07:11:00 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
 [2008/01/27 13:51:36 | 000,000,000 | ---D | M] -- C:\Program Files\Shareaza Applications
 [2010/12/18 11:38:58 | 000,000,000 | ---D | M] -- C:\Program Files\Skymist - Les Pierres Mystiques
 [2008/05/24 09:53:13 | 000,000,000 | ---D | M] -- C:\Program Files\Software Informer
 [2008/11/01 17:01:56 | 000,000,000 | ---D | M] -- C:\Program Files\Super Mahjong
 [2010/01/25 20:59:55 | 000,000,000 | ---D | M] -- C:\Program Files\Sweet Games
 [2008/10/01 08:55:55 | 000,000,000 | ---D | M] -- C:\Program Files\SweetIM
 [2010/12/18 12:12:52 | 000,000,000 | ---D | M] -- C:\Program Files\The Sultan's Labyrinth - Le Sacrifice de Bahar
 [2010/12/18 11:37:38 | 000,000,000 | ---D | M] -- C:\Program Files\Tornado - Le Secret de la Grotte Magique
 [2011/01/11 16:13:37 | 000,000,000 | ---D | M] -- C:\Program Files\trend micro
 [2010/12/18 11:36:41 | 000,000,000 | ---D | M] -- C:\Program Files\Twisted Lands - Lile Fantome
 [2006/08/11 18:40:40 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
 [2008/12/20 23:54:46 | 000,000,000 | ---D | M] -- C:\Program Files\Universal
 [2010/11/17 19:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\Veoh Networks
 [2008/12/20 23:54:53 | 000,000,000 | ---D | M] -- C:\Program Files\VersalSoft
 [2010/12/18 11:54:26 | 000,000,000 | ---D | M] -- C:\Program Files\Victorian Mysteries - La Femme en Blanc
 [2007/01/06 01:42:50 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
 [2007/07/27 22:14:17 | 000,000,000 | ---D | M] -- C:\Program Files\Web Media Player
 [2007/01/06 01:32:47 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
 [2010/12/13 09:54:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
 [2007/10/14 22:11:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Favorites
 [2009/02/26 19:26:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Safety Center
 [2010/07/05 19:23:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
 [2010/07/05 20:44:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
 [2008/05/10 16:38:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
 [2006/12/18 17:59:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
 [2007/04/18 18:09:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
 [2008/09/17 23:51:16 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
 [2006/09/30 07:11:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Plus
 [2006/08/11 18:28:26 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
 [2007/11/16 15:36:16 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
 [2010/03/13 11:45:10 | 000,000,000 | ---D | M] -- C:\Program Files\WMPBurn
 [2006/09/30 07:11:02 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
 [2010/10/11 09:24:20 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
 [2010/07/15 17:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\Zattoo4
 [2011/01/08 14:44:46 | 000,000,000 | ---D | M] -- C:\Program Files\Zylom Games
 
 
 < MD5 for: AGP440.SYS  >
 [2004/08/10 21:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
 [2004/08/10 21:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
 [2008/09/17 23:43:52 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
 [2008/09/17 23:43:52 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i3​86\sp3.cab:AGP440.sy

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 12/01/2011 à 16:38:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
comme demandé,je joint le rapport malwarbytes merci:


 Malwarebytes' Anti-Malware 1.50.1.1100
 www.malwarebytes.org

 Version de la base de données: 5464

 Windows 5.1.2600 Service Pack 3
 Internet Explorer 7.0.5730.13

 12/01/2011 13:23:37
 mbam-log-2011-01-12 (13-23-37).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 324848
 Temps écoulé: 1 heure(s), 16 minute(s), 25 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 0
 Valeur(s) du Registre infectée(s): 0
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 0

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Valeur(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 (Aucun élément nuisible détecté)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 12/01/2011 à 16:41:23  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

 Mis à jour par TeamXscript le 09/01/11 à 12:30
 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
 Site web: http://www.teamxscript.org

 C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 10:46:01 le 12/01/2011, Mode normal

 Microsoft Windows XP Professionnel Service Pack 3 (X86)
 annie turpin@ACER-7989E0343A ( )
 
 ============== ACTION(S) ==============


 Dossier supprimé: C:\MicroGaming\Casino\Phoenici​an
 Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.j​s
 Fichier supprimé: C:\Program Files\Mozilla FireFox\searchplugins\iMeshWeb​Search.xml
 Fichier supprimé: C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\searchplugins​\ask.xml
 Dossier supprimé: C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\conduit
 Dossier supprimé: C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\ConduitEngine
 Dossier supprimé: C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\extensions\en​gine@conduit.com
 Fichier supprimé: C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\searchplugins​\conduit.xml
 Dossier supprimé: C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\iMeshMediabar​Tb
 Fichier supprimé: C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\searchplugins​\iMeshWebSearch.xml
 Dossier supprimé: C:\Documents and Settings\All Users\Application Data\GamesBar
 Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GamesBar
 Dossier supprimé: C:\Program Files\GamesBar
 Dossier supprimé: C:\Documents and Settings\All Users\Application Data\Trymedia
 Dossier supprimé: C:\Program Files\Fichiers communs\WhenU
 Dossier supprimé: C:\Documents and Settings\annie turpin\Local Settings\Application Data\iMesh
 Dossier supprimé: C:\Program Files\iMesh Applications
 Dossier supprimé: C:\Documents and Settings\annie turpin\Application Data\iMeshMediabarTb

 (!) -- Fichiers temporaires supprimés.


 -- Fichier ouvert: C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\Prefs.js --
 Ligne supprimée:  
 Ligne supprimée:  
 Ligne supprimée: user_pref("CT2405725.SearchEng​ine", "Search||hxxp://search.conduit​.com/Results.aspx?q=UCM_SEARCH​_TER...
 Ligne supprimée: user_pref("CT2405725.SearchFro​mAddressBarUrl", "hxxp://search.conduit.com/Res​ultsExt.aspx?ctid=CT240...
 Ligne supprimée: user_pref("CT2405727.SearchEng​ine", "Search||hxxp://search.conduit​.com/Results.aspx?q=UCM_SEARCH​_TER...
 Ligne supprimée: user_pref("CT2405727.SearchFro​mAddressBarUrl", "hxxp://search.conduit.com/Res​ultsExt.aspx?ctid=CT240...
 Ligne supprimée: user_pref("browser.search.defa​ulturl", "hxxp://search.conduit.com/Res​ultsExt.aspx?ctid=CT2405727&Se​a...
 Ligne supprimée: user_pref("extensions.snipit.a​skTbInstalled", true);
 Ligne supprimée: user_pref("extensions.snipit.c​hromeURL", "hxxp://toolbar.ask.com/toolba​rv/askRedirect?o=10168&gct=&g.​..
 -- Fichier Fermé --
 

 Clé supprimée: HKLM\Software\Classes\CLSID\{4​74597C5-AB09-49d6-A4D5-2E8D734​1384E}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{474597C5-AB09-49d6-A4​D5-2E8D7341384E}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{47​4597C5-AB09-49d6-A4D5-2E8D7341​384E}
 Clé supprimée: HKLM\Software\Classes\CLSID\{A​BB49B3B-AB7D-4ED0-9135-93FD5AA​4F69F}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{ABB49B3B-AB7D-4ED0-91​35-93FD5AA4F69F}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{AB​B49B3B-AB7D-4ED0-9135-93FD5AA4​F69F}
 Clé supprimée: HKLM\Software\Classes\CLSID\{C​B0D163C-E9F4-4236-9496-0597E24​B23A5}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{CB0D163C-E9F4-4236-94​96-0597E24B23A5}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{CB​0D163C-E9F4-4236-9496-0597E24B​23A5}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{EC1A2105-5621-440F-987D-27E​F428131D9}
 Clé supprimée: HKLM\Software\Classes\TypeLib\​{A147AA03-820F-4A0F-9F34-D6CB4​004A2F9}
 Clé supprimée: HKLM\Software\Classes\TypeLib\​{AD76633E-E50D-4844-9E7F-4DFBC​7C18467}
 Clé supprimée: HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Uninstall\eeo​wg
 Clé supprimée: HKLM\Software\Classes\EoEngine​BHO.EOBHO
 Clé supprimée: HKLM\Software\Classes\EoEngine​BHO.EOBHO.1
 Clé supprimée: HKLM\Software\Classes\iMeshIEH​elper.DNSGuard
 Clé supprimée: HKLM\Software\Classes\iMeshIEH​elper.DNSGuard.1
 Clé supprimée: HKLM\Software\Classes\Oberontb​.Band
 Clé supprimée: HKLM\Software\Classes\Oberontb​.Band.1
 Clé supprimée: HKLM\Software\Classes\oberontb​.GamesBarBHO
 Clé supprimée: HKLM\Software\Classes\oberontb​.GamesBarBHO.1
 Clé supprimée: HKLM\Software\Classes\AppID\Eo​EngineBHO.DLL
 Clé supprimée: HKLM\Software\Classes\AppID\{A​FBB7970-789A-4264-BA70-E8127DE​CE400}
 Clé supprimée: HKLM\Software\AskBarDis
 Clé supprimée: HKLM\Software\DataMngr
 Clé supprimée: HKLM\Software\GamesBar
 Clé supprimée: HKLM\Software\GamesBarSetup
 Clé supprimée: HKLM\Software\PopCap
 Clé supprimée: HKLM\Software\Trymedia Systems
 Clé supprimée: HKCU\Software\ItsLabel
 Clé supprimée: HKCU\Software\DataMngr
 Clé supprimée: HKCU\Software\FunWebProducts
 Clé supprimée: HKCU\Software\GamesBar
 Clé supprimée: HKCU\Software\iMesh
 Clé supprimée: HKCU\Software\PopCap
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Explorer\Menu​Order\Start Menu2\Programs\GamesBar
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Explorer\Menu​Order\Start Menu2\Programs\iMesh
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{9BB47C1​7-9C68-4BB3-B188-DD9AF0FD2A59}
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{BAEA7D4​B-8303-467C-AC92-F361C8F4DF1C}
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{CF73980​9-1C6C-47C0-85B9-569DBB141420}
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\SearchScopes\{9BB47C1​7-9C68-4BB3-B188-DD9AF0FD2A59}
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\SearchScopes\{CF73980​9-1C6C-47C0-85B9-569DBB141420}
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{28D356​20-51D9-11DE-9D13-2DB156D89593​}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{83​FA27D5-25B5-4D24-B796-DF742F08​A5CF}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{CF​A9C824-A778-47EB-90CD-BB4DB82C​F348}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\Gam​esbar
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\iMe​sh MediaBar
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\MenuExt\&Search
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{1A​0AADCD-3A72-4B5F-900F-E3BB5A83​8E2A}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{1A​93C934-025B-4C3A-B38E-9654A700​3239}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{6F​282B65-56BF-4BD1-A8B2-A4449A05​863D}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{BC​4FFE41-DE9F-46fa-B455-AAD49B9F​9938}
 Clé supprimée: HKLM\Software\Classes\Applicat​ions\iMesh.exe
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Extensions\{1a93c934-​025b-4c3a-b38e-9654a7003239}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\App Paths\OBget.exe

 Valeur supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Run|DataMngr
 Valeur supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Toolbar|{ABB49B3B-AB7​D-4ED0-9135-93FD5AA4F69F}
 Valeur supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Toolbar|{6F282B65-56B​F-4BD1-A8B2-A4449A05863D}


 ============== SCAN ADDITIONNEL ==============

 ** Mozilla Firefox Version [3.6.13 (fr)] **

 -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\FireFox\Profiles\​jmbytaou.default\Prefs.js --
 browser.search.defaultenginena​me, iMesh Web Search
 browser.search.selectedEngine, iMesh Web Search
 browser.startup.homepage, hxxp://search.imesh.com/
 browser.startup.homepage_overr​ide.mstone, rv:1.9.2.13
 keyword.URL, hxxp://search.imesh.com/web?sr​c=ffb&systemid=1&q=

 ==============================​==========

 ** Internet Explorer Version [7.0.5730.13] **

 [HKCU\Software\Microsoft\Intern​et Explorer\Main]
 Default_Page_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&pver=6&ar=ms​nhome
 Default_Search_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Do404Search: 0x01000000
 Enable Browser Extensions: yes
 Local Page: C:\WINDOWS\system32\blank.htm
 Search bar: hxxp://go.microsoft.com/fwlink​/?linkid=54896
 Show_ToolBar: yes
 Start Page: hxxp://fr.msn.com/
 Use Search Asst: no

 [HKLM\Software\Microsoft\Intern​et Explorer\Main]
 Default_Page_URL: hxxp://go.microsoft.com/fwlink​/?LinkId=54896
 Default_Search_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Delete_Temp_Files_On_Exit: yes
 Local Page: C:\WINDOWS\system32\blank.htm
 Search bar: hxxp://search.msn.com/spbasic.​htm
 Search Page: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Start Page: hxxp://fr.msn.com/

 [HKLM\Software\Microsoft\Intern​et Explorer\ABOUTURLS]
 Tabs: res://ieframe.dll/tabswelcome.​htm
 Blank: res://mshtml.dll/blank.htm

 ==============================​==========

 C:\Program Files\Ad-Remover\Quarantine: 1507 Fichier(s)
 C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

 C:\Ad-Report-CLEAN[1].txt - 12/01/2011 (8151 Octet(s))

 Fin à: 10:47:43, 12/01/2011
 
 ============== E.O.F ==============

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 13/01/2011 à 04:52:06  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

 - Quitte les applications en cours afin de ne pas interrompre le scan.
 - Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
 Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
 - Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport minimal". Fais de même avec "Tous les utilisateurs" à coté.
 - Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

 Ne modifie pas les autres paramètres !

 Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

 netsvcs
 %SYSTEMDRIVE%\*.*
 %SYSTEMDRIVE%\*.exe
 %PROGRAMFILES%\*.*
 %PROGRAMFILES%\*.
 /md5start
 hidserv.dll
 appmgmts.dll
 eventlog.dll
 winlogon.exe
 scecli.dll
 netlogon.dll
 cngaudit.dll
 sceclt.dll
 ntelogon.dll
 logevent.dll
 iaStor.sys
 nvstor.sys
 atapi.sys
 IdeChnDr.sys
 viasraid.sys
 AGP440.sys
 vaxscsi.sys
 nvatabus.sys
 viamraid.sys
 wininet.dll
 wininit.exe
 nvata.sys
 nvgts.sys
 iastorv.sys
 ViPrt.sys
 eNetHook.dll
 explorer.exe
 svchost.exe
 userinit.exe
 qmgr.dll
 ws2_32.dll
 proquota.exe
 imm32.dll
 kernel32.dll
 ndis.sys
 autochk.exe
 spoolsv.exe
 xmlprov.dll
 ntmssvc.dll
 mswsock.dll
 Beep.SYS
 ntfs.sys
 termsrv.dll
 sfcfiles.dll
 st3shark.sys
 winlogon.exe
 /md5stop
 %systemroot%\*. /mp /s
 %systemroot%\system32\*.dll /lockedfiles
 %systemroot%\Tasks\*.job /lockedfiles
 %systemroot%\system32\drivers\​*.sys /lockedfiles
 %systemroot%\System32\config\*​.sav
 c:\$recycle.bin\*.* /s


 - Clique sur le bouton Analyse.
 - Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

 Utilise cjoint.com pour poster en lien ton rapport :
 http://cjoint.com/

 - Clique sur Parcourir pour aller chercher le rapport
 - Clique sur Ouvrir ensuite sur Créer le lien Cjoint

 - Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 13/01/2011 à 11:25:57  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour,
 comme demandé je te joint le rapport :Internet Explorer (Version = 7.0.5730.13)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 767,00 Mb Total Physical Memory | 274,00 Mb Available Physical Memory | 36,00% Memory free
 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
 Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 71,36 Gb Total Space | 14,63 Gb Free Space | 20,51% Space Free | Partition Type: NTFS
 Drive D: | 71,82 Gb Total Space | 25,96 Gb Free Space | 36,14% Space Free | Partition Type: FAT32
 
 Computer Name: ACER-7989E0343A | User Name: annie turpin | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - [2011/01/13 09:51:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\annie turpin\Mes documents\Téléchargements\OTL(​2).exe
 PRC - [2010/12/11 12:28:29 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
 PRC - [2010/12/11 12:28:27 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
 PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 PRC - [2010/09/01 17:03:18 | 004,739,312 | ---- | M] (UpdateStar GmbH) -- C:\Documents and Settings\annie turpin\Application Data\UpdateStar\UpdateStar.exe
 PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
 PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
 PRC - [2008/07/06 11:32:14 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetI​M.exe
 PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 PRC - [2007/04/04 18:35:58 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 PRC - [2007/03/13 08:49:16 | 000,569,344 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe
 PRC - [2006/06/01 17:51:32 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Launcher.exe
 PRC - [2006/05/11 15:22:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 PRC - [2006/02/17 14:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
 PRC - [2005/11/16 19:25:14 | 000,745,472 | ---- | M] (X-Micro Technology Corp.) -- C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
 
 
 ========== Modules (SafeList) ==========
 
 MOD - [2011/01/13 09:51:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\annie turpin\Mes documents\Téléchargements\OTL(​2).exe
 MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsof​t.Windows.Common-Controls_6595​b64144ccf1df_6.0.2600.6028_x-w​w_61e65202\comctl32.dll
 MOD - [2008/07/06 11:31:44 | 000,022,328 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\mgAdap​tersProxy.dll
 MOD - [2006/07/11 17:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\SweetIM\Messenger\msvcr7​1.dll
 MOD - [2006/05/03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.d​ll
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dl​l -- (HidServ)
 SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
 SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
 SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
 SRV - [2010/08/29 16:33:11 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
 SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
 SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
 SRV - [2007/08/09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.e​xe -- (Pml Driver HPZ12)
 SRV - [2006/05/11 15:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe -- (AcerMemUsageCheckService)
 SRV - [2006/02/17 14:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
 SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe -- (IDriverT)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbser6k.sys -- (ZTEusbser6k)
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbnmea.sys -- (ZTEusbnmea)
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbmdm6k.sys -- (ZTEusbmdm6k)
 DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\as​wTdi.sys -- (aswTdi)
 DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\as​wSP.sys -- (aswSP)
 DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\as​wRdr.sys -- (aswRdr)
 DRV - [2010/09/07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\as​wmon2.sys -- (aswMon2)
 DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\as​wFsBlk.sys -- (aswFsBlk)
 DRV - [2010/09/07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aa​vmker4.sys -- (Aavmker4)
 DRV - [2009/11/05 18:30:19 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AF​S2K.SYS -- (AFS2K)
 DRV - [2009/08/05 21:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fs​sfltr_tdi.sys -- (fssfltr)
 DRV - [2008/06/09 18:38:30 | 000,114,496 | ---- | M] (Protection Technology Co.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pr​odrv04.sys -- (prodrv04)
 DRV - [2008/04/13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nw​lnkipx.sys -- (NwlnkIpx)
 DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\us​baudio.sys -- (usbaudio) Pilote USB audio (WDM)
 DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hd​audbus.sys -- (HDAudBus)
 DRV - [2008/02/13 15:37:46 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
 DRV - [2007/07/05 06:44:08 | 009,607,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sn​p2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
 DRV - [2007/04/28 17:08:27 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hw​psgt.sys -- (hwpsgt)
 DRV - [2007/04/28 17:08:27 | 000,009,472 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\le​msgt.sys -- (lemsgt)
 DRV - [2006/12/07 14:56:02 | 000,015,104 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ar​cSoftVirtualCapture.sys -- (ARCSOFTVIRTUALCAPTURE)
 DRV - [2006/08/11 18:52:28 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NT​IDrvr.sys -- (NTIDrvr)
 DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\St​arOpen.sys -- (StarOpen)
 DRV - [2006/07/11 23:19:00 | 003,934,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv​4_mini.sys -- (nv)
 DRV - [2006/06/29 09:53:00 | 000,244,864 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk​51x86.sys -- (yukonwxp)
 DRV - [2006/06/28 18:39:02 | 000,089,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv​raid.sys -- (nvraid) NVIDIA nForce(tm)
 DRV - [2006/06/28 18:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv​atabus.sys -- (nvatabus)
 DRV - [2006/06/18 22:40:44 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Am​dK8.sys -- (AmdK8)
 DRV - [2006/06/05 21:09:26 | 004,284,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rt​kHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
 DRV - [2006/04/07 20:17:34 | 000,012,288 | ---- | M] (HiTRUST) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ps​dfilter.sys -- (psdfilter)
 DRV - [2006/03/08 17:10:52 | 000,060,416 | ---- | M] (HiTRUST) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ps​dvdisk.sys -- (psdvdisk)
 DRV - [2005/11/14 07:19:28 | 000,027,264 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sa​iU5F0D.sys -- (SaiU5F0D)
 DRV - [2005/11/14 07:19:26 | 000,176,640 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sa​iH5F0D.sys -- (SaiH5F0D)
 DRV - [2005/11/04 02:14:22 | 000,033,408 | ---- | M] (IC Plus Corp.                                                                                                    ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip​gdnd51.sys -- (ipgd)
 DRV - [2005/10/28 10:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD​1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
 DRV - [2005/10/04 14:38:24 | 000,280,064 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD​1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
 DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\af​c.sys -- (Afc)
 DRV - [2005/01/13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
 DRV - [2004/10/25 12:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZD​PSp50.sys -- (ZDPSp50)
 DRV - [2004/08/10 21:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nw​lnknb.sys -- (NwlnkNb)
 DRV - [2004/08/10 21:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nw​lnkspx.sys -- (NwlnkSpx)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = %SystemRoot%\system32\blank.ht​m
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Secondary Start Pages = http://www.live.com/ [binary data]
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Secondar​y_Page_URL = http://www.live.com/ [binary data]
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchMigratedDe​faultName = Live Search
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchMigratedDe​faultURL = http://search.live.com/results [...] r:source?}
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Search,Default_Search​_URL = http://www.google.com/ie
 IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
 IE - HKCU\..\URLSearchHook: 95B187DB-43C8-4AC7-AF7F-C93B79​D21F1A} - Reg Error: Key error. File not found
 IE - HKCU\..\URLSearchHook: EEE6C35D-6118-11DC-9C72-001320​C79847} - Reg Error: Key error. File not found
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.search.defau​ltenginename: "iMesh Web Search"
 FF - prefs.js..browser.search.defau​ltthis.engineName: "Radio Bar 2 Customized Web Search"
 FF - prefs.js..browser.search.order​.1: "iMesh Web Search"
 FF - prefs.js..browser.search.selec​tedEngine: "iMesh Web Search"
 FF - prefs.js..browser.search.useDB​ForOrder: true
 FF - prefs.js..browser.startup.home​page: "http://www.google.fr/\r"
 FF - prefs.js..extensions.enabledIt​ems: {95f24680-9e31-11da-a746-08002​00c9a66}:0.1.5.5
 FF - prefs.js..extensions.enabledIt​ems: {d10d0bf8-f5b5-c8b4-a8b2-2b987​9e08c5d}:1.3.3
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20
 FF - prefs.js..extensions.enabledIt​ems: jqs@sun.com:1.0
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA}:6.0.21
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0023-ABCDE​FFEDCBA}:6.0.23
 FF - prefs.js..keyword.URL: "http://search.imesh.com/web?s​rc=ffb&systemid=1&q="
 FF - prefs.js..network.proxy.no_pro​xies_on: "localhost,127.0.0.1"
 
 
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/12 10:47:23 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/19 11:13:20 | 000,000,000 | ---D | M]
 
 [2010/10/23 23:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Extensions
 [2011/01/12 16:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions
 [2010/07/16 17:04:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{2​0a82645-c095-46ed-80e3-0882576​0534b}
 [2010/07/06 18:18:17 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}
 [2010/07/16 17:20:15 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{9​5f24680-9e31-11da-a746-0800200​c9a66}
 [2011/01/06 23:19:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{d​10d0bf8-f5b5-c8b4-a8b2-2b9879e​08c5d}
 [2010/07/06 18:18:18 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\{E​EE6C361-6118-11DC-9C72-001320C​79847}
 [2008/12/18 17:31:55 | 000,000,000 | ---D | M] (Oberon Game Host) -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\extensions\Ob​eronGameHost@OberonGames.com
 [2010/07/06 16:06:32 | 000,001,820 | ---- | M] () -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\searchplugins​\bing.xml
 [2007/06/20 16:24:42 | 000,001,830 | ---- | M] () -- C:\Documents and Settings\annie turpin\Application Data\Mozilla\Firefox\Profiles\​jmbytaou.default\searchplugins​\LiveSearch.xml
 [2011/01/12 16:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 [2010/09/06 00:14:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0​016-0000-0020-ABCDEFFEDCBA}
 [2010/09/08 09:10:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0​016-0000-0021-ABCDEFFEDCBA}
 [2011/01/11 12:49:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0​016-0000-0023-ABCDEFFEDCBA}
 [2010/09/06 00:14:47 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS​\FF
 [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.​dll
 [2007/12/19 13:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadget​PluginFirefoxWin.dll
 [2009/10/26 15:53:52 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamespl​ayer.dll
 [2010/06/26 08:59:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-f​rance.xml
 [2010/06/26 08:59:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2010/06/26 08:59:00 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-fra​nce.xml
 [2010/06/26 08:59:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedi​a-fr.xml
 [2010/06/26 08:59:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: ([2008/03/02 23:46:01 | 000,000,687 | ---- | M]) - C:\WINDOWS\system32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1 localhost
 O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll (Adobe Systems Incorporated)
 O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E​497C8C0} - No CLSID value found.
 O2 - BHO: (no name) - {4322A444-92F8-4C3E-BD4C-013BA​51E2871} - No CLSID value found.
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - No CLSID value found.
 O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
 O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.6.5612.1312\swg.dll (Google Inc.)
 O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKLM\..\Toolbar: (no name) - {4322A444-92F8-4C3E-BD4C-013BA​51E2871} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\WINDOWS\system32\eDStoolbar​.dll (HiTRUST)
 O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB​0476E29} - C:\WINDOWS\system32\eDStoolbar​.dll (HiTRUST)
 O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
 O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-00132​0C79847} - C:\Program Files\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe (Adobe Systems Incorporated)
 O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
 O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIV​ERS\W32X86\3\E_FATIACE.EXE File not found
 O4 - HKLM..\Run: [InternetDownload_upgrade] C:\Program Files\VersalSoft\InternetDownl​oad\InternetDownload.exe (TODO: <Company name> )
 O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe (Ahead Software Gmbh)
 O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
 O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
 O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
 O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetI​M.exe (SweetIM Technologies Ltd.)
 O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe (Google Inc.)
 O4 - HKCU..\Run: [UpdateStar] C:\Documents and Settings\annie turpin\Application Data\UpdateStar\UpdateStar.exe (UpdateStar GmbH)
 O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Launcher.exe (Acer Inc.)
 O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe (X-Micro Technology Corp.)
 O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe File not found
 O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\​Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: HonorAutoRunSetting = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoCDBurning = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveTypeAutoRun = 255
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Ro​yale\Royale.msstyles (Microsoft)
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: InstallTheme = C:\WINDOWS\Resources\Themes\Ro​yale.theme ()
 O7 - HKCU\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveTypeAutoRun = 255
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.sc​r (Google Inc.)
 O8 - Extra context menu item: Download by VersalSoft Internet Download - C:\Program Files\VersalSoft\InternetDownl​oad\adddownload.htm ()
 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000004 [] - C:\WINDOWS\system32\nwprovau.d​ll (Microsoft Corporation)
 O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_23)
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} http://messenger.zone.msn.com/ [...] b56907.cab (MessengerStatsClient Class)
 O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDE​FFEDCBA} http://java.sun.com/update/1.5 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDE​FFEDCBA} http://java.sun.com/update/1.5 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_23)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_23)
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} http://download.macromedia.com [...] wflash.cab (Shockwave Flash Object)
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} http://platformdl.adobe.com/NO [...] 1.6/gp.cab (Reg Error: Key error.)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Handler\http\0x000000​01 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\https\0x00000​001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\ipp\0x0000000​1 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\0x000​00001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
 O24 - Desktop WallPaper: C:\Documents and Settings\annie turpin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
 O24 - Desktop BackupWallPaper: C:\Documents and Settings\annie turpin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
 O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.d​ll (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/08/11 18:52:52 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
 O33 - MountPoints2\{0c1e2aac-965b-11​de-a2ce-0019215357f5}\Shell - "" = AutoRun
 O33 - MountPoints2\{0c1e2aac-965b-11​de-a2ce-0019215357f5}\Shell\Au​toRun\command - "" = J:\autorunner.exe www.CCE-ADECCO.com -- File not found
 O33 - MountPoints2\{4a4142e0-f7f6-11​de-a349-0019215357f5}\Shell - "" = AutoRun
 O33 - MountPoints2\{cf760e4e-173d-11​df-a373-0019215357f5}\Shell - "" = AutoRun
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: 6to4 -  File not found
 NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dl​l File not found
 NetSvcs: Ias -  File not found
 NetSvcs: Iprip -  File not found
 NetSvcs: Irmon -  File not found
 NetSvcs: WmdmPmSp -  File not found
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/01/12 10:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
 [2011/01/11 16:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
 [2011/01/11 16:13:10 | 000,000,000 | ---D | C] -- C:\rsit
 [2011/01/11 12:49:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
 [2011/01/11 12:49:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
 [2011/01/11 12:49:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
 [2011/01/04 22:15:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\SevenSails
 [2011/01/02 18:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\quickclick
 [2010/12/29 16:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.FR
 [2010/12/20 18:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\Mutant Arcade
 [2010/12/20 17:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\SunRay Games
 [2010/12/18 16:21:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\Ten Heavens
 [2010/12/18 16:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\PlayPond
 [2010/12/18 15:39:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\Freeze Tag
 [2010/12/18 14:38:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\annie turpin\Application Data\Boolat Games
 [2010/12/18 12:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\The Sultan's Labyrinth - Le Sacrifice de Bahar
 [2010/12/18 12:12:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\The Sultan's Labyrinth - Le Sacrifice de Bahar
 [2010/12/18 11:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Victorian Mysteries - La Femme en Blanc
 [2010/12/18 11:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Victorian Mysteries - La Femme en Blanc
 [2010/12/18 11:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Skymist - Les Pierres Mystiques
 [2010/12/18 11:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skymist - Les Pierres Mystiques
 [2010/12/18 11:36:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Tornado - Le Secret de la Grotte Magique
 [2010/12/18 11:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\Tornado - Le Secret de la Grotte Magique
 [2010/12/18 11:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Twisted Lands - Lile Fantome
 [2010/12/18 11:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Twisted Lands - Lile Fantome
 [2010/12/18 11:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mystic Diary - LIle Hantee
 [2010/12/18 11:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mystic Diary - LIle Hantee
 [2010/12/18 11:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mystery Legends - The Phantom of the Opera Edition Collector
 [2010/12/18 11:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mystery Legends - The Phantom of the Opera Edition Collector
 [2010/12/18 11:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\Le Retour de Monte Cristo
 [2010/12/18 11:20:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Le Retour de Monte Cristo
 [2010/12/18 11:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\Escape from Frankensteins Castle
 [2010/12/18 11:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Escape from Frankensteins Castle
 [2010/12/18 11:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector
 [2010/12/18 11:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector
 [2010/12/18 11:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Tales - Le Chat Noir Edgar Allan Poe
 [2010/12/18 11:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dark Tales - Le Chat Noir Edgar Allan Poe
 [2010/12/18 11:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Echoes of the Past - Le Chateau des Ombres
 [2010/12/18 11:11:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Echoes of the Past - Le Chateau des Ombres
 [2010/12/15 21:48:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\n​dproxy.sys
 [2008/05/13 19:11:57 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.d​ll
 [2008/05/13 19:11:54 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.d​ll
 [2006/12/15 17:38:58 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Sh​ell32.dll
 [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2011/01/13 09:37:19 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
 [2011/01/13 09:35:46 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
 [2011/01/13 09:35:45 | 000,073,451 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
 [2011/01/13 09:34:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
 [2011/01/13 09:34:46 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
 [2011/01/12 10:45:59 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\AD-R.lnk
 [2011/01/10 12:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
 [2011/01/09 20:49:58 | 000,000,054 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
 [2011/01/08 14:45:13 | 000,000,972 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\Bejeweled 3 Deluxe.lnk
 [2011/01/02 19:10:45 | 000,000,252 | ---- | M] () -- C:\WINDOWS\CRAPETTE.JEU
 [2010/12/27 12:55:58 | 000,193,536 | ---- | M] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E​0D61DEA3FDF.ini
 [2010/12/22 22:09:04 | 000,000,299 | ---- | M] () -- C:\WINDOWS\GECKOS.INI
 [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mb​amswissarmy.sys
 [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mb​am.sys
 [2010/12/19 11:13:22 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
 [2010/12/18 20:21:22 | 000,000,980 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\Royal Trouble Deluxe.lnk
 [2010/12/18 12:12:52 | 000,001,976 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à The Sultan's Labyrinth - Le Sacrifice de Bahar.lnk
 [2010/12/18 12:12:52 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Encore plus de jeux.lnk
 [2010/12/18 11:54:26 | 000,001,853 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Victorian Mysteries - La Femme en Blanc.lnk
 [2010/12/18 11:40:54 | 000,001,076 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\Luxor Great Adventures Deluxe.lnk
 [2010/12/18 11:38:58 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Skymist - Les Pierres Mystiques.lnk
 [2010/12/18 11:37:38 | 000,001,846 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Tornado - Le Secret de la Grotte Magique.lnk
 [2010/12/18 11:36:40 | 000,001,770 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Twisted Lands - Lile Fantome.lnk
 [2010/12/18 11:26:45 | 000,001,766 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Mystic Diary - LIle Hantee.lnk
 [2010/12/18 11:26:43 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\annie turpin\Application Data\Microsoft\Internet Explorer\Quick Launch\Jewel of Atlantis.lnk
 [2010/12/18 11:24:18 | 000,002,032 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Mystery Legends - The Phantom of the Opera Edition Collector.lnk
 [2010/12/18 11:21:09 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Le Retour de Monte Cristo.lnk
 [2010/12/18 11:20:36 | 000,001,826 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Escape from Frankensteins Castle.lnk
 [2010/12/18 11:16:59 | 000,002,087 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector.lnk
 [2010/12/18 11:15:18 | 000,001,889 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Dark Tales - Le Chat Noir Edgar Allan Poe.lnk
 [2010/12/18 11:12:26 | 000,001,936 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Echoes of the Past - Le Chateau des Ombres.lnk
 [2010/12/18 10:01:00 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\avast! Antivirus.job
 [2010/12/17 21:32:02 | 000,002,145 | ---- | M] () -- C:\Documents and Settings\annie turpin\Bureau\UpdateStar.lnk
 [2010/12/17 21:32:02 | 000,002,123 | ---- | M] () -- C:\Documents and Settings\annie turpin\Application Data\Microsoft\Internet Explorer\Quick Launch\UpdateStar.lnk
 [2010/12/16 10:21:18 | 000,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.D​AT
 [2010/12/15 23:25:20 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
 [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2011/01/12 10:45:59 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\annie turpin\Bureau\AD-R.lnk
 [2011/01/08 14:45:13 | 000,000,972 | ---- | C] () -- C:\Documents and Settings\annie turpin\Bureau\Bejeweled 3 Deluxe.lnk
 [2010/12/18 20:21:22 | 000,000,980 | ---- | C] () -- C:\Documents and Settings\annie turpin\Bureau\Royal Trouble Deluxe.lnk
 [2010/12/18 12:12:52 | 000,001,976 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à The Sultan's Labyrinth - Le Sacrifice de Bahar.lnk
 [2010/12/18 12:12:52 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Encore plus de jeux.lnk
 [2010/12/18 11:54:26 | 000,001,853 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Victorian Mysteries - La Femme en Blanc.lnk
 [2010/12/18 11:38:58 | 000,001,767 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Skymist - Les Pierres Mystiques.lnk
 [2010/12/18 11:37:38 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Tornado - Le Secret de la Grotte Magique.lnk
 [2010/12/18 11:36:40 | 000,001,770 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Twisted Lands - Lile Fantome.lnk
 [2010/12/18 11:26:45 | 000,001,766 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Mystic Diary - LIle Hantee.lnk
 [2010/12/18 11:24:18 | 000,002,032 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Mystery Legends - The Phantom of the Opera Edition Collector.lnk
 [2010/12/18 11:21:09 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Le Retour de Monte Cristo.lnk
 [2010/12/18 11:20:36 | 000,001,826 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Escape from Frankensteins Castle.lnk
 [2010/12/18 11:16:59 | 000,002,087 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector.lnk
 [2010/12/18 11:15:18 | 000,001,889 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Dark Tales - Le Chat Noir Edgar Allan Poe.lnk
 [2010/12/18 11:12:26 | 000,001,936 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Jouer à Echoes of the Past - Le Chateau des Ombres.lnk
 [2010/07/29 10:43:47 | 000,003,271 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\PatchUpdate_InstantShareJ​PG.log
 [2010/07/29 10:43:47 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.​ini
 [2010/07/29 10:43:18 | 000,004,117 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\PatchUpdate_IZClosingDisc​Error.log
 [2010/07/29 10:43:18 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErr​orPatch.ini
 [2010/07/29 10:41:57 | 000,105,572 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\PatchUpdate_HP_CounterRep​ort_Update_HPSU.log
 [2010/07/29 10:41:57 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Up​date_HPSU.ini
 [2010/07/29 10:40:26 | 000,004,354 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\HPSU_48BitScanUpdate.log
 [2010/07/29 10:40:26 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdateP​atch.ini
 [2010/07/29 10:30:39 | 000,092,555 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Update_HP_RedboxHprblog_H​PSU.log
 [2010/07/29 10:30:39 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HP​SU.ini
 [2010/07/15 17:28:23 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\WebpageIcons.db
 [2010/02/27 09:39:34 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
 [2010/02/24 17:53:35 | 000,006,414 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Hewlett-PackardHP Photosmart 2570 series1267028802_PROTOCOL.log
 [2010/02/24 17:53:35 | 000,001,865 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Hewlett-PackardHP Photosmart 2570 series1267028802_UI.log
 [2010/02/24 17:53:35 | 000,000,341 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Hewlett-PackardHP Photosmart 2570 series1267028802_API.log
 [2010/02/24 17:53:35 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
 [2010/02/24 17:25:56 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.d​ll
 [2010/02/24 17:03:17 | 000,021,670 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
 [2010/02/22 18:03:49 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Acroread.ini
 [2010/02/15 20:47:47 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.s​ys
 [2010/01/25 12:24:29 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\CC660D6FB2​.sys
 [2010/01/06 23:00:05 | 000,000,067 | ---- | C] () -- C:\WINDOWS\pool.ini
 [2009/11/05 18:24:35 | 000,004,400 | ---- | C] () -- C:\WINDOWS\hpdj5600.ini
 [2009/10/05 18:44:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
 [2009/10/05 18:43:19 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\St​arOpen.sys
 [2009/06/04 14:48:54 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\yekww.exe
 [2009/05/18 14:39:00 | 000,000,282 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
 [2009/03/22 14:10:37 | 000,002,402 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\RayV_22.03.09_13-10-30.rp​rt
 [2009/03/17 10:45:50 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
 [2009/02/25 17:46:47 | 000,000,204 | ---- | C] () -- C:\WINDOWS\mb.ini
 [2008/12/20 12:53:28 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\zlibwapi.d​ll
 [2008/11/04 20:23:49 | 000,000,051 | ---- | C] () -- C:\WINDOWS\SOL.INI
 [2008/10/31 11:51:26 | 000,000,299 | ---- | C] () -- C:\WINDOWS\GECKOS.INI
 [2008/09/30 11:31:43 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\annie turpin\Application Data\Raccourci vers Flood Light Games.lnk
 [2008/09/19 22:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.d​ll
 [2008/09/19 22:54:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExt​Type.dll
 [2008/07/03 17:51:34 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
 [2008/05/13 19:11:57 | 009,607,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\sn​p2uvc.sys
 [2008/05/13 19:11:57 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sn​cduvc.sys
 [2008/05/13 19:11:57 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
 [2008/03/03 02:04:50 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
 [2008/02/02 18:13:21 | 000,000,074 | ---- | C] () -- C:\WINDOWS\Pool3DWin.ini
 [2007/10/22 15:45:30 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
 [2007/04/28 17:08:27 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\hw​psgt.sys
 [2007/04/28 17:08:27 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\le​msgt.sys
 [2007/01/07 20:24:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
 [2006/12/17 18:18:05 | 000,193,536 | ---- | C] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E​0D61DEA3FDF.ini
 [2006/12/15 17:41:25 | 000,000,294 | ---- | C] () -- C:\WINDOWS\PowerOption.ini
 [2006/12/15 17:38:58 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarL​ib.dll
 [2006/12/15 17:31:26 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\annie turpin\Local Settings\Application Data\fusioncache.dat
 [2006/08/11 18:56:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
 [2006/08/11 18:54:50 | 000,000,050 | ---- | C] () -- C:\WINDOWS\commercial.ini
 [2006/08/11 18:54:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MWLPS.dll
 [2006/08/11 18:53:12 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dl​l
 [2006/08/11 18:52:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.d​ll
 [2006/08/11 18:52:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
 [2006/08/11 18:52:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dl​l
 [2006/08/11 18:52:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.d​ll
 [2006/08/11 18:29:20 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
 [2006/07/11 23:19:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.d​ll
 [2006/07/11 23:19:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
 [2006/07/11 23:19:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
 [2006/07/11 23:19:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dl​l
 [2006/07/11 23:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dl​l
 [2006/07/11 23:19:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.d​ll
 [2006/07/11 23:19:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
 [2006/04/12 14:08:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallChe​ck.dll
 [2006/03/08 17:19:28 | 001,421,824 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
 [2006/03/08 17:11:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.d​ll
 [2005/11/10 11:27:42 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WI​NIO.sys
 [2005/10/31 03:17:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.d​ll
 [2005/10/26 07:25:28 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.in​i
 [2005/10/12 17:43:40 | 000,000,095 | ---- | C] () -- C:\WINDOWS\alaunch.ini
 [2005/08/05 14:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.d​ll
 [2005/07/12 13:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64​.DLL
 [2005/04/04 08:44:04 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Clearlnk.ini
 [2004/10/26 23:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.d​ll
 [2004/08/10 21:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.in​i
 [2004/03/23 15:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.d​ll
 [2001/12/26 14:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_​vcd.dll
 [2001/09/03 21:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
 [2001/07/30 14:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.​dll
 [2001/07/23 20:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_​MMX.dll
 [2001/07/06 15:30:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.I​NI
 [1998/10/26 23:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
 [1998/10/26 23:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.D​LL
 
 ========== Custom Scans ==========
 
 
 <  >
 
 < %SYSTEMDRIVE%\*.* >
 [2011/01/12 10:47:43 | 000,009,927 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt
 [2011/01/12 11:20:32 | 000,002,429 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt
 [2006/08/11 18:52:52 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
 [2006/12/15 17:30:36 | 000,000,221 | RHS- | M] () -- C:\boot.ini
 [2004/08/10 21:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
 [2009/10/05 18:53:18 | 000,000,074 | ---- | M] () -- C:\CMLoader.log
 [2006/08/11 18:29:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
 [2010/08/07 17:21:46 | 000,000,372 | ---- | M] () -- C:\content_update_notification​.xml
 [2011/01/13 09:34:46 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
 [2006/08/11 18:29:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
 [2008/02/28 15:59:00 | 000,000,125 | ---- | M] () -- C:\ioSpecial.ini
 [2006/08/11 18:29:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
 [2008/03/02 23:53:34 | 000,000,748 | ---- | M] () -- C:\MSNCleaner.txt
 [2004/08/10 21:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
 [2008/09/17 23:49:02 | 000,252,240 | RHS- | M] () -- C:\ntldr
 [2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
 [2011/01/13 09:34:44 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys
 [2008/07/02 15:52:49 | 000,079,500 | ---- | M] () -- C:\playground.log
 [2006/08/11 20:18:22 | 000,000,079 | ---- | M] () -- C:\preload.aaa
 [2006/08/11 18:41:40 | 000,000,499 | ---- | M] () -- C:\RHDSetup.log
 [2006/12/18 21:41:06 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
 [2010/09/26 15:15:42 | 000,005,120 | -HS- | M] () -- C:\Thumbs.db
 
 < %SYSTEMDRIVE%\*.exe >
 
 < %PROGRAMFILES%\*.* >
 
 < %PROGRAMFILES%\*. >
 [2009/03/03 13:34:46 | 000,000,000 | ---D | M] -- C:\Program Files\7 Wonders II
 [2006/09/30 07:10:20 | 000,000,000 | ---D | M] -- C:\Program Files\Acer WLAN 11g USB Dongle
 [2011/01/12 10:46:00 | 000,000,000 | ---D | M] -- C:\Program Files\Ad-Remover
 [2010/10/25 19:52:42 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
 [2010/04/21 17:04:45 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
 [2010/08/22 10:28:09 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
 [2007/04/18 18:23:05 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
 [2008/05/21 15:49:58 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
 [2010/03/27 10:09:29 | 000,000,000 | ---D | M] -- C:\Program Files\Atari
 [2009/06/08 19:40:55 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
 [2008/01/14 12:03:15 | 000,000,000 | ---D | M] -- C:\Program Files\AxBx
 [2010/12/04 18:08:17 | 000,000,000 | ---D | M] -- C:\Program Files\bfgclient
 [2010/08/29 16:22:49 | 000,000,000 | ---D | M] -- C:\Program Files\Boonty
 [2010/09/23 16:28:21 | 000,000,000 | ---D | M] -- C:\Program Files\BoontyGames
 [2008/12/04 17:59:05 | 000,000,000 | ---D | M] -- C:\Program Files\Cake Mania 2
 [2006/09/30 07:10:25 | 000,000,000 | ---D | M] -- C:\Program Files\commercial
 [2006/09/30 07:10:25 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
 [2010/12/18 11:15:18 | 000,000,000 | ---D | M] -- C:\Program Files\Dark Tales - Le Chat Noir Edgar Allan Poe
 [2010/12/18 11:16:59 | 000,000,000 | ---D | M] -- C:\Program Files\Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector
 [2008/11/01 16:58:27 | 000,000,000 | ---D | M] -- C:\Program Files\DDD Pool
 [2007/01/05 20:03:53 | 000,000,000 | ---D | M] -- C:\Program Files\DFX
 [2006/09/30 07:10:30 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
 [2008/10/25 18:00:08 | 000,000,000 | ---D | M] -- C:\Program Files\directx
 [2008/03/03 01:22:17 | 000,000,000 | ---D | M] -- C:\Program Files\Disk Investigator
 [2010/02/15 20:47:50 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
 [2010/12/18 11:12:26 | 000,000,000 | ---D | M] -- C:\Program Files\Echoes of the Past - Le Chateau des Ombres
 [2007/12/31 16:23:23 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
 [2010/11/21 19:59:48 | 000,000,000 | ---D | M] -- C:\Program Files\Emerald Tale
 [2010/08/07 17:43:45 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
 [2010/02/27 08:57:45 | 000,000,000 | ---D | M] -- C:\Program Files\epson
 [2010/12/18 11:20:36 | 000,000,000 | ---D | M] -- C:\Program Files\Escape from Frankensteins Castle
 [2011/01/12 10:47:26 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
 [2008/11/15 22:27:32 | 000,000,000 | ---D | M] -- C:\Program Files\GameHouse
 [2007/03/04 12:01:20 | 000,000,000 | ---D | M] -- C:\Program Files\Gamenext
 [2009/05/21 09:26:50 | 000,000,000 | ---D | M] -- C:\Program Files\GameSpy Arcade
 [2008/12/20 12:53:41 | 000,000,000 | ---D | M] -- C:\Program Files\GdPicture ToolKit Pro Edition
 [2007/03/23 22:32:24 | 000,000,000 | ---D | M] -- C:\Program Files\GemMasterFrench
 [2011/01/09 19:56:03 | 000,000,000 | ---D | M] -- C:\Program Files\Google
 [2007/03/28 18:43:00 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft
 [2010/04/09 10:37:36 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
 [2010/04/09 10:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\HP
 [2007/07/19 09:38:23 | 000,000,000 | ---D | M] -- C:\Program Files\IncrediMail
 [2008/10/25 18:22:19 | 000,000,000 | ---D | M] -- C:\Program Files\Infogrames
 [2011/01/13 09:40:54 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
 [2010/12/15 23:24:35 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
 [2011/01/11 12:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\Java
 [2010/11/21 17:13:17 | 000,000,000 | ---D | M] -- C:\Program Files\Jewel of Atlantis
 [2010/12/18 11:21:09 | 000,000,000 | ---D | M] -- C:\Program Files\Le Retour de Monte Cristo
 [2010/07/29 11:22:08 | 000,000,000 | ---D | M] -- C:\Program Files\Les Aventures de Robinson Crusoe
 [2009/02/25 14:53:40 | 000,000,000 | ---D | M] -- C:\Program Files\Les Tresors de l'Ile Mysterieuse
 [2009/05/22 17:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\Lost Realms - L'Heritage de la Princesse du Soleil
 [2009/02/08 12:10:45 | 000,000,000 | ---D | M] -- C:\Program Files\Lost Secrets - Bermuda Triangle
 [2008/10/01 08:58:07 | 000,000,000 | ---D | M] -- C:\Program Files\Macrogaming
 [2007/11/16 15:56:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mahjongg Artifacts Chapter 2
 [2011/01/04 18:33:47 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2007/02/01 20:52:56 | 000,000,000 | ---D | M] -- C:\Program Files\Managed DirectX (0900)
 [2008/09/30 11:44:21 | 000,000,000 | ---D | M] -- C:\Program Files\McDonaldsDragons
 [2008/09/18 00:03:23 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
 [2008/07/05 15:35:08 | 000,000,000 | ---D | M] -- C:\Program Files\Micro Application
 [2010/07/05 19:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
 [2007/05/10 22:00:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
 [2006/09/30 07:10:36 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
 [2011/01/06 22:40:01 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
 [2007/12/18 16:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
 [2010/07/05 19:30:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
 [2010/08/12 22:26:30 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
 [2010/12/11 12:28:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
 [2009/12/24 20:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\MPMAN
 [2010/07/06 13:24:35 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
 [2008/03/03 10:44:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
 [2007/11/07 21:01:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Games
 [2006/09/30 07:10:37 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
 [2008/07/22 12:33:56 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
 [2010/12/30 23:12:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Case Files - Ravenhearst
 [2009/02/08 21:10:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Legends - Sleepy Hollow
 [2010/12/18 11:24:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Legends - The Phantom of the Opera Edition Collector
 [2008/06/03 17:37:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mysteryville 2
 [2010/12/18 11:26:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mystic Diary - LIle Hantee
 [2008/09/17 23:51:20 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
 [2008/05/21 17:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\NewTech Infosystems
 [2008/06/12 15:14:19 | 000,000,000 | ---D | M] -- C:\Program Files\NRJ
 [2009/02/26 22:26:37 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
 [2006/09/30 07:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\Oca History Tool
 [2006/09/30 07:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
 [2010/07/06 15:46:33 | 000,000,000 | ---D | M] -- C:\Program Files\Opera
 [2007/03/17 18:20:13 | 000,000,000 | ---D | M] -- C:\Program Files\orange
 [2010/12/15 23:18:44 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
 [2008/05/24 09:29:34 | 000,000,000 | ---D | M] -- C:\Program Files\Philips
 [2010/09/25 10:40:50 | 000,000,000 | ---D | M] -- C:\Program Files\Photocite Collection 4
 [2010/12/29 16:48:09 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars.FR
 [2010/04/25 10:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Puzzle Mania
 [2007/04/18 18:23:42 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
 [2006/09/30 07:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
 [2010/07/06 13:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
 [2007/03/28 12:04:51 | 000,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
 [2010/03/15 12:03:22 | 000,000,000 | ---D | M] -- C:\Program Files\Registry Easy
 [2008/05/25 16:51:54 | 000,000,000 | ---D | M] -- C:\Program Files\Ricochet Infinity
 [2010/07/21 14:40:23 | 000,000,000 | ---D | M] -- C:\Program Files\Robinson Crusoe et les Pirates Maudits
 [2009/10/05 18:28:04 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
 [2006/09/30 07:11:00 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
 [2008/01/27 13:51:36 | 000,000,000 | ---D | M] -- C:\Program Files\Shareaza Applications
 [2010/12/18 11:38:58 | 000,000,000 | ---D | M] -- C:\Program Files\Skymist - Les Pierres Mystiques
 [2008/05/24 09:53:13 | 000,000,000 | ---D | M] -- C:\Program Files\Software Informer
 [2008/11/01 17:01:56 | 000,000,000 | ---D | M] -- C:\Program Files\Super Mahjong
 [2010/01/25 20:59:55 | 000,000,000 | ---D | M] -- C:\Program Files\Sweet Games
 [2008/10/01 08:55:55 | 000,000,000 | ---D | M] -- C:\Program Files\SweetIM
 [2010/12/18 12:12:52 | 000,000,000 | ---D | M] -- C:\Program Files\The Sultan's Labyrinth - Le Sacrifice de Bahar
 [2010/12/18 11:37:38 | 000,000,000 | ---D | M] -- C:\Program Files\Tornado - Le Secret de la Grotte Magique
 [2011/01/11 16:13:37 | 000,000,000 | ---D | M] -- C:\Program Files\trend micro
 [2010/12/18 11:36:41 | 000,000,000 | ---D | M] -- C:\Program Files\Twisted Lands - Lile Fantome
 [2006/08/11 18:40:40 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
 [2008/12/20 23:54:46 | 000,000,000 | ---D | M] -- C:\Program Files\Universal
 [2010/11/17 19:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\Veoh Networks
 [2008/12/20 23:54:53 | 000,000,000 | ---D | M] -- C:\Program Files\VersalSoft
 [2010/12/18 11:54:26 | 000,000,000 | ---D | M] -- C:\Program Files\Victorian Mysteries - La Femme en Blanc
 [2007/01/06 01:42:50 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
 [2007/07/27 22:14:17 | 000,000,000 | ---D | M] -- C:\Program Files\Web Media Player
 [2007/01/06 01:32:47 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
 [2010/12/13 09:54:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
 [2007/10/14 22:11:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Favorites
 [2009/02/26 19:26:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Safety Center
 [2010/07/05 19:23:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
 [2010/07/05 20:44:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
 [2008/05/10 16:38:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
 [2006/12/18 17:59:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
 [2007/04/18 18:09:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
 [2008/09/17 23:51:16 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
 [2006/09/30 07:11:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Plus
 [2006/08/11 18:28:26 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
 [2007/11/16 15:36:16 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
 [2010/03/13 11:45:10 | 000,000,000 | ---D | M] -- C:\Program Files\WMPBurn
 [2006/09/30 07:11:02 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
 [2010/10/11 09:24:20 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
 [2010/07/15 17:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\Zattoo4
 [2011/01/08 14:44:46 | 000,000,000 | ---D | M] -- C:\Program Files\Zylom Games
 
 
 < MD5 for: AGP440.SYS  >
 [2004/08/10 21:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
 [2004/08/10 21:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
 [2008/09/17 23:43:52 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
 [2008/09/17 23:43:52 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i3​86\sp3.cab:AGP440.sys
 [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F3283​34E3D7 -- C:\WINDOWS\ServicePackFiles\i3​86\agp440.sys
 [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F3283​34E3D7 -- C:\WINDOWS\system32\dllcache\a​gp440.sys
 [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F3283​34E3D7 -- C:\WINDOWS\system32\drivers\ag​p440.sys
 
 < MD5 for: APPMGMTS.DLL  >
 [2004/08/10 21:00:00 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=CE66077813D83C2D6908CDC64A​E7E55A -- C:\WINDOWS\$NtServicePackUnins​tall$\appmgmts.dll
 [2008/04/14 03:33:19 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=F36C9F78FC902C8DCE4D3B576B​B0435A -- C:\WINDOWS\ServicePackFiles\i3​86\appmgmts.dll
 [2008/04/14

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 13/01/2011 à 12:11:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour voici le deuxième rapport demandé:



 OTL Extras logfile created on: 13/01/2011 10:34:30 - Run 1
 OTL by OldTimer - Version 3.2.20.1     Folder = C:\Documents and Settings\annie turpin\Mes documents\Téléchargements
 Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 7.0.5730.13)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 767,00 Mb Total Physical Memory | 235,00 Mb Available Physical Memory | 31,00% Memory free
 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 72,00% Paging File free
 Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 71,36 Gb Total Space | 14,62 Gb Free Space | 20,49% Space Free | Partition Type: NTFS
 Drive D: | 71,82 Gb Total Space | 25,96 Gb Free Space | 36,14% Space Free | Partition Type: FAT32
 
 Computer Name: ACER-7989E0343A | User Name: annie turpin | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 
 [HKEY_CURRENT_USER\SOFTWARE\Cla​sses\<extension>]
 .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 exefile [open] -- "%1" %*
 htmlfile [edit] -- Reg Error: Key error.
 http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [Photocite Collection 4][/photo] -- "C:\Program Files\Photocite Collection 4\Photocite Collection 4\Photocite Collection 4.exe" "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "FirstRunDisabled" = 1
 "UpdatesDisableNotify" = 0
 "AntiVirusOverride" = 1
 "FirewallOverride" = 0
 "AntiVirusDisableNotify" = 0
 "FirewallDisableNotify" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\AhnlabAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\KasperskyAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SophosAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TinyFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ZoneLabsFirewall]
 
 ========== System Restore Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\SystemRestore]
 "DisableSR" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\Sr]
 "Start" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SrServi​ce]
 "Start" = 2
 
 ========== Firewall Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll\StandardProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\GloballyOpenPo​rts\List]
 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dl​l,-22004
 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dl​l,-22005
 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dl​l,-22001
 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dl​l,-22002
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "EnableFirewall" = 1
 "DoNotAllowExceptions" = 0
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\GloballyOpen​Ports\List]
 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@​xpsp2res.dll,-22008
 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@​xpsp2res.dll,-22007
 "6246:TCP" = 6246:TCP:*:Enabled:shareaza
 "6346:UDP" = 6346:UDP:*:Enabled:shaeraza
 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@x​psp2res.dll,-22004
 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@x​psp2res.dll,-22005
 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@x​psp2res.dll,-22001
 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@x​psp2res.dll,-22002
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\AuthorizedAppl​ications\List]
 "%windir%\system32\sessmgr.exe​" = %windir%\system32\sessmgr.exe:​*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*​:Enabled:iMesh -- File not found
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger -- (Microsoft Corporation)
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "%windir%\system32\sessmgr.exe​" = %windir%\system32\sessmgr.exe:​*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:E​nabled:Windows Messenger -- (Microsoft Corporation)
 "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 "C:\WINDOWS\system32\rundll32.​exe" = C:\WINDOWS\system32\rundll32.e​xe:*:Enabled:Exécuter une DLL en tant qu'application -- (Microsoft Corporation)
 "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enable​d:eMule -- (http://www.emule-project.net)
 "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:E​nabled:VLC media player -- File not found
 "C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled​:LimeWire swarmed installer -- File not found
 "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:​Enabled:LimeWire -- File not found
 "C:\Program Files\IncrediMail\bin\IMApp.ex​e" = C:\Program Files\IncrediMail\bin\IMApp.ex​e:*:Enabled:IncrediMail -- File not found
 "C:\Program Files\IncrediMail\bin\IncMail.​exe" = C:\Program Files\IncrediMail\bin\IncMail.​exe:*:Enabled:IncrediMail -- File not found
 "C:\Program Files\IncrediMail\bin\ImpCnt.e​xe" = C:\Program Files\IncrediMail\bin\ImpCnt.e​xe:*:Enabled:IncrediMail -- File not found
 "C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*​:Enabled:Magentic -- File not found
 "C:\Program Files\Magentic\bin\Magentic.ex​e" = C:\Program Files\Magentic\bin\Magentic.ex​e:*:Enabled:Magentic -- File not found
 "C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*​:Enabled:Magentic -- File not found
 "C:\Program Files\RayV\RayV\RayV.exe" = C:\Program Files\RayV\RayV\RayV.exe:*:Ena​bled:RayV -- File not found
 "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:​Firefox -- (Mozilla Corporation)
 "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersk​y Anti-Virus -- File not found
 "C:\WINDOWS\pchealth\helpctr\b​inaries\HelpCtr.exe" = C:\WINDOWS\pchealth\helpctr\bi​naries\HelpCtr.exe:*:Enabled:A​ssistance à distance - Windows Messenger et voix -- (Microsoft Corporation)
 "C:\DOCUME~1\ANNIET~1\LOCALS~1​\Temp\services.exe" = C:\DOCUME~1\ANNIET~1\LOCALS~1\​Temp\services.exe:*:Enabled:Fl​ash Media -- File not found
 "C:\Documents and Settings\annie turpin\Bureau\WLM Lite 8.5 Finale FR [www.msncreative.net].exe" = C:\Documents and Settings\annie turpin\Bureau\WLM Lite 8.5 Finale FR [www.msncreative.net].exe:*:Ena​bled:Windows Live Messenger Lite -- File not found
 "C:\WINDOWS\system32\dpvsetup.​exe" = C:\WINDOWS\system32\dpvsetup.e​xe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
 "C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:Gam​eSpy Arcade -- File not found
 "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*​:Enabled:Veoh Client -- File not found
 "C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe:*:Enabled:Veoh Web Player  -- File not found
 "E:\setup\HPZNET01.EXE" = E:\setup\HPZNET01.EXE:*:Enable​d:hpznet01.exe -- File not found
 "E:\setup\HPONICIFS01.EXE" = E:\setup\HPONICIFS01.EXE:*:Ena​bled:hponicifs01.exe -- File not found
 "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enable​d:Opera Internet Browser -- File not found
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Ena​bled:hpofxm08.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Ena​bled:hposfx08.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Ena​bled:hpqscnvw.exe -- ()
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe -- (Hewlett-Packard)
 "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enab​led:hpqcopy.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Ena​bled:hpfccopy.exe -- (Hewlett-Packard)
 "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Ena​bled:hpzwiz01.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:​Enabled:hpqphunl.exe -- ()
 "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:En​abled:hpqdia.exe -- ( )
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe -- (Hewlett-Packard Co.)
 "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Ena​bled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
 "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*​:Enabled:iMesh -- File not found
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger -- (Microsoft Corporation)
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
 
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 "{03B1B42B-F6DE-41d9-8CFF-DC44​E895C7A7}" = PhotoGallery
 "{0611BD4E-4FE4-4a62-B0C0-18A4​CC463428}" = CP_Package_Variety1
 "{09984AEC-6B9F-4ca7-B78D-CB44​D4771DA3}" = Destinations
 "{0CA6047C-D28B-4295-834A-07C5​2BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
 "{0CB98AC0-D691-4B21-AD3D-9598​2517021D}" = Acer WLAN 11g USB Dongle
 "{0CC70FEF-5068-4CD5-B4DE-86FF​D98EC929}" = Menus intelligents (Windows Live Toolbar)
 "{133742BA-6F46-4D3E-85AF-7863​1D9AD8B8}" = Installation Windows Live
 "{13AD768A-9E04-499D-AE80-967A​65DCCBA5}" = ebgcSDK
 "{15EE79F4-4ED1-4267-9B0F-3510​09325D7D}" = HP Software Update
 "{18709D89-3957-46BD-BAEB-7E16​32428C8F}" = ebgcRes
 "{18D10072035C4515918F7E37EAFA​ACFC}" = AutoUpdate
 "{1C139D7D-9FEA-468d-A9C8-2A6E​3BDE564A}" = CP_Package_Variety3
 "{1D14373E-7970-4F2F-A467-ACA4​F0EA21E3}" = Google Earth
 "{1EE04769-91C4-4A06-92B7-FCAF​E6BABDD9}" = Galerie de photos Windows Live
 "{1F1C2DFC-2D24-3E06-BCB8-7251​34ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 "{205C6BDD-7B73-42DE-8505-9A09​3F35A238}" = Outil de téléchargement Windows Live
 "{21DB3D90-D816-4092-A260-CA3F​6B55A6DD}" = Sonic_PrimoSDK
 "{22B14058-107F-4EFB-A0E4-C25C​73AE0D73}" = SA31xx Device Manager & Media Converter
 "{22B775E7-6C42-4FC5-8E10-9A5E​3257BD94}" = MSVCRT
 "{23A7B376-BBEC-4e76-BBD7-0F15​5E70D74B}" = CP_Panorama1Config
 "{26A24AE4-039D-4CA4-87B4-2F83​216020FF}" = Java(TM) 6 Update 23
 "{2CADCEAB-D5DA-44D6-B5FC-7DEE​87AB3C0C}" = Unload
 "{30C19FF2-7FBA-4d09-B9DE-1659​977F64F6}" = TrayApp
 "{3175E049-F9A9-4A3D-8F19-AC9F​B04514D1}" = Windows Live Communications Platform
 "{3248F0A8-6813-11D6-A77B-00B0​D0150060}" = J2SE Runtime Environment 5.0 Update 6
 "{3248F0A8-6813-11D6-A77B-00B0​D0150100}" = J2SE Runtime Environment 5.0 Update 10
 "{32BDCCB8-9DC8-496d-9DB1-F775​10775BDB}" = InstantShareDevices
 "{350C940c-3D7C-4EE8-BAA9-00BC​B3D54227}" = WebFldrs XP
 "{36E47DA1-10E1-45d9-8B19-14D1​9607CDCF}" = CP_CalendarTemplates1
 "{38C65D12-79E3-49C0-B211-DE3B​E0A7AB39}" = commercial
 "{39B1BD87-561E-4762-AED9-7C52​13B06C24}" = ebgcInfra
 "{3A316611-45D1-429C-AA26-B712​59C44689}" = HP Photosmart, Officejet and Deskjet 7.0.A
 "{3E386744-10FA-44b2-98C9-DF7A​270DECB3}" = HP PSC & OfficeJet 5.3.A
 "{445B183D-F4F1-45C8-B9DB-F113​55CA657B}" = Windows Live Messenger
 "{4634B21A-CC07-4396-890C-2B81​68661FEA}" = Windows Live Writer
 "{4A03706F-666A-4037-7777-5F27​48764D10}" = Java Auto Updater
 "{4AD13F68-CADA-4C6B-9759-C337​53F89908}" = Acer eDataSecurity Management
 "{4BDFD2CE-6329-42E4-9801-9B3D​1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
 "{4CD67A02-DF59-43f7-8E8F-86DC​F40543EF}" = 2570_Help
 "{50E7BB78-02B4-469a-9D8B-B2F4​2835F90E}" = ProductContextNPI
 "{53EE9E42-CECB-4C92-BF76-9CA6​5DAF8F1C}" = FullDPAppQFolder
 "{567C23E1-7580-4185-B8C2-3080​5677297C}" = NewCopy_CDA
 "{56EE8B17-8274-418d-89AC-C057​C5DB251E}" = RandMap
 "{56F8AFC3-FA98-4ff1-9673-8A02​6CBF85BE}" = WebReg
 "{5A01C58E-B0EC-49b9-AD71-7C04​68688087}" = CP_Package_Basic1
 "{5B622B7A-60FB-4630-B11D-F121​D20BCCD6}" = MarketResearch
 "{5DD76286-9BE7-4894-A990-E905​E91AC818}" = Windows Live Mail
 "{5E863175-E85D-44A6-8968-8250​7D34AE7F}" = QuickTime
 "{5F26311C-B135-4F7F-B11E-8E65​0F83651E}" = DeviceFunctionQFolder
 "{66BA8C26-AFE4-4408-807B-43E7​6B57EF53}" = SkinsHP1
 "{66E6CE0C-5A1E-430C-B40A-0C90​FF1804A8}" = eSupportQFolder
 "{6811CAA0-BF12-11D4-9EA1-0050​BAE317E1}" = PowerDVD
 "{69FDFBB6-351D-4B8C-89D8-867D​C9D0A2A4}" = Windows Media Player Firefox Plugin
 "{6BB6627C-694F-4FDC-A3E5-C7F4​BED4C724}" = DocProc
 "{6E15BEDF-7EB5-4010-998E-B430​DB4EFE45}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
 "{6F5E2F4A-377D-4700-B0E3-8F7F​7507EA15}" = CustomerResearchQFolder
 "{7057702F-6D71-4F30-8000-9E72​BC771887}" = Acer ePerformance Management
 "{7299052b-02a4-4627-81f2-1818​da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{76810709-A7D3-468D-9167-A178​0C1E766C}" = Windows Live FolderShare
 "{770657D0-A123-3C07-8E44-1C83​EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 "{786C4AD1-DCBA-49A6-B0EF-B317​A344BD66}" = Windows Live Favorites pour Windows Live Toolbar
 "{7B63B2922B174135AFC0E1377DD8​1EC2}" = DivX Pro Trial
 "{7E27304E-BAA2-4d90-A34E-7664​1FAFABB4}" = CP_AtenaShokunin1Config
 "{7F34A21F-2DEB-4598-BB19-611D​6BD24271}" = Managed DirectX (0900)
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{8A74E887-8F0F-4017-AF53-CBA4​2211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
 "{8ADFC4160D694100B5B8A22DE9DC​ABD9}" = DivX Player
 "{8E5233E1-7495-44FB-8DEB-4BE9​06D59619}" = Junk Mail filter update
 "{923A7F5A-1E8C-4FBE-8DF6-8594​0A60A79F}" = Readme
 "{95120000-00B9-0409-0000-0000​000FF1CE}" = Microsoft Application Error Reporting
 "{96163790-42E6-4A4C-9EA6-9D28​531EB887}" = Webcam 5500
 "{9941F0AA-B903-4AF4-A055-83A9​815CC011}" = Sonic Encoders
 "{9A394342-4A68-4EBA-85A6-55B5​59F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
 "{9C9CEB9D-53FD-49A7-85D2-FE67​4F72F24E}" = Microsoft Search Enhancement Pack
 "{9CD87918-F6A8-440F-BE54-E725​040B15E3}" = Super Patiences et Réussites 3
 "{9D6524E6-15CF-4852-BF70-04FE​973A3DE1}" = Windows Live Toolbar
 "{9FF9FDF7-F84A-4F99-B4BB-066B​6F95F33D}" = Windows Live Contrôle parental
 "{A195B13E-A5E3-4BAF-A995-7F70​F445CD06}" = ScannerCopy
 "{A1F66FC9-11EE-4F2F-98C9-16F8​D1E69FB7}" = Segoe UI
 "{A260B422-70E1-41E2-957D-F76F​A21266D5}" = Apple Software Update
 "{A3051CD0-2F64-3813-A88D-B8DC​CDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
 "{A425C250-A0E1-4D78-B1C1-A5CB​C7385E7C}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)
 "{A5BB5365-EFB4-44c3-A7E2-EB59​B7EFD23D}" = CueTour
 "{A693D0D0-0EF2-4D90-96AA-11CC​1A4793ED}" = UpdateStar
 "{A8D91906-4032-4443-8C49-69F9​0E38F39D}" = 2570
 "{AB5D51AE-EBC3-438D-872C-705C​7C2084B0}" = DeviceManagementQFolder
 "{AB6097D9-D722-4987-BD9E-A076​E2848EE2}" = Acer Empowering Technology
 "{AC76BA86-7AD7-1036-7B44-A940​00000001}" = Adobe Reader 9.4.1 - Français
 "{B13A7C41581B411290FBC0395694​E2A9}" = DivX Converter
 "{B376402D-58EA-45EA-BD50-DD92​4EB67A70}" = Disque de souvenirs HP
 "{B3B487E7-6171-4376-9074-B280​82CEB504}" = Windows Live Call
 "{B4D279F1-4309-49cc-A4B5-3A0D​2E59C7B5}" = PanoStandAlone
 "{B60E7826-F117-4d26-8165-D2DC​5A494AB0}" = Fax_CDA
 "{B64E3AFC-59EF-4f18-BF11-E751​462450D3}" = AiOSoftwareNPI
 "{B7050CBDB2504B34BC2A9CA0A692​CC29}" = DivX Web Player
 "{B824B5C9-849F-4b9e-9EA7-6FD8​CD8116DA}" = CP_Package_Variety2
 "{B90450DF-E781-46FD-B1F1-0C86​DA40E443}" = PIF DESIGNER
 "{BD64AF4A-8C80-4152-AD77-FCDD​F05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
 "{C09FB3CD-3D0C-3F2D-899A-6A1D​67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
 "{C514C594-23AA-4F13-A070-DB8B​DB27594F}" = Windows Live Mail
 "{C8753E28-2680-49BF-BD48-DD38​FD086EFE}" = AiO_Scan_CDA
 "{C9618743-1A5C-461E-91C4-E013​A3D70F3C}" = Adobe® Photoshop® Album Starter Edition 3.0.1
 "{CB2F7EDD-9D1F-43C1-90FC-4F52​EAE172A1}" = Microsoft .NET Framework 1.1
 "{CE2BDCB9-6FD3-41EC-B3B7-99CE​B6E44AAA}" = Jeux - 3961
 "{CE2CDD62-0124-36CA-84D3-9F4D​CF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{D3116CC7-24DC-4CA3-9CE1-23FE​D836E9F2}" = Assistant de connexion Windows Live
 "{D562E689-0ECD-4239-B1A0-3232​52893405}" = Asterix & Obelix XXL
 "{D755C7A3-C03E-4460-8C00-AC6E​55505FB5}" = LightScribe  1.4.74.1
 "{D7E7EC5E-4349-4E40-B37C-4342​188B86EC}" = Monopoly
 "{DA678E43-A888-4964-A23B-C9F1​1FEC15FF}" = La Crapette
 "{E38C00D0-A68B-4318-A8A6-F7D4​B5B1DF0E}" = Codeur Windows Media Série 9
 "{E3F90083-80D4-4b5a-87C7-E97E​12F5516D}" = HPProductAssistant
 "{E572B060-C98B-4984-A48E-E4FA​56265903}" = SA31xx Device Manager & Media Converter
 "{EA103B64-C0E4-4C0E-A506-7515​90E1653D}" = SolutionCenter
 "{EE55FD52-0D47-4c5a-96EC-48F7​0FF30520}" = 2570Trb
 "{EFFCB0F1-CFEC-48D4-B793-EBFC​AE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
 "{F0B430D1-B6AA-473D-9B06-AA3D​D01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
 "{F0E12BBA-AD66-4022-A453-A1C8​A0C4D570}" = Microsoft Choice Guard
 "{F132AF7F-7BCA-4EDE-8A7C-9581​08FE7DBC}" = Realtek High Definition Audio Driver
 "{F242B06B-517F-4D62-B654-16B1​1564A912}" = OneCare Advisor (Windows Live Toolbar)
 "{F3760724-B29D-465B-BC53-E5D7​2095BCC4}" = Scan
 "{F4C2E5F5-2970-45f4-ABD3-C180​C4D961C4}" = Status
 "{FE64AE29-0883-4C70-8388-DC02​6019C900}" = HP Image Zone Express
 "3BEF1AFDE8303306594E2ADA27520​E6E700820AE" = Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
 "Adobe Acrobat 5.0" = Adobe Acrobat 5.0
 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
 "Ad-Remover" = Ad-Remover By C_XX
 "avast5" = avast! Free Antivirus
 "Bejeweled 3 Deluxe" = Bejeweled 3 Deluxe
 "BFG-7 Wonders II" = 7 Wonders II
 "BFGC" = Big Fish Games: Game Manager
 "BFG-Dark Tales - Le Chat Noir Edgar Allan Poe" = Dark Tales: ™ Le Chat Noir Edgar Allan Poe
 "BFG-Dark Tales - Le Chat Noir par Edgar Allan Poe Edition Collector" = Dark Tales: Le Chat Noir par Edgar Allan Poe Edition Collector
 "BFG-Echoes of the Past - Le Chateau des Ombres" = Echoes of the Past: Le Château des Ombres
 "BFG-Escape from Frankensteins Castle" = Escape from Frankenstein's Castle
 "BFG-Le Retour de Monte Cristo" = Le Retour de Monte Cristo
 "BFG-Les Tresors de l'Ile Mysterieuse" = Les Tr&eacute;sors de l'Ile Myst&eacute;rieuse
 "BFG-Lost Realms - L'Heritage de la Princesse du Soleil" = Lost Realms: L'Héritage de la Princesse du Soleil
 "BFG-Lost Secrets - Bermuda Triangle" = Lost Secrets: Bermuda Triangle
 "BFG-Mystery Case Files - Ravenhearst" = Mystery Case Files: Ravenhearst ™
 "BFG-Mystery Legends - Sleepy Hollow" = Mystery Legends: Sleepy Hollow
 "BFG-Mystery Legends - The Phantom of the Opera Edition Collector" = Mystery Legends: The Phantom of the Opera Edition Collector
 "BFG-Mysteryville 2" = Mysteryville 2
 "BFG-Mystic Diary - LIle Hantee" = Mystic Diary: L'Île Hantée
 "BFG-Skymist - Les Pierres Mystiques" = Skymist: Les Pierres Mystiques
 "BFG-The Sultan's Labyrinth - Le Sacrifice de Bahar" = The Sultan's Labyrinth: Le Sacrifice de Bahar
 "BFG-Tornado - Le Secret de la Grotte Magique" = Tornado: Le Secret de la Grotte Magique
 "BFG-Twisted Lands - Lile Fantome" = Twisted Lands: L'Île Fantôme
 "BFG-Victorian Mysteries - La Femme en Blanc" = Victorian Mysteries: La Femme en Blanc
 "DDD Pool_is1" = DDD Pool
 "Disk Investigator" = Disk Investigator 1.4
 "eMule" = eMule
 "F3B506E1FDAEA4DC6669B53B2D3F0​B68FBA20C2D" = Package de pilotes Windows - AMD System  (04/06/2006 1.0.1.0)
 "GdPicture ToolKit Pro Edition_is1" = GdPicture ToolKit Pro Edition
 "Google Updater" = Outil de mise à jour Google
 "Gutterball" = Gutterball
 "HP Imaging Device Functions" = HP Imaging Device Functions 5.3
 "HP Photo & Imaging" = HP Image Zone 5.3
 "HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
 "HPExtendedCapabilities" = HP Extended Capabilities 5.3
 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
 "ie7" = Windows Internet Explorer 7
 "InstallShield_{0CB98AC0-D691-​4B21-AD3D-95982517021D}" = Acer WLAN 11g USB Dongle
 "InstallShield_{4AD13F68-CADA-​4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.3077
 "InstallShield_{D562E689-0ECD-​4239-B1A0-323252893405}" = Asterix & Obelix XXL
 "Luxor" = Luxor
 "Luxor 3_is1" = Luxor 3
 "Luxor Deluxe" = Luxor Deluxe
 "Luxor Great Adventures Deluxe" = Luxor Great Adventures Deluxe
 "Mahjongg Artifacts Chapter 2_is1" = Mahjongg Artifacts Chapter 2
 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
 "Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
 "Monopoly Here And Now" = Monopoly Here And Now
 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
 "Mysteryville Deluxe" = Mysteryville Deluxe
 "NeroMultiInstaller!UninstallK​ey" = Nero Suite
 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
 "NVIDIA Drivers" = NVIDIA Drivers
 "OcaHistoryUpd" = OCA Client history tool install
 "Photocite Collection 4" = Photocite Collection 4
 "Picasa 3" = Picasa 3
 "Puzzle Mania_is1" = Puzzle Mania
 "Ricochet Infinity_is1" = Ricochet Infinity
 "Royal Trouble Deluxe" = Royal Trouble Deluxe
 "Sally's Salon Deluxe" = Sally's Salon Deluxe
 "Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
 "Software Informer_is1" = Software Informer 1.0 BETA
 "Super Collapse! Puzzle Gallery 4" = Super Collapse! Puzzle Gallery 4
 "Super Mahjong_is1" = Super Mahjong
 "Tropix" = Tropix
 "UFileDownloadD" = Versal FileDownload ActiveX Control Trial Version
 "Web Media Player_is1" = Web Media Player 0.62e
 "WIC" = Windows Imaging Component
 "Windows Media Encoder 9" = Codeur Windows Media Série 9
 "Windows Media Format Runtime" = Windows Media Format 11 runtime
 "Windows Media Player" = Lecteur Windows Media 11
 "Windows XP Service" = Windows XP Service Pack 3
 "WinLiveSuite_Wave3" = Installation Windows Live
 "WinRAR archiver" = Archiveur WinRAR
 "WMFDist11" = Windows Media Format 11 runtime
 "wmp11" = Windows Media Player 11
 "Zuma Deluxe" = Zuma Deluxe
 
 ========== HKEY_CURRENT_USER Uninstall List ==========
 
 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Uninstall]
 "Emerald Tale" = Emerald Tale 1.01
 "Jewel of Atlantis" = Jewel of Atlantis 1.91
 "Sun Download Manager 2.0 (web)" = Sun Download Manager 2.0 (web)
 
 ========== Last 10 Event Log Errors ==========
 
 [ Antivirus Events ]
 Error - 03/11/2009 03:37:12 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 03/11/2009 03:37:12 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 03/11/2009 03:37:12 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 03/11/2009 03:37:12 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 26/01/2010 06:07:29 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 08/04/2010 05:44:09 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 27/04/2010 06:44:44 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 27/04/2010 06:44:45 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 27/04/2010 06:44:46 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 Error - 27/04/2010 06:44:48 | Computer Name = ACER-7989E0343A | Source = avast! | ID = 33554522
 Description =
 
 [ Application Events ]
 Error - 09/01/2011 14:23:14 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: DocumentViewer -- Error 1706.No valid source could be found
 for product DocumentViewer.  The Windows Installer cannot continue.
 
 Error - 09/01/2011 14:43:02 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 10/01/2011 06:10:32 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 11/01/2011 06:11:46 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 05:11:38 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 05:55:22 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 06:16:15 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 06:27:41 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 12/01/2011 06:27:51 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 Error - 13/01/2011 04:38:47 | Computer Name = ACER-7989E0343A | Source = MsiInstaller | ID = 11706
 Description = Product: PhotoGallery -- Error 1706.No valid source could be found
 for product PhotoGallery.  The Windows Installer cannot continue.
 
 [ System Events ]
 Error - 06/01/2011 17:40:45 | Computer Name = ACER-7989E0343A | Source = Service Control Manager | ID = 7026
 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
 charger :   nvatabus  nvraid
 
 Error - 06/01/2011 17:40:49 | Computer Name = ACER-7989E0343A | Source = RemoteAccess | ID = 20106
 Description = Impossible d'ajouter l'interface {E3B0C7F7-976F-4958-B8F8-ADAFD​53426B8}
 avec le Gestionnaire de routage pour le protocole IP.  L'erreur suivante s'est produite
 : Impossible d'accomplir cette fonction.  
 
 Error - 07/01/2011 06:45:45 | Computer Name = ACER-7989E0343A | Source = RemoteAccess | ID = 20106
 Description = Impossible d'ajouter l'interface {E3B0C7F7-976F-4958-B8F8-ADAFD​53426B8}
 avec le Gestionnaire de routage pour le protocole IP.  L'erreur suivante s'est produite
 : Impossible d'accomplir cette fonction.  
 
 
 < End of report >

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 14/01/2011 à 04:06:04  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Télécharge SystemLook sur ton Bureau :
 http://jpshortstuff.247fixes.com/SystemLook.exe

 - Double-clique sur SystemLook.exe pour le lancer.

 - Copie le contenu du cadre ci-dessous et colle-le dans la zone texte de SystemLook :
 



 :filefind
 hidserv.dll



 - Clique sur le bouton Look pour démarrer l'examen.
 - A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 14/01/2011 à 13:25:19  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour, je t'envois le rapport demandé; merci

 SystemLook 04.09.10 by jpshortstuff
 Log created at 11:00 on 14/01/2011 by annie turpin
 Administrator - Elevation successful

 ========== filefind ==========

 Searching for "hidserv.dll"
 C:\WINDOWS\ServicePackFiles\i3​86\hidserv.dll -----c- 21504 bytes [14:40 17/09/2008] [02:33 14/04/2008] A3B9B4A68BC839CE5A264D59080922​61

 -= EOF =-

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 15/01/2011 à 21:22:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Tu peux désinstaller ces deux toolbar :
 SweetIM Toolbar
 Windows Live Toolbar


 Double clic sur OTL.exe pour le lancer.
 (Vista/Seven --> Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

 * Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

 



:Processes
 explorer.exe

 :Reg
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "C:\StubInstaller.exe" =-
 "C:\Program Files\LimeWire\LimeWire.exe" =-
 "C:\Program Files\IncrediMail\bin\IMApp.ex​e" =-
 "C:\Program Files\IncrediMail\bin\IncMail.​exe" =-
 "C:\Program Files\IncrediMail\bin\ImpCnt.e​xe" =-
 "C:\Program Files\Magentic\bin\MgImp.exe" =-  
 "C:\Program Files\Magentic\bin\Magentic.ex​e" =-    
 "C:\Program Files\Magentic\bin\MgApp.exe" =-  
 "C:\Program Files\RayV\RayV\RayV.exe" =-
 "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" =-
 "C:\DOCUME~1\ANNIET~1\LOCALS~1​\Temp\services.exe" =-
 "C:\Documents and Settings\annie turpin\Bureau\WLM Lite 8.5 Finale FR [www.msncreative.net].exe" =-
 "C:\Program Files\GameSpy Arcade\Aphex.exe" =-
 "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" =-
 "C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe" =-  
 "E:\setup\HPZNET01.EXE" =-
 "E:\setup\HPONICIFS01.EXE" =-
 "C:\Program Files\Opera\opera.exe" =-
 "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" =-

 :OTL
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbser6k.sys -- (ZTEusbser6k)    
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbnmea.sys -- (ZTEusbnmea)    
 DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ZT​Eusbmdm6k.sys -- (ZTEusbmdm6k)    
 O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E​497C8C0} - No CLSID value found.    
 O2 - BHO: (no name) - {4322A444-92F8-4C3E-BD4C-013BA​51E2871} - No CLSID value found.    
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - No CLSID value found.    
 O3 - HKLM\..\Toolbar: (no name) - {4322A444-92F8-4C3E-BD4C-013BA​51E2871} - No CLSID value found.    
 O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.    
 O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDE​FFEDCBA} http://java.sun.com/update/1.5 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDE​FFEDCBA} http://java.sun.com/update/1.5 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDE​FFEDCBA} http://java.sun.com/update/1.5 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDE​FFEDCBA} http://java.sun.com/update/1.5 [...] s-i586.cab (Reg Error: Key error.)
 O33 - MountPoints2\{0c1e2aac-965b-11​de-a2ce-0019215357f5}\Shell - "" = AutoRun
 O33 - MountPoints2\{0c1e2aac-965b-11​de-a2ce-0019215357f5}\Shell\Au​toRun\command - "" = J:\autorunner.exe www.CCE-ADECCO.com -- File not found
 O33 - MountPoints2\{4a4142e0-f7f6-11​de-a349-0019215357f5}\Shell - "" = AutoRun
 O33 - MountPoints2\{cf760e4e-173d-11​df-a373-0019215357f5}\Shell - "" = AutoRun
 [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 :Files
 C:\WINDOWS\System32\hidserv.dl​l | C:\WINDOWS\ServicePackFiles\i3​86\hidserv.dll /replace

 :Commands
 [Emptytemp]





 * Clique sur " Correction " pour lancer la suppression.

 * Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

 * Au redémarrage , autorise OTL a s'exécuter.

 * Poste le rapport généré par OTL.


 -----


 Faire un scan de ce fichier yekww.exe ici :

 http://www.virustotal.com/fr/


 

  • Dans l'onglet Upload a file, clique sur Parcourir
  • Une nouvelle fenêtre va s'ouvrir, dans cette fenêtre dans le bas ou c'est marqué Nom de fichier tu copie/colle ceci :
C:\Documents and Settings\annie turpin\Local Settings\Application Data\yekww.exe

 
  • Après tu clique sur Ouvrir et sur Envoyer le fichier et attendre le résultat de l’analyse.
  • Si il te dit que le fichier a déjà été analysé, sélectionne le bouton Reanalyse.

 Attendre le résultat de l'analyse, poste le résultat au complet.
 Faire également un scan de ce fichier :
 C:\WINDOWS\System32\CC660D6FB2​.sys


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 16/01/2011 à 12:02:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le rapport:

 All processes killed
 ========== PROCESSES ==========
 No active process named explorer.exe was found!
 ========== REGISTRY ==========
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\StubInstal​ler.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\LimeWire\LimeWire.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\IncrediMail\bin\IMApp.ex​e deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\IncrediMail\bin\IncMail.​exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\IncrediMail\bin\ImpCnt.e​xe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\Magentic\bin\MgImp.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\Magentic\bin\Magentic.ex​e deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\Magentic\bin\MgApp.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\RayV\RayV\RayV.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\DOCUME~1\A​NNIET~1\LOCALS~1\Temp\services​.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Documents and Settings\annie turpin\Bureau\WLM Lite 8.5 Finale FR [www.msncreative.net].exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\GameSpy Arcade\Aphex.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\Veoh Networks\Veoh\VeohClient.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\E:\setup\HPZN​ET01.EXE deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\E:\setup\HPON​ICIFS01.EXE deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\Opera\opera.exe deleted successfully.
 Registry value HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List\\C:\Program Files\iMesh Applications\iMesh\iMesh.exe deleted successfully.
 ========== OTL ==========
 Service ZTEusbser6k stopped successfully!
 Service ZTEusbser6k deleted successfully!
 File C:\WINDOWS\System32\DRIVERS\ZT​Eusbser6k.sys not found.
 Service ZTEusbnmea stopped successfully!
 Service ZTEusbnmea deleted successfully!
 File C:\WINDOWS\System32\DRIVERS\ZT​Eusbnmea.sys not found.
 Service ZTEusbmdm6k stopped successfully!
 Service ZTEusbmdm6k deleted successfully!
 File C:\WINDOWS\System32\DRIVERS\ZT​Eusbmdm6k.sys not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A6​6E-4E65E497C8C0}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{3CA2F312-6F6E-4B5​3-A66E-4E65E497C8C0}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{4322A444-92F8-4C3E-BD​4C-013BA51E2871}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4322A444-92F8-4C3​E-BD4C-013BA51E2871}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D​64-90988571CECB}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{5C255C8A-E604-49b​4-9D64-90988571CECB}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{4322A444-92​F8-4C3E-BD4C-013BA51E2871} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4322A444-92F8-4C3​E-BD4C-013BA51E2871}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{CCC7A320-B3​CA-4199-B1A6-9F516DD69829} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CCC7A320-B3CA-419​9-B1A6-9F516DD69829}\ not found.
 Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDE​FFEDCBA}
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006​-ABCDEFFEDCBA}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CAFEEFAC-0015-000​0-0006-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_CURRENT_USER\SOFTWARE\Cla​sses\CLSID\{CAFEEFAC-0015-0000​-0006-ABCDEFFEDCBA}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000​-0006-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CAFEEFAC-0015-000​0-0006-ABCDEFFEDCBA}\ not found.
 Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDE​FFEDCBA}
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010​-ABCDEFFEDCBA}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CAFEEFAC-0015-000​0-0010-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_CURRENT_USER\SOFTWARE\Cla​sses\CLSID\{CAFEEFAC-0015-0000​-0010-ABCDEFFEDCBA}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000​-0010-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CAFEEFAC-0015-000​0-0010-ABCDEFFEDCBA}\ not found.
 Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDE​FFEDCBA}
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006​-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CAFEEFAC-0015-000​0-0006-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000​-0006-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CAFEEFAC-0015-000​0-0006-ABCDEFFEDCBA}\ not found.
 Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDE​FFEDCBA}
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010​-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CAFEEFAC-0015-000​0-0010-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000​-0010-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{CAFEEFAC-0015-000​0-0010-ABCDEFFEDCBA}\ not found.
 Registry key HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Explorer\MountPoints2\{0c1e2aa​c-965b-11de-a2ce-0019215357f5}​\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{0c1e2aac-965b-11d​e-a2ce-0019215357f5}\ not found.
 Registry key HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Explorer\MountPoints2\{0c1e2aa​c-965b-11de-a2ce-0019215357f5}​\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{0c1e2aac-965b-11d​e-a2ce-0019215357f5}\ not found.
 File J:\autorunner.exe www.CCE-ADECCO.com not found.
 Registry key HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Explorer\MountPoints2\{4a4142e​0-f7f6-11de-a349-0019215357f5}​\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4a4142e0-f7f6-11d​e-a349-0019215357f5}\ not found.
 Registry key HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Explorer\MountPoints2\{cf760e4​e-173d-11df-a373-0019215357f5}​\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{cf760e4e-173d-11d​f-a373-0019215357f5}\ not found.
 C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
 C:\WINDOWS\System32\SET11.tmp deleted successfully.
 C:\WINDOWS\System32\SET12.tmp deleted successfully.
 C:\WINDOWS\System32\SET3D7.tmp deleted successfully.
 C:\WINDOWS\System32\SET60.tmp deleted successfully.
 C:\WINDOWS\System32\SET62.tmp deleted successfully.
 C:\WINDOWS\System32\SET6E.tmp deleted successfully.
 C:\WINDOWS\003285_.tmp deleted successfully.
 C:\WINDOWS\msdownld.tmp folder deleted successfully.
 ========== FILES ==========
 File C:\WINDOWS\System32\hidserv.dl​l successfully replaced with C:\WINDOWS\ServicePackFiles\i3​86\hidserv.dll
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: Administrateur
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 32768 bytes
 ->Flash cache emptied: 75 bytes
 
 User: All Users
 
 User: annie turpin
 ->Temp folder emptied: 102235283 bytes
 ->Temporary Internet Files folder emptied: 39069486 bytes
 ->Java cache emptied: 564009 bytes
 ->FireFox cache emptied: 93191580 bytes
 ->Google Chrome cache emptied: 67303629 bytes
 ->Opera cache emptied: 3017462 bytes
 ->Flash cache emptied: 36006 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 10691580 bytes
 ->Flash cache emptied: 158 bytes
 
 User: LocalService
 ->Temp folder emptied: 115616 bytes
 ->Temporary Internet Files folder emptied: 7786168 bytes
 ->FireFox cache emptied: 4052522 bytes
 
 User: Nero
 
 User: Nero BackItUp
 
 User: Nero SoundTrax
 
 User: Nero Toolkit
 
 User: Nero Wave Editor
 
 User: NetworkService
 ->Temp folder emptied: 66016 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: WMPBurn
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\dllcache .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 1160912 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temp folder emptied: 78858240 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
 RecycleBin emptied: 7313408 bytes
 
 Total Files Cleaned = 396,00 mb
 
 
 OTL by OldTimer - Version 3.2.20.1 log created on 01162011_105345

 Files\Folders moved on Reboot...
 C:\Documents and Settings\annie turpin\Local Settings\Temporary Internet Files\Content.IE5\FQ7X0DQD\m03​03[1].htm moved successfully.
 File\Folder C:\WINDOWS\temp\_avast5_\Websh​lock.txt not found!

 Registry entries deleted on Reboot...

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 16/01/2011 à 12:28:21  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
File name:
 yekww.exe
 Submission date:
 2011-01-16 10:24:57 (UTC)
 Current status:
 queued queued analysing finished
 Result:
 5/ 43 (11.6%)
   
 VT Community

 not reviewed
 Safety score: -
 Compact
 Print results
 Antivirus  Version  Last Update  Result
 AhnLab-V3 2011.01.15.01 2011.01.15 -
 AntiVir 7.11.1.145 2011.01.15 -
 Antiy-AVL 2.0.3.7 2011.01.16 -
 Avast 4.8.1351.0 2011.01.15 -
 Avast5 5.0.677.0 2011.01.15 -
 AVG 10.0.0.1190 2011.01.16 Suspicion: unknown virus
 BitDefender 7.2 2011.01.16 -
 CAT-QuickHeal 11.00 2011.01.15 -
 ClamAV 0.96.4.0 2011.01.16 -
 Command 5.2.11.5 2011.01.15 -
 Comodo 7403 2011.01.15 Heur.Corrupt.PE
 DrWeb 5.0.2.03300 2011.01.16 -
 Emsisoft 5.1.0.1 2011.01.15 -
 eSafe 7.0.17.0 2011.01.13 -
 eTrust-Vet 36.1.8100 2011.01.14 -
 F-Prot 4.6.2.117 2011.01.15 -
 F-Secure 9.0.16160.0 2011.01.16 -
 Fortinet 4.2.254.0 2011.01.16 -
 GData 21 2011.01.16 -
 Ikarus T3.1.1.97.0 2011.01.16 -
 Jiangmin 13.0.900 2011.01.16 -
 K7AntiVirus 9.75.3548 2011.01.14 -
 Kaspersky 7.0.0.125 2011.01.16 -
 McAfee 5.400.0.1158 2011.01.16 Corrupt-AG!2C511A3687E7
 McAfee-GW-Edition 2010.1C 2011.01.16 -
 Microsoft 1.6402 2011.01.16 -
 NOD32 5790 2011.01.15 -
 Norman 6.06.12 2011.01.15 W32/Skintrim.DVYD
 nProtect 2011-01-16.01 2011.01.16 -
 Panda 10.0.2.7 2011.01.15 -
 PCTools 7.0.3.5 2011.01.16 -
 Prevx 3.0 2011.01.16 -
 Rising 22.82.05.00 2011.01.15 -
 Sophos 4.61.0 2011.01.16 -
 SUPERAntiSpyware 4.40.0.1006 2011.01.16 -
 Symantec 20101.3.0.103 2011.01.16 -
 TheHacker 6.7.0.1.115 2011.01.14 W32/Behav-Heuristic-CorruptFil​e-EP
 TrendMicro 9.120.0.1004 2011.01.16 -
 TrendMicro-HouseCall 9.120.0.1004 2011.01.16 -
 VBA32 3.12.14.2 2011.01.14 -
 VIPRE 8085 2011.01.16 -
 ViRobot 2011.1.15.4256 2011.01.15 -
 VirusBuster 13.6.148.0 2011.01.15 -
 Additional information
 Show all
 MD5   : 2c511a3687e7b70aaf3cb936315538​c7
 SHA1  : 79f58e384404c5cb9641948d02c689​6d796b64ba
 SHA256: 7cd68edf6a0b3f9f93c53e66362ba7​67f3e71402d3f9bf7f16ee41e1636b​30e4
 ssdeep: 48:a9aZrzwJLtQrb+TjqnmVig2LH20​lkIFefWnP18JqqhGC:8aZrsJLtXigO​JlkoeOPGl8C
 File size : 2528 bytes
 First seen: 2011-01-16 10:24:57
 Last seen : 2011-01-16 10:24:57
 TrID:
 Generic Win/DOS Executable (49.9%)
 DOS Executable Generic (49.8%)
 Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
 sigcheck:
 publisher....: n/a
 copyright....: n/a
 product......: n/a
 description..: n/a
 original name: n/a
 internal name: n/a
 file version.: n/a
 comments.....: n/a
 signers......: -
 signing date.: -
 verified.....: Unsigned
 PEInfo: PE structure information

 [[ basic data ]]
 entrypointaddress: 0x364F5
 timedatestamp....: 0x477BAC2F (Wed Jan 02 15:22:23 2008)
 machinetype......: 0x14c (I386)

 [[ 4 section(s) ]]
 name, viradd, virsiz, rawdsiz, ntropy, md5
 .text, 0x1000, 0x3ABB0, 0x3AC00, 6.18, cd66dd32cdcbd49e73940a891577aa​b2
 .rdata, 0x3C000, 0x97BC, 0x9800, 0.00, d41d8cd98f00b204e9800998ecf842​7e
 .data, 0x46000, 0x4A58, 0x4400, 0.00, d41d8cd98f00b204e9800998ecf842​7e
 .rsrc, 0x4B000, 0x2A0, 0x400, 0.00, d41d8cd98f00b204e9800998ecf842​7e
 ExifTool:
 file metadata
 CodeSize: 240640
 EntryPoint: 0x364f5
 FileSize: 2.5 kB
 FileType: Win32 EXE
 ImageVersion: 0.0
 InitializedDataSize: 59392
 LinkerVersion: 6.0
 MIMEType: application/octet-stream
 MachineType: Intel 386 or later, and compatibles
 OSVersion: 4.0
 PEType: PE32
 Subsystem: Windows GUI
 SubsystemVersion: 4.0
 TimeStamp: 2008:01:02 16:22:23+01:00
 UninitializedDataSize: 0
 Warning: Error processing PE data dictionary
 Symantec reputation:Suspicious.Insight

 VT Community

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 16/01/2011 à 12:34:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le dernier rapport demandé: merciFile name:
 CC660D6FB2.sys
 Submission date:
 2011-01-16 10:32:26 (UTC)
 Current status:
 queued (#9) queued analysing finished
 Result:
 0/ 43 (0.0%)
   
 VT Community

 not reviewed
 Safety score: -
 Compact
 Print results
 Antivirus  Version  Last Update  Result
 AhnLab-V3 2011.01.15.01 2011.01.15 -
 AntiVir 7.11.1.145 2011.01.15 -
 Antiy-AVL 2.0.3.7 2011.01.16 -
 Avast 4.8.1351.0 2011.01.15 -
 Avast5 5.0.677.0 2011.01.15 -
 AVG 10.0.0.1190 2011.01.16 -
 BitDefender 7.2 2011.01.16 -
 CAT-QuickHeal 11.00 2011.01.15 -
 ClamAV 0.96.4.0 2011.01.16 -
 Command 5.2.11.5 2011.01.15 -
 Comodo 7403 2011.01.15 -
 DrWeb 5.0.2.03300 2011.01.16 -
 Emsisoft 5.1.0.1 2011.01.15 -
 eSafe 7.0.17.0 2011.01.13 -
 eTrust-Vet 36.1.8100 2011.01.14 -
 F-Prot 4.6.2.117 2011.01.15 -
 F-Secure 9.0.16160.0 2011.01.16 -
 Fortinet 4.2.254.0 2011.01.16 -
 GData 21 2011.01.16 -
 Ikarus T3.1.1.97.0 2011.01.16 -
 Jiangmin 13.0.900 2011.01.16 -
 K7AntiVirus 9.75.3548 2011.01.14 -
 Kaspersky 7.0.0.125 2011.01.16 -
 McAfee 5.400.0.1158 2011.01.16 -
 McAfee-GW-Edition 2010.1C 2011.01.16 -
 Microsoft 1.6402 2011.01.16 -
 NOD32 5790 2011.01.15 -
 Norman 6.06.12 2011.01.15 -
 nProtect 2011-01-16.01 2011.01.16 -
 Panda 10.0.2.7 2011.01.15 -
 PCTools 7.0.3.5 2011.01.16 -
 Prevx 3.0 2011.01.16 -
 Rising 22.82.05.00 2011.01.15 -
 Sophos 4.61.0 2011.01.16 -
 SUPERAntiSpyware 4.40.0.1006 2011.01.16 -
 Symantec 20101.3.0.103 2011.01.16 -
 TheHacker 6.7.0.1.115 2011.01.14 -
 TrendMicro 9.120.0.1004 2011.01.16 -
 TrendMicro-HouseCall 9.120.0.1004 2011.01.16 -
 VBA32 3.12.14.2 2011.01.14 -
 VIPRE 8085 2011.01.16 -
 ViRobot 2011.1.15.4256 2011.01.15 -
 VirusBuster 13.6.148.0 2011.01.15 -
 Additional information
 Show all
 MD5   : 74d09cf9f17eaddd9e5da1fcc05547​13
 SHA1  : 2b019268178de9d54c61f667f86266​70957dc11c
 SHA256: b01028e6413dfa66084f14ef3fe0cc​d8c1060f473badd65bea5dc466c62e​99a6
 ssdeep: 3:/ldEVORh9X62:rQ2
 File size : 56 bytes
 First seen: 2011-01-16 10:32:26
 Last seen : 2011-01-16 10:32:26
 TrID:
 MS Flight Simulator Aircraft Performance Info (100.0%)
 sigcheck:
 publisher....: n/a
 copyright....: n/a
 product......: n/a
 description..: n/a
 original name: n/a
 internal name: n/a
 file version.: n/a
 comments.....: n/a
 signers......: -
 signing date.: -
 verified.....: Unsigned

 VT Community

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 16/01/2011 à 14:54:07  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Double clic sur OTL.exe pour le lancer.
 (Vista/Seven --> Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

 * Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

 



:Files
 C:\Documents and Settings\annie turpin\Local Settings\Application Data\yekww.exe

 :Commands
 [Emptytemp]





 * Clique sur " Correction " pour lancer la suppression.

 * Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

 * Au redémarrage , autorise OTL a s'exécuter.

 * Poste le rapport généré par OTL.


 -----


 On va vérifier si rien de caché :
 Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :
 http://www.eset.com/onlinescan/

 A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt

 Aide pour le scan : http://www.bibou0007.com/scans [...] -t3691.htm


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 16/01/2011 à 15:29:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le 1er rapport :merci



 All processes killed
 ========== FILES ==========
 C:\Documents and Settings\annie turpin\Local Settings\Application Data\yekww.exe moved successfully.
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: Administrateur
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: All Users
 
 User: annie turpin
 ->Temp folder emptied: 38788 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 ->Java cache emptied: 0 bytes
 ->FireFox cache emptied: 71497167 bytes
 ->Google Chrome cache emptied: 0 bytes
 ->Opera cache emptied: 0 bytes
 ->Flash cache emptied: 1033 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: LocalService
 ->Temp folder emptied: 66016 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 ->FireFox cache emptied: 0 bytes
 
 User: Nero
 
 User: Nero BackItUp
 
 User: Nero SoundTrax
 
 User: Nero Toolkit
 
 User: Nero Wave Editor
 
 User: NetworkService
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: WMPBurn
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\dllcache .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 664 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temp folder emptied: 0 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
 RecycleBin emptied: 0 bytes
 
 Total Files Cleaned = 68,00 mb
 
 
 OTL by OldTimer - Version 3.2.20.1 log created on 01162011_142123

 Files\Folders moved on Reboot...
 File move failed. C:\WINDOWS\temp\_avast5_\Websh​lock.txt scheduled to be moved on reboot.

 Registry entries deleted on Reboot...

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 16/01/2011 à 15:42:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Cela est bon  :super:


 @++   :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 16/01/2011 à 21:21:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir je n'ai aucun virus de détecté;après le scan ,on line scan merci :super:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 16/01/2011 à 21:33:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 J'ai retrouvé un lien :
 http://www.libellules.ch/opt_out.php

 Pour des raisons de sécurité et surtout pour garder ton PC propre, on va désactiver la restauration système sur tous les lecteurs :

 - Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système

 - Coche la case désactiver la restauration et applique

 Redémarre l’ordinateur et réactive la restauration système.

 Tutoriel XP :  http://www.libellules.ch/desac [...] ration.php

 Tutoriel Vista : http://www.commentcamarche.net [...] e-de-vista

 Tutoriel Seven :
 http://www.commentcamarche.net [...] -windows-7


 -----


 On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :

 http://pc-system.fr/TC/ToolsCleaner2.exe


 - Double clique sur ToolsCleaner2.exe sur le bureau
 - (Vista/Seven - Clique droit sur ToolsCleaner2.exe sur le bureau, et choisi exécuter en tant qu'administrateur)
 - Clique sur Recherche et laisse le scan agir.
 - Clique sur Suppression pour finaliser.
 - Tu peux, si tu le souhaites, te servir des Options facultatives.
 - Clique sur Quitter pour obtenir le rapport.
 - Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
 - Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.


 -----


 Important de mettre à jour Windows et tes logiciels :
 Mettre Windows(catégories critique, Services Pack et Services Release) à jour : http://www.windowsupdate.com/

 Faire un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités et mettre à jour :
 http://www.malekal.com/scan_vulnerabilite.php

 Faire un ménage des fichiers inutiles et de la base de registre :
 http://www.malekal.com/tutorial_CCleaner.html

 Dis moi quand cela est fais où si tu as des soucis et on passe à la résolution du sujet par la suite.


 @++    :)  

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/01/2011 à 18:52:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir, je te joint le rapport:merci

 [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

 --> Recherche:

 C:\MsnCleaner.txt: trouvé !
 C:\Program Files\Ad-remover: trouvé !
 C:\Program Files\Ad-Remover\Backup\Ad-R.e​xe: trouvé !
 C:\Program Files\trend micro\HijackThis.exe: trouvé !
 C:\Program Files\trend micro\hijackthis.log: trouvé !

 ------------------------------​---
 --> Suppression:

 C:\Program Files\Ad-Remover\Backup\Ad-R.e​xe: supprimé !
 C:\Program Files\trend micro\HijackThis.exe: supprimé !
 C:\MsnCleaner.txt: supprimé !
 C:\Program Files\trend micro\hijackthis.log: supprimé !
 C:\Program Files\Ad-remover: supprimé !

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/01/2011 à 20:26:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir; voila toutes les demandes se sont tres bien derouleés ;merci :super:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/01/2011 à 02:01:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 Bien de rien, je te donne quelques consignes de sécurité :

 
  • pare-feu bien paramétré, je te conseil : ZoneAlarm
  • antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
  • une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
  • pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)
Le danger des cracks !
 Les risques sécuritaires du peer-to-peer
 
  • une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
  • faire régulièrement un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php

 De bonne lecture si tu veux en savoir plus sur la sécurité et le fonctionnement de Windows :
 http://www.malekal.com/menu_windows_general.php
 http://www.malekal.com/menu_windows_securite.php

 Si tu considère ton problème comme résolu, édite http://www.01net.com/img/forum​/v6/picto_edit.gif ton premier poste et ajoute [résolu] dans le titre.

 Bonne journée/soirée et bon surf   :super:  


 @++  :)

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/01/2011 à 10:46:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour: merci beaucoup pour tout les conseils que tu ma fournis clair precis et facile d'utilisation tout les problemes sont resolus sur les deux pc merci et continuer comme ca tres bon forum amicalement DS76 :super:

ds76
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/01/2011 à 00:10:28  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
tout est  RESOLU merci

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 21/01/2011 à 01:52:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut DS76


 [:Captain MAD:3]


 [:maracudja:7]

 Page :
1  2
Dernière Page
Page Suivante
Page Précédente
Première Page

Aller à :
 

Sujets relatifs
Qu'est-ce que mc???.tmp ? [résolu]  
Plus de sujets relatifs à : Suspiçion de trojans et fenêtre intempestive[résolu]

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
onglets et page d'accueil indésirable sur firefox Résolu 28
free keys for kapersky 0
Mon compte Hotmail est vérolé [résolu] 3
[RESOLU] Alerte sonore Antivir 24
probleme de page publicitaire qui s'ouvre 15