Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Virus MSN

 

47 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
 Mot :  Pseudo :  
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Virus MSN

Prévenir les modérateurs en cas d'abus 
snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/12/2009 à 15:07:44  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut a tous !

 Voila je trouve ça assez frequent sur le net ce virus avec toujours la meme histoire mais j arrive jamais a me sortir de ce probleme :

 Ma (conne de) soeur a cliqué sur le lien qu on lui avait envoyé sur msn lui proposant des photos d elle (un .exe tu sais...)

 Donc cet executable se trouve dans ses documents et se nomme IMG55876_32.JPG-www.myspace.co​m.exe

 Donc maintenant, assez souvent quand msn est ouvert, j envoie ceci a tous mes contacts en ligne (ça me bloque aussi le pc, obligé de faire Ctrl Alt Suppr)

 foto :D http ://deimages.de.ohost.de/photo.​php?=***************

 (NB : ************ = l adresse e mail du contact ; J ai mis un espace apres http pour eviter le lien)

 Donc voilà est ce que quelqu un peut venir en aide a ma soeur et lui éviter une mort certaine si ce virus persiste ?

 Tchuss !

 snohi

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 19/12/2009 à 16:45:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Télécharge HiJackThis de Merijn sur ton bureau.

 - Double-clic sur HijackThis.
 - Génère un rapport en suivant ces indications :
 - Exécute le et clique sur Do a scan and save log file.
 - Le rapport s'ouvre sur le Bloc-Note.

 - Colle le rapport ici, pour cela :
 - Menu Edition / Selectionner Tout
 - Menu Edition / copier
 - Ici dans un nouveau message : clic droit / coller

 Aide : N'hésite pas à consulter l'aide HiJackThis.


 Cordialement.

(Publicité)
snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/12/2009 à 17:05:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci =D

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 16:05:51, on 19/12/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\wuauclt.ex​e
 C:\WINDOWS\Explorer.EXE
 C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
 C:\Program Files\Razer\Diamondback 3G\razerhid.exe
 C:\WINDOWS\vsnpstd2.exe
 C:\Program Files\Java\jre6\bin\jusched.ex​e
 C:\WINDOWS\RTHDCPL.EXE
 C:\WINDOWS\system32\RUNDLL32.E​XE
 C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Messenger\msmsgs.exe
 C:\Program Files\Razer\Diamondback 3G\razerofa.exe
 C:\WINDOWS\rndll.exe
 C:\Program Files\OrangeHSS\Launcher\Launc​her.exe
 C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\5\AlertMod​ule.exe
 C:\Program Files\OrangeHSS\systray\systra​yapp.exe
 C:\Program Files\OrangeHSS\connectivity\c​onnectivitymanager.exe
 C:\Program Files\OrangeHSS\connectivity\C​oreCom\CoreCom.exe
 C:\Program Files\OrangeHSS\connectivity\C​oreCom\OraConfigRecover.exe
 C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMMod​ule.exe
 C:\WINDOWS\system32\wuauclt.ex​e
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.gllod.com
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A8​9362C85} - C:\Program Files\OrangeHSS\SearchURLHook\​SearchPageURL.dll
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048A​E113215} - (no file)
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - (no file)
 O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F​01C5231} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - (no file)
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6​E806AA0} - (no file)
 O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - (no file)
 O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
 O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
 O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
 O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\​MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirec​tor\7.0"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
 O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager​\SessionManager.exe
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
 O4 - HKLM\..\Run: [Firevall Administrating] rndll.exe
 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\WINDOWS\system32\shdocvw.dl​l
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\WINDOWS\system32\shdocvw.dl​l
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\Office12\​REFIEBAR.DLL
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O15 - Trusted Zone: http://*.mappy.com
 O15 - Trusted Zone: http://*.orange.fr
 O15 - Trusted Zone: http://rw.search.ke.voila.fr
 O15 - Trusted Zone: http://orange.weborama.fr
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF​33E833C} (WUWebControl Class) - http://www.update.microsoft.co [...] 0371102223
 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA​91D2FC3} (MUWebControl Class) - http://update.microsoft.com/mi [...] 0372239109
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
 O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mc​shield.exe (file missing)
 O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe (file missing)
 O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (file missing)

 --
 End of file - 7987 bytes

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 19/12/2009 à 17:15:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Désactive tes logiciels de sécurité durant la procédure.
 L'antivirus McAfee est il fonctionnel ?

 1) Désinstalle les applications ci-dessous via ajout/suppression de programmes :

 Search Enhancement Pack
 AVG Anti-Spyware (il n'est plus tenu à jour)


 2) Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

 - Quitte les applications en cours afin de ne pas interrompre le scan.
 - Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche "Minimal Output". Fais de même avec "Scan All Users".
 - Coche également les cases à côté de "LOP Check" et "Purity Check".
 - Dans la zone Extra Registry, coche "Use Safelist".

 Ne modifie pas les autres paramètres !

 - Clique sur le bouton Run Scan.
 - Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

 - Copie/colle ici le contenu des deux fichiers. Utilise un message par rapport.


 Cordialement.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/12/2009 à 13:28:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Tout d abord merci de suivre mon sujet !

 McAfee n est pas fonctionnel (en tous cas pas en bas a droite a coté de l heure)

 J ai pas trouvé Search Enhancement Pack dans la liste mais AVG a bien été desinstallé


 OTL.Txt :

 OTL logfile created on: 21/12/2009 12:16:12 - Run 1
 OTL by OldTimer - Version 3.1.19.0     Folder = C:\Documents and Settings\VINZ\Bureau
 Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 6.0.2900.5512)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
 Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 232,88 Gb Total Space | 26,74 Gb Free Space | 11,48% Space Free | Partition Type: NTFS
 Drive D: | 623,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 E: Drive not present or media not loaded
 F: Drive not present or media not loaded
 G: Drive not present or media not loaded
 H: Drive not present or media not loaded
 I: Drive not present or media not loaded
 
 Computer Name: SCAMP-1
 Current User Name: VINZ
 Logged in as Administrator.
 
 Current Boot Mode: Normal
 Scan Mode: All users
 Company Name Whitelist: Off
 Skip Microsoft Files: Off
 File Age = 30 Days
 Output = Minimal
 
 ========== Processes (SafeList) ==========
 
 PRC - C:\Documents and Settings\VINZ\Bureau\OTL.exe (OldTimer Tools)
 PRC - C:\WINDOWS\rndll.exe ()
 PRC - C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.)
 PRC - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
 PRC - C:\Program Files\Java\jre6\bin\jusched.ex​e (Sun Microsystems, Inc.)
 PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
 PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 PRC - C:\Program Files\OrangeHSS\Systray\Systra​yApp.exe (France Telecom SA)
 PRC - C:\Program Files\OrangeHSS\Launcher\Launc​her.exe (France Telecom SA)
 PRC - C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe (France Telecom SA)
 PRC - C:\Program Files\OrangeHSS\Connectivity\c​orecom\OraConfigRecover.exe (France Telecom SA)
 PRC - C:\Program Files\OrangeHSS\Connectivity\c​orecom\CoreCom.exe (France Telecom SA)
 PRC - C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTCOMModule\2\FTCOMMod​ule.exe (France Telecom SA)
 PRC - C:\Program Files\Fichiers communs\France Telecom\Shared Modules\AlertModule\5\AlertMod​ule.exe (France Telecom SA)
 PRC - C:\Program Files\Razer\Diamondback 3G\razerhid.exe ()
 PRC - C:\Program Files\Razer\Diamondback 3G\razerofa.exe (Razer Inc.)
 PRC - C:\WINDOWS\vsnpstd2.exe ()
 
 
 ========== Modules (SafeList) ==========
 
 MOD - C:\Documents and Settings\VINZ\Bureau\OTL.exe (OldTimer Tools)
 MOD - C:\Program Files\OrangeHSS\Launcher\Inact​ivity.dll (France Telecom SA)
 MOD - C:\WINDOWS\system32\MSVCR71.dl​l (Microsoft Corporation)
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - (SiteAdvisor Service) --  File not found
 SRV - (SeaPort) --  File not found
 SRV - (MpfService) --  File not found
 SRV - (McSysmon) --  File not found
 SRV - (McShield) --  File not found
 SRV - (McProxy) --  File not found
 SRV - (McODS) --  File not found
 SRV - (McNASvc) --  File not found
 SRV - (mcmscsvc) --  File not found
 SRV - (maconfservice) --  File not found
 SRV - (fsssvc) --  File not found
 SRV - (ATI Smart) --  File not found
 SRV - (Ati HotKey Poller) --  File not found
 SRV - (ANIWZCSdService) --  File not found
 SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.ex​e (NVIDIA Corporation)
 SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
 SRV - (PnkBstrB) -- C:\WINDOWS\system32\PnkBstrB.e​xe ()
 SRV - (PnkBstrA) -- C:\WINDOWS\system32\PnkBstrA.e​xe ()
 SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe ()
 SRV - (vkservice) -- C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe (AxBx)
 SRV - (FTRTSVC) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
 SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
 SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1​1\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sp​td.sys ()
 DRV - (nv4) -- C:\WINDOWS\system32\drivers\nv​4_mini.sys (NVIDIA Corporation)
 DRV - (nv) -- C:\WINDOWS\system32\drivers\nv​4_mini.sys (NVIDIA Corporation)
 DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\Pn​kBstrK.sys ()
 DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rt​nicxp.sys (Realtek Semiconductor Corporation                           )
 DRV - (hamachi) -- C:\WINDOWS\system32\drivers\ha​machi.sys (LogMeIn, Inc.)
 DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\Rt​kHDAud.sys (Realtek Semiconductor Corp.)
 DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\Px​Help20.sys (Sonic Solutions)
 DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hd​audbus.sys (Windows (R) Server 2003 DDK provider)
 DRV - (nm) -- C:\WINDOWS\system32\drivers\nm​nt.sys (Microsoft Corporation)
 DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\se​cdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
 DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\pt​ilink.sys (Parallel Technologies, Inc.)
 DRV - (ROOTMODEM) -- C:\WINDOWS\system32\drivers\ro​otmdm.sys (Microsoft Corporation)
 DRV - (GcKernel) -- C:\WINDOWS\system32\drivers\Gc​Kernel.sys (Microsoft Corporation)
 DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\US​BAUDIO.sys (Microsoft Corporation)
 DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RT​L8139.sys (Realtek Semiconductor Corporation)
 DRV - (L6DP) -- C:\WINDOWS\system32\drivers\l6​dp.sys (Line 6)
 DRV - (L6TPortB) -- C:\WINDOWS\system32\drivers\L6​TPortB.sys (Line 6)
 DRV - (PCANDIS5) -- C:\WINDOWS\system32\pcandis5.s​ys (Printing Communications Assoc., Inc. (PCAUSA))
 DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\AS​ACPI.sys ()
 DRV - (snpstd2) USB PC Camera (SN9C103) -- C:\WINDOWS\system32\drivers\sn​pstd2.sys ()
 DRV - (PCAMPR5) -- C:\WINDOWS\system32\pcampr5.sy​s (Printing Communications Assoc., Inc. (PCAUSA))
 DRV - (PQNTDrv) -- C:\WINDOWS\system32\drivers\PQ​NTDRV.sys (PowerQuest Corporation)
 DRV - (HIDSwvd) -- C:\WINDOWS\system32\drivers\HI​DSwvd.sys (Microsoft Corporation)
 DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MO​DEMCSA.sys (Microsoft Corporation)
 DRV - (msloop) -- C:\WINDOWS\system32\drivers\lo​op.sys (Microsoft Corporation)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = %SystemRoot%\system32\blank.ht​m
 
 
 IE - HKU\.DEFAULT\.DEFAULT\Software​\Microsoft\Windows\CurrentVers​ion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\S-1-5-18\Software​\Microsoft\Windows\CurrentVers​ion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-19\S-1-5-19\Software​\Microsoft\Windows\CurrentVers​ion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-20\S-1-5-20\Software​\Microsoft\Windows\CurrentVers​ion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\SOFTWARE\M​icrosoft\Internet Explorer\Main,Start Page = http://www.gllod.com
 IE - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\..\URLSear​chHook: {08C06D61-F1F3-4799-86F8-BE1A8​9362C85} - C:\Program Files\OrangeHSS\SearchURLHook\​SearchPageURL.dll ()
 IE - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\S-1-5-21-7​25345543-1677128483-1417001333​-1005\Software\Microsoft\Windo​ws\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.startup.home​page: "http://www.google.fr/"
 FF - prefs.js..extensions.enabledIt​ems: {d10d0bf8-f5b5-c8b4-a8b2-2b987​9e08c5d}:1.1.2
 FF - prefs.js..extensions.enabledIt​ems: {8B72860F-C5F8-4286-865E-D2C2D​B98A9E6}:0.9.3
 FF - prefs.js..extensions.enabledIt​ems: {c0c9a2c7-2e5c-4447-bc53-97718​bc91e1b}:2.1
 FF - prefs.js..extensions.enabledIt​ems: firefoxstats@matthew.hambly:1.​2.2
 FF - prefs.js..extensions.enabledIt​ems: jqs@sun.com:1.0
 FF - prefs.js..extensions.enabledIt​ems: {46551EC9-40F0-4e47-8E18-8E5CF​550CFB8}:1.0.7
 FF - prefs.js..keyword.URL: "http://www.google.com/search?​ie=UTF-8&oe=UTF-8&sourceid=nav​client&gfns=1&q="
 
 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/18 23:11:31 | 00,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/18 21:25:01 | 00,000,000 | ---D | M]
 
 [2008/12/18 18:01:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Extensions
 [2009/12/20 18:48:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\extensions
 [2009/10/29 14:33:09 | 00,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\extensions\{4​6551EC9-40F0-4e47-8E18-8E5CF55​0CFB8}
 [2009/12/09 21:08:43 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\extensions\{8​B72860F-C5F8-4286-865E-D2C2DB9​8A9E6}
 [2009/12/09 21:08:43 | 00,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\extensions\{c​0c9a2c7-2e5c-4447-bc53-97718bc​91e1b}
 [2009/12/13 15:14:39 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\extensions\{d​10d0bf8-f5b5-c8b4-a8b2-2b9879e​08c5d}
 [2009/07/03 22:45:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\extensions\ba​ttlefieldheroespatcher@ea.com
 [2009/07/03 11:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\extensions\fi​refoxstats@matthew.hambly
 [2008/12/30 19:14:48 | 00,002,921 | ---- | M] () -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\searchplugins​\daemon-search.xml
 [2008/12/18 18:36:35 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\VINZ\Application Data\Mozilla\Firefox\Profiles\​ahtnimc9.default\searchplugins​\live-search.xml
 [2009/12/21 11:43:03 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
 [2009/06/08 14:11:01 | 00,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst​.dll
 [2009/12/18 21:24:56 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-f​rance.xml
 [2009/12/18 21:24:56 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2009/12/18 21:24:56 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-fra​nce.xml
 [2009/12/18 21:24:56 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedi​a-fr.xml
 [2009/12/18 21:24:56 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: (790 bytes) - C:\WINDOWS\system32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll (Adobe Systems Incorporated)
 O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048A​E113215} - No CLSID value found.
 O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll (Adobe Systems Incorporated)
 O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - No CLSID value found.
 O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F​01C5231} - No CLSID value found.
 O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
 O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
 O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - No CLSID value found.
 O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
 O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6​E806AA0} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - No CLSID value found.
 O3 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\..\Toolbar​\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - No CLSID value found.
 O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
 O4 - HKLM..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe ()
 O4 - HKLM..\Run: [Firevall Administrating] C:\WINDOWS\rndll.exe ()
 O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
 O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
 O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
 O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
 O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.D​LL (NVIDIA Corporation)
 O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
 O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager​\SessionManager.exe (France Telecom SA)
 O4 - HKLM..\Run: [PCTVOICE]  File not found
 O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
 O4 - HKLM..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe ()
 O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.ex​e (Sun Microsystems, Inc.)
 O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\​MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
 O4 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005..\Run: [PlayNC Launcher]  File not found
 O4 - Startup: C:\Documents and Settings\JULIE\Menu Démarrer\Programmes\Démarrage\​OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 O6 - HKLM\Software\Policies\Microso​ft\Internet Explorer\Infodelivery present
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: LinkResolveIgnoreLinkInfo = 0
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoResolveSearch = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: HonorAutoRunSetting = 1
 O7 - HKU\.DEFAULT\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-18\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-19\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-20\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - Reg Error: Key error. File not found
 O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - Reg Error: Key error. File not found
 O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
 O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
 O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
 O15 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\..Trusted Domains: mappy.com ([]http in Sites de confiance)
 O15 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\..Trusted Domains: orange.fr ([]http in Sites de confiance)
 O15 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\..Trusted Domains: voila.fr ([rw.search.ke] http in Sites de confiance)
 O15 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\..Trusted Domains: weborama.fr ([orange] http in Sites de confiance)
 O15 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\..Trusted Domains: 10 domain(s) and sub-domain(s) not assigned to a zone.
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} http://messenger.zone.msn.com/ [...] E_UNO1.cab (UnoCtrl Class)
 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF​33E833C} http://www.update.microsoft.co [...] 0371102223 (WUWebControl Class)
 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA​91D2FC3} http://update.microsoft.com/mi [...] 0372239109 (MUWebControl Class)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_13)
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} http://messenger.zone.msn.com/ [...] b56907.cab (MessengerStatsClient Class)
 O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_13)
 O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_15)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} http://download.macromedia.com [...] wflash.cab (Shockwave Flash Object)
 O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
 O18 - Protocol\Handler\http\0x000000​01 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\https\0x00000​001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\ipp\0x0000000​1 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\0x000​00001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04​f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
 O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF422​2BCF879} - Reg Error: Key error. File not found
 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - Reg Error: Key error. File not found
 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D​022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll -  File not found
 O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2008/12/17 21:42:19 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
 O32 - AutoRun File - [2002/03/08 05:55:00 | 00,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org> ) - D:\autorun.exe -- [ CDFS ]
 O32 - AutoRun File - [2003/07/02 00:15:34 | 00,000,057 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
 O32 - AutoRun File - [2003/07/07 23:46:10 | 00,000,990 | R--- | M] () - D:\autorun.ini -- [ CDFS ]
 O33 - MountPoints2\{a652d598-cc7e-11​dd-9461-b3ebc3018ae2}\Shell - "" = AutoRun
 O33 - MountPoints2\{a652d598-cc7e-11​dd-9461-b3ebc3018ae2}\Shell\Au​toRun\command - "" = F:\LaunchU3.exe -- File not found
 O33 - MountPoints2\{e4decf5a-cf4f-11​dd-9470-4d6564696130}\Shell - "" = AutoRun
 O33 - MountPoints2\{e4decf5a-cf4f-11​dd-9470-4d6564696130}\Shell\Au​toRun\command - "" = E:\LaunchU3.exe -- File not found
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - comfile [open] -- "%1" %*
 O35 - exefile [open] -- "%1" %*
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2009/12/21 12:13:46 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\VINZ\Bureau\OTL.exe
 [2009/12/19 16:05:23 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\VINZ\Bureau\HJTInstal​l.exe
 [2009/12/15 19:03:07 | 01,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\VINZ\Bureau\WinsockXP​Fix.exe
 [2009/12/15 19:01:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VINZ\Bureau\TEMP
 [2009/12/15 18:58:58 | 00,186,880 | ---- | C] (CEXX.ORG) -- C:\Documents and Settings\VINZ\Bureau\LSPFix.ex​e
 [2009/12/14 22:49:30 | 00,000,000 | ---D | C] -- C:\Program Files\Driver Cleaner Pro
 [2009/12/14 22:28:29 | 00,000,000 | ---D | C] -- C:\_OTM
 [2009/12/14 22:27:56 | 00,408,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\VINZ\Bureau\OTM.exe
 [2009/12/14 22:27:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VINZ\Bureau\Upload_Me
 [2009/12/14 22:23:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VINZ\Bureau\MSNFix
 [2009/12/14 22:22:59 | 00,000,000 | ---D | C] -- C:\backups
 [2009/12/14 22:17:47 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\HijackThis.exe
 [2009/12/13 15:18:16 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
 [2009/12/13 15:18:15 | 00,000,000 | ---D | C] -- C:\rsit
 [2009/12/09 13:43:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
 [2009/12/09 13:43:25 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
 [2009/12/09 13:43:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
 [2009/12/09 13:43:18 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
 [2009/12/09 13:42:55 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dl​l
 [2009/12/09 13:42:55 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\x​pssvcs.dll
 [2009/12/09 13:42:55 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p​rintfilterpipelinesvc.exe
 [2009/12/09 13:42:55 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\x​psshhdr.dll
 [2009/12/09 13:42:55 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dl​l
 [2009/12/09 13:42:55 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f​ilterpipelineprintproc.dll
 [2009/12/09 13:42:54 | 00,000,000 | ---D | C] -- C:\7def601521e5e7ff16b5d6001c5​1
 [2009/12/02 14:54:06 | 00,000,000 | ---D | C] -- C:\l'ours polaire_fichiers
 [2009/12/01 22:42:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VINZ\Application Data\TeamViewer
 [2009/12/01 22:41:56 | 00,000,000 | ---D | C] -- C:\Program Files\TeamViewer
 [2009/12/01 22:41:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VINZ\temp
 [2009/11/21 16:30:27 | 00,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
 [2009/08/25 11:45:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
 [2009/04/23 12:39:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
 [2009/01/13 23:34:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Applicat​ion Data\SACore
 [2008/12/21 13:13:37 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd2.d​ll
 [2008/12/21 13:13:37 | 00,040,960 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd2.d​ll
 [2008/12/21 13:13:37 | 00,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd2.d​ll
 [2008/12/17 21:44:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
 [2008/12/17 21:42:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Applic​ation Data\Microsoft
 [2008/12/17 21:42:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Applicat​ion Data\Microsoft
 
 ========== Files - Modified Within 30 Days ==========
 
 [2009/12/21 12:13:47 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VINZ\Bureau\OTL.exe
 [2009/12/21 12:04:17 | 00,253,917 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
 [2009/12/21 12:00:00 | 00,000,330 | ---- | M] () -- C:\WINDOWS\tasks\cgryvpzc.job
 [2009/12/21 11:32:14 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
 [2009/12/21 11:32:10 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
 [2009/12/21 11:32:04 | 21,459,64032 | -HS- | M] () -- C:\hiberfil.sys
 [2009/12/21 00:52:06 | 20,185,088 | -H-- | M] () -- C:\Documents and Settings\VINZ\NTUSER.DAT
 [2009/12/21 00:52:06 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\VINZ\ntuser.ini
 [2009/12/21 00:51:59 | 03,191,706 | -H-- | M] () -- C:\Documents and Settings\VINZ\Local Settings\Application Data\IconCache.db
 [2009/12/20 22:07:09 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\VINZ\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E​0D61DEA3FDF.ini
 [2009/12/20 21:16:35 | 00,002,415 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Audiosurf.lnk
 [2009/12/20 20:08:04 | 01,303,445 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\200912161​11657V.gif
 [2009/12/19 16:05:37 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\HijackThi​s.lnk
 [2009/12/19 16:05:27 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\VINZ\Bureau\HJTInstal​l.exe
 [2009/12/19 15:31:59 | 00,002,575 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\Word 2007.lnk
 [2009/12/19 14:41:16 | 12,852,912 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\mumble_mu​mble_1.2.0_francais_43179.exe
 [2009/12/17 13:49:59 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
 [2009/12/15 19:03:31 | 01,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\VINZ\Bureau\WinsockXP​Fix.exe
 [2009/12/15 18:58:58 | 00,186,880 | ---- | M] (CEXX.ORG) -- C:\Documents and Settings\VINZ\Bureau\LSPFix.ex​e
 [2009/12/14 22:40:29 | 00,000,023 | -HS- | M] () -- C:\WINDOWS\System32\dbecdbd_g.​dll
 [2009/12/14 22:40:29 | 00,000,023 | ---- | M] () -- C:\WINDOWS\System32\eaeeeb2_g.​ocx
 [2009/12/14 22:27:56 | 00,408,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VINZ\Bureau\OTM.exe
 [2009/12/13 18:00:00 | 00,000,556 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for VINZ.job
 [2009/12/12 04:22:50 | 00,111,757 | RHS- | M] () -- C:\WINDOWS\rndll.exe
 [2009/12/10 21:38:28 | 01,049,098 | ---- | M] () -- C:\WINDOWS\System32\PerfString​Backup.INI
 [2009/12/10 21:38:28 | 00,499,630 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.d​at
 [2009/12/10 21:38:28 | 00,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.d​at
 [2009/12/10 21:38:28 | 00,080,680 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.d​at
 [2009/12/10 21:38:28 | 00,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.d​at
 [2009/12/10 21:38:27 | 00,404,934 | ---- | M] () -- C:\WINDOWS\System32\perfh040.d​at
 [2009/12/10 21:38:27 | 00,049,348 | ---- | M] () -- C:\WINDOWS\System32\perfc040.d​at
 [2009/12/09 20:56:48 | 00,037,080 | ---- | M] () -- C:\Documents and Settings\VINZ\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
 [2009/12/09 18:31:21 | 00,169,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.D​AT
 [2009/12/08 13:45:37 | 00,001,633 | ---- | M] () -- C:\WINDOWS\win.ini
 [2009/12/06 17:42:45 | 00,013,043 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\EMP Mary.xlsx
 [2009/12/05 13:28:43 | 47,317,076 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\Prodigy - Smack My Bitch Up (Uncut - Nudity).mpg
 [2009/12/05 13:05:42 | 00,039,098 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\csmtraini​ngreportfail.PNG
 [2009/12/04 18:38:15 | 00,005,927 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\configqq.​cfg
 [2009/12/02 14:54:07 | 00,006,630 | ---- | M] () -- C:\l'ours polaire.htm
 [2009/12/01 22:42:01 | 00,000,889 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\TeamViewer 5.lnk
 [2009/12/01 22:40:54 | 02,720,648 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\teamviewe​r_teamviewer_5.0.7418_complet_​francais_67482.exe
 [2009/11/29 16:22:19 | 08,086,331 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\03 your skull is red.mp3
 [2009/11/29 16:21:55 | 02,732,744 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\team_slee​pever_foreign_flag_radio_edit.​mp3
 [2009/11/29 16:16:52 | 00,012,815 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\tsever.mp​3
 [2009/11/27 16:01:34 | 00,329,966 | ---- | M] () -- C:\Documents and Settings\VINZ\Bureau\200911271​01158P.png
 [2009/11/21 17:04:17 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.t​lb
 [2009/11/21 17:04:17 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.t​lb
 
 ========== Files Created - No Company Name ==========
 
 [2009/12/20 21:38:30 | 60,978,0294 | ---- | C] () -- C:\Documents and Settings\VINZ\Mes documents\P10.part6.rar
 [2009/12/20 21:37:57 | 10,380,90240 | ---- | C] () -- C:\Documents and Settings\VINZ\Mes documents\P10.part5.rar
 [2009/12/20 21:37:22 | 10,380,90240 | ---- | C] () -- C:\Documents and Settings\VINZ\Mes documents\P10.part4.rar
 [2009/12/20 21:36:48 | 10,380,90240 | ---- | C] () -- C:\Documents and Settings\VINZ\Mes documents\P10.part3.rar
 [2009/12/20 21:36:15 | 10,380,90240 | ---- | C] () -- C:\Documents and Settings\VINZ\Mes documents\P10.part2.rar
 [2009/12/20 21:35:07 | 15,052,63615 | ---- | C] () -- C:\Documents and Settings\VINZ\Mes documents\rld-p210.iso
 [2009/12/20 21:34:12 | 10,380,90240 | ---- | C] () -- C:\Documents and Settings\VINZ\Mes documents\P10.part1.rar
 [2009/12/20 20:08:04 | 01,303,445 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\200912161​11657V.gif
 [2009/12/19 16:05:37 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\HijackThi​s.lnk
 [2009/12/19 14:39:37 | 12,852,912 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\mumble_mu​mble_1.2.0_francais_43179.exe
 [2009/12/14 22:40:29 | 00,000,023 | -HS- | C] () -- C:\WINDOWS\System32\dbecdbd_g.​dll
 [2009/12/14 22:40:29 | 00,000,023 | ---- | C] () -- C:\WINDOWS\System32\eaeeeb2_g.​ocx
 [2009/12/12 11:55:30 | 00,111,757 | RHS- | C] () -- C:\WINDOWS\rndll.exe
 [2009/12/06 17:42:44 | 00,013,043 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\EMP Mary.xlsx
 [2009/12/05 13:05:41 | 00,039,098 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\csmtraini​ngreportfail.PNG
 [2009/12/05 13:01:49 | 47,317,076 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\Prodigy - Smack My Bitch Up (Uncut - Nudity).mpg
 [2009/12/04 18:38:15 | 00,005,927 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\configqq.​cfg
 [2009/12/02 14:54:06 | 00,006,630 | ---- | C] () -- C:\l'ours polaire.htm
 [2009/12/01 22:42:01 | 00,000,889 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\TeamViewer 5.lnk
 [2009/12/01 22:40:34 | 02,720,648 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\teamviewe​r_teamviewer_5.0.7418_complet_​francais_67482.exe
 [2009/11/29 16:21:33 | 02,732,744 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\team_slee​pever_foreign_flag_radio_edit.​mp3
 [2009/11/29 16:16:52 | 00,012,815 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\tsever.mp​3
 [2009/11/29 16:16:46 | 08,086,331 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\03 your skull is red.mp3
 [2009/11/27 16:01:33 | 00,329,966 | ---- | C] () -- C:\Documents and Settings\VINZ\Bureau\200911271​01158P.png
 [2009/11/21 16:23:08 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.t​lb
 [2009/11/21 16:23:08 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.t​lb
 [2009/11/02 20:19:08 | 00,001,063 | ---- | C] () -- C:\Documents and Settings\VINZ\Application Data\SMasterMind Prefs.txt
 [2009/10/26 13:31:40 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp3​2.dll
 [2009/10/26 12:39:43 | 00,016,189 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
 [2009/10/25 14:50:09 | 00,182,275 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.​dll
 [2009/10/25 14:50:09 | 00,124,931 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll
 [2009/10/25 14:50:08 | 00,376,832 | ---- | C] () -- C:\WINDOWS\System32\M2000Twn.d​ll
 [2009/10/25 14:50:06 | 00,732,113 | ---- | C] () -- C:\Program Files\Fichiers communs\unins000.exe
 [2009/10/25 14:50:06 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\CompressAT​I2.dll
 [2009/10/25 14:50:06 | 00,003,011 | ---- | C] () -- C:\Program Files\Fichiers communs\unins000.dat
 [2009/05/25 17:20:35 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
 [2009/04/18 16:43:33 | 00,290,816 | ---- | C] () -- C:\WINDOWS\System32\decdll.dll
 [2009/03/01 21:23:29 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dl​l
 [2009/03/01 21:23:29 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dl​l
 [2009/03/01 21:23:29 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dl​l
 [2009/02/25 13:37:44 | 00,139,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\Pn​kBstrK.sys
 [2009/02/25 13:37:43 | 00,139,152 | ---- | C] () -- C:\Documents and Settings\VINZ\Application Data\PnkBstrK.sys
 [2009/02/15 13:56:22 | 00,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
 [2009/02/15 13:56:22 | 00,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.d​ll
 [2009/01/20 18:01:24 | 01,465,612 | -HS- | C] () -- C:\WINDOWS\System32\hmclycon.i​ni
 [2009/01/19 18:02:28 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\yzydfb.dll
 [2009/01/19 18:02:27 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\chpquebq.d​ll
 [2009/01/19 18:00:23 | 01,436,206 | -HS- | C] () -- C:\WINDOWS\System32\pdfswjuj.i​ni
 [2009/01/18 14:19:55 | 00,054,272 | ---- | C] () -- C:\WINDOWS\System32\KERNELH2.D​LL
 [2009/01/03 16:56:45 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt​03.dll
 [2009/01/03 16:56:27 | 00,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
 [2008/12/30 19:12:43 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp​td.sys
 [2008/12/24 13:46:07 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll​.manifest
 [2008/12/24 13:46:06 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
 [2008/12/24 13:43:06 | 00,107,520 | ---- | C] () -- C:\Documents and Settings\VINZ\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E​0D61DEA3FDF.ini
 [2008/12/21 13:13:41 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd2.d​ll
 [2008/12/21 13:13:41 | 00,015,541 | ---- | C] () -- C:\WINDOWS\snpstd2.ini
 [2008/12/21 13:13:39 | 00,302,720 | ---- | C] () -- C:\WINDOWS\System32\drivers\sn​pstd2.sys
 [2008/12/17 22:42:42 | 00,016,151 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
 [2008/12/17 22:29:52 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\AS​ACPI.sys
 [2008/12/17 22:29:40 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\AS​USHWIO.SYS
 [2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudar​t_20.dll
 [2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTr​aditionalChinese.dll
 [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSw​edish.dll
 [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSp​anish.dll
 [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSi​mplifiedChinese.dll
 [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPo​rtugese.dll
 [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKo​rean.dll
 [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJa​panese.dll
 [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGe​rman.dll
 [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFr​ench.dll
 [2008/04/13 20:33:40 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.d​ll
 [1997/06/14 09:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.d​ll
 
 ========== LOP Check ==========
 
 [2009/08/17 14:55:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
 [2009/02/03 17:24:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
 [2009/01/17 20:46:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
 [2009/02/23 19:21:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
 [2008/12/30 19:14:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
 [2008/12/21 13:22:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
 [2009/10/28 18:18:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
 [2009/01/21 18:19:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
 [2009/02/25 13:37:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software
 [2009/02/23 18:17:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Line 6
 [2009/11/13 22:34:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime
 [2008/12/19 19:30:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
 [2009/06/08 21:59:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
 [2009/06/08 17:03:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
 [2009/11/02 17:06:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NFS Underground
 [2009/06/08 17:03:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
 [2009/08/20 17:40:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
 [2009/07/02 13:07:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
 [2009/01/18 17:58:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
 [2009/10/11 21:34:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
 [2008/12/23 16:25:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
 [2009/12/16 10:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ISA ET FRANZ\Application Data\Grisoft
 [2008/12/17 21:50:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ISA ET FRANZ\Application Data\InterTrust
 [2009/09/25 22:38:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ISA ET FRANZ\Application Data\Mumble
 [2009/02/14 15:38:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JULIE\Application Data\Atari
 [2009/12/15 20:19:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JULIE\Application Data\Grisoft
 [2009/06/26 09:52:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JULIE\Application Data\Mindscape
 [2009/10/30 11:21:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JULIE\Application Data\uTorrent
 [2009/01/13 23:34:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Applicat​ion Data\SACore
 [2009/10/25 15:53:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\.purple
 [2009/01/03 17:03:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Atari
 [2009/02/03 18:05:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Azureus
 [2009/01/17 20:46:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Babylon
 [2009/02/06 21:09:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Cakewalk
 [2008/12/30 19:15:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\DAEMON Tools
 [2009/10/27 13:01:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\DAEMON Tools Lite
 [2008/12/30 19:15:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\DAEMON Tools Pro
 [2009/12/01 20:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\FileZilla
 [2009/08/09 22:55:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\GetRightToGo
 [2009/10/25 15:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\gtk-2.0
 [2009/12/04 19:29:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\HLSW
 [2009/02/25 13:58:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\id Software
 [2009/02/28 15:55:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\IObit
 [2009/02/23 18:20:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Line 6
 [2009/11/14 09:58:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Locktime
 [2009/12/06 17:48:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Mumble
 [2009/01/16 22:54:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Nvu
 [2009/08/22 09:22:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Octoshape
 [2009/05/01 02:39:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\OneSwarm
 [2009/01/18 18:11:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Publish Providers
 [2009/01/18 18:00:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Sony
 [2009/01/17 17:26:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Sony Setup
 [2009/12/01 22:42:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\TeamViewer
 [2009/12/19 01:27:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\uTorrent
 [2009/01/30 22:41:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\Waves Audio
 [2009/12/21 12:00:00 | 00,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\cgryvpzc.job
 
 ========== Purity Check ==========
 
 
 
 ========== Alternate Data Streams ==========
 
 @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
 < End of report >



 OTL Extras :

 OTL Extras logfile created on: 21/12/2009 12:16:12 - Run 1
 OTL by OldTimer - Version 3.1.19.0     Folder = C:\Documents and Settings\VINZ\Bureau
 Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 6.0.2900.5512)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
 Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 232,88 Gb Total Space | 26,74 Gb Free Space | 11,48% Space Free | Partition Type: NTFS
 Drive D: | 623,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 E: Drive not present or media not loaded
 F: Drive not present or media not loaded
 G: Drive not present or media not loaded
 H: Drive not present or media not loaded
 I: Drive not present or media not loaded
 
 Computer Name: SCAMP-1
 Current User Name: VINZ
 Logged in as Administrator.
 
 Current Boot Mode: Normal
 Scan Mode: All users
 Company Name Whitelist: Off
 Skip Microsoft Files: Off
 File Age = 30 Days
 Output = Minimal
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
 [HKEY_USERS\S-1-5-21-725345543-​1677128483-1417001333-1005\SOF​TWARE\Classes\<extension>​;]
 .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 exefile [open] -- "%1" %*
 htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
 htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
 htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
 https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\​ONENOTE.EXE "%L" (Microsoft Corporation)
 Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 CLSID\{871C5380-42A0-1069-A2EA​-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "FirstRunDisabled" = 1
 "AntiVirusDisableNotify" = 0
 "FirewallDisableNotify" = 0
 "UpdatesDisableNotify" = 0
 "AntiVirusOverride" = 0
 "FirewallOverride" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\AhnlabAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\KasperskyAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiVirus]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeFirewall]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SophosAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TinyFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ZoneLabsFirewall]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\GloballyOpenPo​rts\List]
 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@​xpsp2res.dll,-22007
 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@​xpsp2res.dll,-22008
 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dl​l,-22004
 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dl​l,-22005
 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dl​l,-22001
 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dl​l,-22002
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "EnableFirewall" = 1
 "DoNotAllowExceptions" = 0
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\GloballyOpen​Ports\List]
 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@​xpsp2res.dll,-22007
 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@​xpsp2res.dll,-22008
 "39876:TCP" = 39876:TCP:*:Enabled:OneSwarm
 "39876:UDP" = 39876:UDP:*:Enabled:OneSwarm
 "56786:TCP" = 56786:TCP:*:Enabled:Pando Media Booster
 "56786:UDP" = 56786:UDP:*:Enabled:Pando Media Booster
 "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:​maconfig_tcp
 "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:​maconfig_udp
 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@​xpsp2res.dll,-22004
 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@​xpsp2res.dll,-22005
 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@​xpsp2res.dll,-22001
 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@​xpsp2res.dll,-22002
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\AuthorizedAppl​ications\List]
 "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone) -- File not found
 "C:\Program Files\Combat Arms\CombatArms.exe" = C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:C​ombatArms.exe -- File not found
 "C:\Program Files\Combat Arms\Engine.exe" = C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engin​e.exe -- File not found
 "C:\Program Files\Combat Arms EU\CombatArms.exe" = C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:Com​batArms.exe -- File not found
 "C:\Program Files\Combat Arms EU\Engine.exe" = C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.​exe -- File not found
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call -- (Microsoft Corporation)
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare -- File not found
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:​Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
 "C:\Program Files\Steam\steamapps\snohi\co​unter-strike\hl.exe" = C:\Program Files\Steam\steamapps\snohi\co​unter-strike\hl.exe:*:Enabled:​Half-Life Launcher -- (Valve)
 "G:\mIRC\mirc.exe" = G:\mIRC\mirc.exe:*:Enabled:mIR​C -- File not found
 "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enable​d:eMule -- File not found
 "G:\TmNationsForever\TmForever​.exe" = G:\TmNationsForever\TmForever.​exe:*:Enabled:TmForever -- File not found
 "C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe" = C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:En​abled:Jedi Academy MultiPlayer -- (Activision Inc)
 "C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- ()
 "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:​Enabled:µTorrent -- (BitTorrent, Inc.)
 "C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:​HLSW Application -- (Stripf Software)
 "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone) -- File not found
 "C:\WINDOWS\system32\PnkBstrA.​exe" = C:\WINDOWS\system32\PnkBstrA.e​xe:*:Enabled:PnkBstrA -- ()
 "C:\WINDOWS\system32\PnkBstrB.​exe" = C:\WINDOWS\system32\PnkBstrB.e​xe:*:Enabled:PnkBstrB -- ()
 "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:​Firefox -- (Mozilla Corporation)
 "C:\Program Files\Warcraft III\Warcraft III.exe" = C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
 "C:\Documents and Settings\VINZ\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\​octoshape\octoshape.exe" = C:\Documents and Settings\VINZ\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\​octoshape\octoshape.exe:*:Enab​led:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
 "C:\Program Files\Diablo II\Diablo II.exe" = C:\Program Files\Diablo II\Diablo II.exe:*:Enabled:Diablo II - Lord of Destruction -- (Blizzard North)
 "C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe" = C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable -- (Microsoft Corporation)
 "C:\Documents and Settings\VINZ\Mes documents\Downloads\AOE II\empires2.exe" = C:\Documents and Settings\VINZ\Mes documents\Downloads\AOE II\empires2.exe:*:Enabled:Age of Empires II -- File not found
 "C:\WINDOWS\system32\dplaysvr.​exe" = C:\WINDOWS\system32\dplaysvr.e​xe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
 "C:\Documents and Settings\VINZ\Mes documents\Downloads\AOE II\age2_x1.exe" = C:\Documents and Settings\VINZ\Mes documents\Downloads\AOE II\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
 "C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- File not found
 "C:\Documents and Settings\VINZ\Mes documents\bgb.exe" = C:\Documents and Settings\VINZ\Mes documents\bgb.exe:*:Enabled:bg​b -- File not found
 "C:\Program Files\OneSwarm\OneSwarm.exe" = C:\Program Files\OneSwarm\OneSwarm.exe:*:​Enabled:OneSwarm -- ()
 "C:\Program Files\Steam\steamapps\jtemssan​scomplexe\counter-strike\hl.ex​e" = C:\Program Files\Steam\steamapps\jtemssan​scomplexe\counter-strike\hl.ex​e:*:Enabled:Half-Life Launcher -- File not found
 "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pand​o Media Booster -- ()
 "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Ena​bled:Nexon Game Manager -- (Nexon)
 "C:\Program Files\Combat Arms\CombatArms.exe" = C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:C​ombatArms.exe -- File not found
 "C:\Program Files\Combat Arms\Engine.exe" = C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engin​e.exe -- File not found
 "C:\Nexon\NEXON_EU_Downloader\​NEXON_EU_Downloader_Engine.exe​" = C:\Nexon\NEXON_EU_Downloader\N​EXON_EU_Downloader_Engine.exe:​*:Enabled:NEXON_EU_Downloader_​Engine -- ()
 "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Ena​bled:Nexon Game Manager -- (Nexon)
 "C:\Program Files\Combat Arms EU\CombatArms.exe" = C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:Com​batArms.exe -- File not found
 "C:\Program Files\Combat Arms EU\Engine.exe" = C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.​exe -- File not found
 "C:\Program Files\Combat Arms EU\NMService.exe" = C:\Program Files\Combat Arms EU\NMService.exe:*:Enabled:Nex​on Messenger Core -- File not found
 "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:​mIRC -- (mIRC Co. Ltd.)
 "C:\Program Files\Valve Lan\hl.exe" = C:\Program Files\Valve Lan\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
 "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*​:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
 "C:\Documents and Settings\VINZ\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\VINZ\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*​:Enabled:Main program for Octoshape client -- (Octoshape ApS)
 "C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd:*:Enabl​ed:Age of Empires II Expansion -- (Microsoft Corporation)
 "C:\Program Files\Steam\steamapps\djata37\​counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\djata37\​counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
 "C:\Program Files\Steam\steamapps\djata37\​counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\djata37\​counter-strike\hl.exe:*:Enable​d:Half-Life Launcher -- (Valve)
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call -- (Microsoft Corporation)
 "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enable​d:Steam -- (Valve Corporation)
 "C:\Program Files\Steam\steamapps\kurubina​\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\kurubina​\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
 "C:\Program Files\Steam\steamapps\maxvigne​au\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\maxvigne​au\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
 "C:\Program Files\Steam\steamapps\jtehssan​scomplexe\counter-strike\hl.ex​e" = C:\Program Files\Steam\steamapps\jtehssan​scomplexe\counter-strike\hl.ex​e:*:Enabled:Half-Life Launcher -- (Valve)
 "C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe​" = C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe​:*:Enabled:McAfee Network Agent -- File not found
 "C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\s​ushi06101991\counter-strike\hl​.exe" = C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\s​ushi06101991\counter-strike\hl​.exe:*:Enabled:Half-Life Launcher -- File not found
 "C:\Program Files\ma-config.com\maconfserv​ice.exe" = C:\Program Files\ma-config.com\maconfserv​ice.exe:LocalSubNet:Enabled:ma​confservice -- File not found
 "C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\s​nohi\counter-strike\hl.exe" = C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\s​nohi\counter-strike\hl.exe:*:E​nabled:Half-Life Launcher -- File not found
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare -- File not found
 "C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\d​jata37\counter-strike\hl.exe" = C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\d​jata37\counter-strike\hl.exe:*​:Enabled:Half-Life Launcher -- File not found
 "C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe:*:enabl​ed:CSS -- (France Telecom SA)
 "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:E​A Download Manager -- (Electronic Arts)
 "C:\Program Files\EA GAMES\Need For Speed Underground\Speed.exe" = C:\Program Files\EA GAMES\Need For Speed Underground\Speed.exe:*:Enable​d:Speed -- ()
 "C:\Program Files\TeamViewer\Version5\Team​Viewer.exe" = C:\Program Files\TeamViewer\Version5\Team​Viewer.exe:*:Enabled:Teamviewe​r Remote Control Application -- (TeamViewer GmbH)
 "C:\DOCUME~1\JULIE\LOCALS~1\Te​mp\IXP001.TMP\hjkdf.exe" = C:\DOCUME~1\JULIE\LOCALS~1\Tem​p\IXP001.TMP\hjkdf.exe:*:Enabl​ed:Firevall Administrating -- File not found
 
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 ""Equitation & Magie - Sarah et la licorne"" = "Equitation & Magie - Sarah et la licorne"
 "{01521746-02A6-4A72-00BD-A285​DF6B80C6}" = Les Sims 2 Académie
 "{048298C9-A4D3-490B-9FF9-AB02​3A9238F3}" = Steam
 "{0B533F34-22BA-4301-BAF8-EA1C​EDB06F9E}" = Quake Live Mozilla Plugin
 "{0D994CC5-819F-4657-84DD-397B​8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
 "{0E7257E7-F08F-46FB-8C85-56C6​79E55440}" = Alexandra Ledermann 6
 "{13F3917B56CD4C25848BDC699169​71BB}" = DivX Converter
 "{15292416-A464-4FBA-BB96-7298​EAACFC07}" = Zoo Tycoon 2 - Animaux disparus
 "{18D10072035C4515918F7E37EAFA​ACFC}" = AutoUpdate
 "{205C6BDD-7B73-42DE-8505-9A09​3F35A238}" = Outil de téléchargement Windows Live
 "{2075CB0A-D26F-4DAA-B424-5079​296B43BA}" = Windows Live FolderShare
 "{216AB108-2AE1-4130-B3D5-20B2​C4C80F8F}" = QuickTime
 "{22B775E7-6C42-4FC5-8E10-9A5E​3257BD94}" = MSVCRT
 "{2315B23D-3E21-4920-837D-AE64​60934ECB}" = FIFA 09
 "{26A24AE4-039D-4CA4-87B4-2F83​216012FF}" = Java(TM) 6 Update 13
 "{27965FF3-5243-4964-B286-BD7F​50D6A7B9}_is1" = Schaap (Tesselaar) v3 van Martin1990
 "{2EE37EFC-CDF1-4B4C-8977-BDCC​57DF96F8}" = Wildlife Park 2 Horses
 "{350C940c-3D7C-4EE8-BAA9-00BC​B3D54227}" = WebFldrs XP
 "{350C97B8-3D7C-4EE8-BAA9-00BC​B3D54227}" = WebFldrs XP
 "{38E1CA6C-2121-4B5C-A3A5-0B00​03794EFF}" = Sony Media Manager 2.2
 "{3B4E636E-9D65-4D67-BA61-1898​00823F52}" = Windows Live Communications Platform
 "{3BB53C4E-97B3-4504-B4C3-6C50​12FBCD83}" = Mission Equitation 2
 "{3FC7CBBC4C1E11DCA1A752EA55D8​9593}" = DivX Version Checker
 "{4634B21A-CC07-4396-890C-2B81​68661FEA}" = Windows Live Writer
 "{46ABBC54-1872-4AA3-95E2-F2C0​63A63F31}" = Installation Windows Live
 "{4817189D-1785-4627-A33C-39FD​90919300}" = Les Sims™ 2 Animaux & Cie
 "{4A7FDA4D-F4D7-4A49-934A-066D​59A43C7E}" = SmartSound Quicktracks Plugin
 "{4AE3A0CB-87B0-4F51-BECD-3D1F​8DFDD62F}" = SAGEM F@st 800-840
 "{4C590030-7469-453E-8589-D15D​A9D03F52}" = ANIWZCS2 Service
 "{57F0ED40-8F11-41AA-B926-4A66​D0D1A9CC}" = Microsoft Office Live Add-in 1.3
 "{5DD76286-9BE7-4894-A990-E905​E91AC818}" = Windows Live Mail
 "{5F8E2CB

(Publicité)
snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/12/2009 à 13:30:35  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Je te recolle Extras parce que j ai l impression qu il n est pas entier

 OTL Extras logfile created on: 21/12/2009 12:16:12 - Run 1
 OTL by OldTimer - Version 3.1.19.0     Folder = C:\Documents and Settings\VINZ\Bureau
 Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 6.0.2900.5512)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
 Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 232,88 Gb Total Space | 26,74 Gb Free Space | 11,48% Space Free | Partition Type: NTFS
 Drive D: | 623,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 E: Drive not present or media not loaded
 F: Drive not present or media not loaded
 G: Drive not present or media not loaded
 H: Drive not present or media not loaded
 I: Drive not present or media not loaded
 
 Computer Name: SCAMP-1
 Current User Name: VINZ
 Logged in as Administrator.
 
 Current Boot Mode: Normal
 Scan Mode: All users
 Company Name Whitelist: Off
 Skip Microsoft Files: Off
 File Age = 30 Days
 Output = Minimal
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
 [HKEY_USERS\S-1-5-21-725345543-​1677128483-1417001333-1005\SOF​TWARE\Classes\<extension>​;]
 .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 exefile [open] -- "%1" %*
 htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
 htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
 htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
 https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\​ONENOTE.EXE "%L" (Microsoft Corporation)
 Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 CLSID\{871C5380-42A0-1069-A2EA​-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "FirstRunDisabled" = 1
 "AntiVirusDisableNotify" = 0
 "FirewallDisableNotify" = 0
 "UpdatesDisableNotify" = 0
 "AntiVirusOverride" = 0
 "FirewallOverride" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\AhnlabAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\KasperskyAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiVirus]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeFirewall]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\PandaFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SophosAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TinyFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\TrendFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\ZoneLabsFirewall]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\GloballyOpenPo​rts\List]
 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@​xpsp2res.dll,-22007
 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@​xpsp2res.dll,-22008
 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dl​l,-22004
 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dl​l,-22005
 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dl​l,-22001
 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dl​l,-22002
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "EnableFirewall" = 1
 "DoNotAllowExceptions" = 0
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\GloballyOpen​Ports\List]
 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@​xpsp2res.dll,-22007
 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@​xpsp2res.dll,-22008
 "39876:TCP" = 39876:TCP:*:Enabled:OneSwarm
 "39876:UDP" = 39876:UDP:*:Enabled:OneSwarm
 "56786:TCP" = 56786:TCP:*:Enabled:Pando Media Booster
 "56786:UDP" = 56786:UDP:*:Enabled:Pando Media Booster
 "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:​maconfig_tcp
 "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:​maconfig_udp
 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@​xpsp2res.dll,-22004
 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@​xpsp2res.dll,-22005
 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@​xpsp2res.dll,-22001
 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@​xpsp2res.dll,-22002
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile\AuthorizedAppl​ications\List]
 "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone) -- File not found
 "C:\Program Files\Combat Arms\CombatArms.exe" = C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:C​ombatArms.exe -- File not found
 "C:\Program Files\Combat Arms\Engine.exe" = C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engin​e.exe -- File not found
 "C:\Program Files\Combat Arms EU\CombatArms.exe" = C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:Com​batArms.exe -- File not found
 "C:\Program Files\Combat Arms EU\Engine.exe" = C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.​exe -- File not found
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call -- (Microsoft Corporation)
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare -- File not found
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:​Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
 "C:\Program Files\Steam\steamapps\snohi\co​unter-strike\hl.exe" = C:\Program Files\Steam\steamapps\snohi\co​unter-strike\hl.exe:*:Enabled:​Half-Life Launcher -- (Valve)
 "G:\mIRC\mirc.exe" = G:\mIRC\mirc.exe:*:Enabled:mIR​C -- File not found
 "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enable​d:eMule -- File not found
 "G:\TmNationsForever\TmForever​.exe" = G:\TmNationsForever\TmForever.​exe:*:Enabled:TmForever -- File not found
 "C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe" = C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:En​abled:Jedi Academy MultiPlayer -- (Activision Inc)
 "C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- ()
 "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:​Enabled:µTorrent -- (BitTorrent, Inc.)
 "C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:​HLSW Application -- (Stripf Software)
 "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone) -- File not found
 "C:\WINDOWS\system32\PnkBstrA.​exe" = C:\WINDOWS\system32\PnkBstrA.e​xe:*:Enabled:PnkBstrA -- ()
 "C:\WINDOWS\system32\PnkBstrB.​exe" = C:\WINDOWS\system32\PnkBstrB.e​xe:*:Enabled:PnkBstrB -- ()
 "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:​Firefox -- (Mozilla Corporation)
 "C:\Program Files\Warcraft III\Warcraft III.exe" = C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
 "C:\Documents and Settings\VINZ\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\​octoshape\octoshape.exe" = C:\Documents and Settings\VINZ\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\​octoshape\octoshape.exe:*:Enab​led:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
 "C:\Program Files\Diablo II\Diablo II.exe" = C:\Program Files\Diablo II\Diablo II.exe:*:Enabled:Diablo II - Lord of Destruction -- (Blizzard North)
 "C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe" = C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable -- (Microsoft Corporation)
 "C:\Documents and Settings\VINZ\Mes documents\Downloads\AOE II\empires2.exe" = C:\Documents and Settings\VINZ\Mes documents\Downloads\AOE II\empires2.exe:*:Enabled:Age of Empires II -- File not found
 "C:\WINDOWS\system32\dplaysvr.​exe" = C:\WINDOWS\system32\dplaysvr.e​xe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
 "C:\Documents and Settings\VINZ\Mes documents\Downloads\AOE II\age2_x1.exe" = C:\Documents and Settings\VINZ\Mes documents\Downloads\AOE II\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
 "C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- File not found
 "C:\Documents and Settings\VINZ\Mes documents\bgb.exe" = C:\Documents and Settings\VINZ\Mes documents\bgb.exe:*:Enabled:bg​b -- File not found
 "C:\Program Files\OneSwarm\OneSwarm.exe" = C:\Program Files\OneSwarm\OneSwarm.exe:*:​Enabled:OneSwarm -- ()
 "C:\Program Files\Steam\steamapps\jtemssan​scomplexe\counter-strike\hl.ex​e" = C:\Program Files\Steam\steamapps\jtemssan​scomplexe\counter-strike\hl.ex​e:*:Enabled:Half-Life Launcher -- File not found
 "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pand​o Media Booster -- ()
 "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Ena​bled:Nexon Game Manager -- (Nexon)
 "C:\Program Files\Combat Arms\CombatArms.exe" = C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:C​ombatArms.exe -- File not found
 "C:\Program Files\Combat Arms\Engine.exe" = C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engin​e.exe -- File not found
 "C:\Nexon\NEXON_EU_Downloader\​NEXON_EU_Downloader_Engine.exe​" = C:\Nexon\NEXON_EU_Downloader\N​EXON_EU_Downloader_Engine.exe:​*:Enabled:NEXON_EU_Downloader_​Engine -- ()
 "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Ena​bled:Nexon Game Manager -- (Nexon)
 "C:\Program Files\Combat Arms EU\CombatArms.exe" = C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:Com​batArms.exe -- File not found
 "C:\Program Files\Combat Arms EU\Engine.exe" = C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.​exe -- File not found
 "C:\Program Files\Combat Arms EU\NMService.exe" = C:\Program Files\Combat Arms EU\NMService.exe:*:Enabled:Nex​on Messenger Core -- File not found
 "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:​mIRC -- (mIRC Co. Ltd.)
 "C:\Program Files\Valve Lan\hl.exe" = C:\Program Files\Valve Lan\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
 "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*​:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
 "C:\Documents and Settings\VINZ\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\VINZ\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*​:Enabled:Main program for Octoshape client -- (Octoshape ApS)
 "C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd:*:Enabl​ed:Age of Empires II Expansion -- (Microsoft Corporation)
 "C:\Program Files\Steam\steamapps\djata37\​counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\djata37\​counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
 "C:\Program Files\Steam\steamapps\djata37\​counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\djata37\​counter-strike\hl.exe:*:Enable​d:Half-Life Launcher -- (Valve)
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call -- (Microsoft Corporation)
 "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enable​d:Steam -- (Valve Corporation)
 "C:\Program Files\Steam\steamapps\kurubina​\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\kurubina​\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
 "C:\Program Files\Steam\steamapps\maxvigne​au\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\maxvigne​au\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
 "C:\Program Files\Steam\steamapps\jtehssan​scomplexe\counter-strike\hl.ex​e" = C:\Program Files\Steam\steamapps\jtehssan​scomplexe\counter-strike\hl.ex​e:*:Enabled:Half-Life Launcher -- (Valve)
 "C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe​" = C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe​:*:Enabled:McAfee Network Agent -- File not found
 "C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\s​ushi06101991\counter-strike\hl​.exe" = C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\s​ushi06101991\counter-strike\hl​.exe:*:Enabled:Half-Life Launcher -- File not found
 "C:\Program Files\ma-config.com\maconfserv​ice.exe" = C:\Program Files\ma-config.com\maconfserv​ice.exe:LocalSubNet:Enabled:ma​confservice -- File not found
 "C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\s​nohi\counter-strike\hl.exe" = C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\s​nohi\counter-strike\hl.exe:*:E​nabled:Half-Life Launcher -- File not found
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare -- File not found
 "C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\d​jata37\counter-strike\hl.exe" = C:\Documents and Settings\isa et franz\Bureau\Steam\steamapps\d​jata37\counter-strike\hl.exe:*​:Enabled:Half-Life Launcher -- File not found
 "C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe:*:enabl​ed:CSS -- (France Telecom SA)
 "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:E​A Download Manager -- (Electronic Arts)
 "C:\Program Files\EA GAMES\Need For Speed Underground\Speed.exe" = C:\Program Files\EA GAMES\Need For Speed Underground\Speed.exe:*:Enable​d:Speed -- ()
 "C:\Program Files\TeamViewer\Version5\Team​Viewer.exe" = C:\Program Files\TeamViewer\Version5\Team​Viewer.exe:*:Enabled:Teamviewe​r Remote Control Application -- (TeamViewer GmbH)
 "C:\DOCUME~1\JULIE\LOCALS~1\Te​mp\IXP001.TMP\hjkdf.exe" = C:\DOCUME~1\JULIE\LOCALS~1\Tem​p\IXP001.TMP\hjkdf.exe:*:Enabl​ed:Firevall Administrating -- File not found
 
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 ""Equitation & Magie - Sarah et la licorne"" = "Equitation & Magie - Sarah et la licorne"
 "{01521746-02A6-4A72-00BD-A285​DF6B80C6}" = Les Sims 2 Académie
 "{048298C9-A4D3-490B-9FF9-AB02​3A9238F3}" = Steam
 "{0B533F34-22BA-4301-BAF8-EA1C​EDB06F9E}" = Quake Live Mozilla Plugin
 "{0D994CC5-819F-4657-84DD-397B​8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
 "{0E7257E7-F08F-46FB-8C85-56C6​79E55440}" = Alexandra Ledermann 6
 "{13F3917B56CD4C25848BDC699169​71BB}" = DivX Converter
 "{15292416-A464-4FBA-BB96-7298​EAACFC07}" = Zoo Tycoon 2 - Animaux disparus
 "{18D10072035C4515918F7E37EAFA​ACFC}" = AutoUpdate
 "{205C6BDD-7B73-42DE-8505-9A09​3F35A238}" = Outil de téléchargement Windows Live
 "{2075CB0A-D26F-4DAA-B424-5079​296B43BA}" = Windows Live FolderShare
 "{216AB108-2AE1-4130-B3D5-20B2​C4C80F8F}" = QuickTime
 "{22B775E7-6C42-4FC5-8E10-9A5E​3257BD94}" = MSVCRT
 "{2315B23D-3E21-4920-837D-AE64​60934ECB}" = FIFA 09
 "{26A24AE4-039D-4CA4-87B4-2F83​216012FF}" = Java(TM) 6 Update 13
 "{27965FF3-5243-4964-B286-BD7F​50D6A7B9}_is1" = Schaap (Tesselaar) v3 van Martin1990
 "{2EE37EFC-CDF1-4B4C-8977-BDCC​57DF96F8}" = Wildlife Park 2 Horses
 "{350C940c-3D7C-4EE8-BAA9-00BC​B3D54227}" = WebFldrs XP
 "{350C97B8-3D7C-4EE8-BAA9-00BC​B3D54227}" = WebFldrs XP
 "{38E1CA6C-2121-4B5C-A3A5-0B00​03794EFF}" = Sony Media Manager 2.2
 "{3B4E636E-9D65-4D67-BA61-1898​00823F52}" = Windows Live Communications Platform
 "{3BB53C4E-97B3-4504-B4C3-6C50​12FBCD83}" = Mission Equitation 2
 "{3FC7CBBC4C1E11DCA1A752EA55D8​9593}" = DivX Version Checker
 "{4634B21A-CC07-4396-890C-2B81​68661FEA}" = Windows Live Writer
 "{46ABBC54-1872-4AA3-95E2-F2C0​63A63F31}" = Installation Windows Live
 "{4817189D-1785-4627-A33C-39FD​90919300}" = Les Sims™ 2 Animaux & Cie
 "{4A7FDA4D-F4D7-4A49-934A-066D​59A43C7E}" = SmartSound Quicktracks Plugin
 "{4AE3A0CB-87B0-4F51-BECD-3D1F​8DFDD62F}" = SAGEM F@st 800-840
 "{4C590030-7469-453E-8589-D15D​A9D03F52}" = ANIWZCS2 Service
 "{57F0ED40-8F11-41AA-B926-4A66​D0D1A9CC}" = Microsoft Office Live Add-in 1.3
 "{5DD76286-9BE7-4894-A990-E905​E91AC818}" = Windows Live Mail
 "{5F8E2CBB-949D-4175-AC98-5ADE​7F6C9697}" = NCsoft Launcher
 "{6956856F-B6B3-4BE0-BA0B-8F49​5BE32033}" = Apple Software Update
 "{6BE2A4A4-99FB-48ED-AE1E-4E85​0389F804}" = PartitionMagic
 "{6CC95B76-D380-46B2-9022-9353​938E48BA}" = Logitech GamePanel Software 3.03.133
 "{6D316D67-DA52-4659-9C98-F479​963534D6}" = Audiosurf
 "{6E7DD182-9FC6-4651-0095-2E66​6CC6AF35}" = Les Sims 2
 "{7299052b-02a4-4627-81f2-1818​da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{767CC44C-9BBC-438D-BAD3-FD45​95DD148B}" = VC80CRTRedist - 8.0.50727.762
 "{770F1BEC-2871-4E70-B837-FB85​25FFA3B1}" = Windows Live Messenger
 "{7B3577F5-1D82-4C9B-008B-69D0​26FD8BCA}" = Les Sims 2 : La bonne affaire
 "{7B5CE976-C7A9-4E38-A7F3-6C8E​F025DD8E}" = ANIO Service
 "{7B63B2922B174135AFC0E1377DD8​1EC2}" = DivX Codec
 "{7DA98964-804D-4DCF-AD6A-DE9D​9EF3A825}" = Mission Equitation
 "{7E659C5C-4DF1-499B-B802-77BA​E9ABE4D4}" = Razer Diamondback 3G
 "{7F34A21F-2DEB-4598-BB19-611D​6BD24271}" = Managed DirectX (0901)
 "{82C7B308-0BDD-49D8-8EA5-9CD3​A3F9DF41}" = Windows Live Call
 "{8411FA28-D32D-4518-92F0-3FBD​80A702BC}" = Sony Vegas 7.0
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{8A74E887-8F0F-4017-AF53-CBA4​2211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
 "{8ADFC4160D694100B5B8A22DE9DC​ABD9}" = DivX Player
 "{8DC910CD-8EE3-4ffc-A4EB-9B02​701059C4}" = Battlefield Heroes
 "{90120000-0010-040C-0000-0000​000FF1CE}" = Microsoft Software Update for Web Folders  (French) 12
 "{90120000-0016-040C-0000-0000​000FF1CE}" = Microsoft Office Excel MUI (French) 2007
 "{90120000-0018-040C-0000-0000​000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
 "{90120000-001B-040C-0000-0000​000FF1CE}" = Microsoft Office Word MUI (French) 2007
 "{90120000-001F-0401-0000-0000​000FF1CE}" = Microsoft Office Proof (Arabic) 2007
 "{90120000-001F-0407-0000-0000​000FF1CE}" = Microsoft Office Proof (German) 2007
 "{90120000-001F-0409-0000-0000​000FF1CE}" = Microsoft Office Proof (English) 2007
 "{90120000-001F-040C-0000-0000​000FF1CE}" = Microsoft Office Proof (French) 2007
 "{90120000-001F-0413-0000-0000​000FF1CE}" = Microsoft Office Proof (Dutch) 2007
 "{90120000-001F-0C0A-0000-0000​000FF1CE}" = Microsoft Office Proof (Spanish) 2007
 "{90120000-002C-040C-0000-0000​000FF1CE}" = Microsoft Office Proofing (French) 2007
 "{90120000-006E-040C-0000-0000​000FF1CE}" = Microsoft Office Shared MUI (French) 2007
 "{90120000-00A1-040C-0000-0000​000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
 "{907B4640-266B-4A21-92FB-CD1A​86CD0F63}" = RollerCoaster Tycoon® 3
 "{909F8EBC-EC7F-48FF-0085-475D​818F0F31}" = Need for Speed Underground 2
 "{91120000-002F-0000-0000-0000​000FF1CE}" = Microsoft Office Home and Student 2007
 "{95120000-00B9-0409-0000-0000​000FF1CE}" = Microsoft Application Error Reporting
 "{9527450C-64B3-11D5-9B31-0000​21116B62}" = SmartCamera Ver 2.1
 "{980A182F-E0A2-4A40-94C1-AE0C​1235902E}" = Pando Media Booster
 "{9A25302D-30C0-39D9-BD6F-21E6​EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9C9CEB9D-53FD-49A7-85D2-FE67​4F72F24E}" = Microsoft Search Enhancement Pack
 "{A1F66FC9-11EE-4F2F-98C9-16F8​D1E69FB7}" = Segoe UI
 "{A3051CD0-2F64-3813-A88D-B8DC​CDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
 "{A49F249F-0C91-497F-86DF-B258​5E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
 "{A96E97134CA649888820BCDE5E30​0BBD}" = H.264 Decoder
 "{A99968BE-C155-474C-0089-3323​9DEE1CE2}" = Need For Speed Underground
 "{AAC389499AEF40428987B3D30CFC​76C9}" = MKV Splitter
 "{AC76BA86-7AD7-1036-7B44-A910​00000001}" = Adobe Reader 9.1 - Français
 "{AC76BA86-7AD7-1036-7B44-A920​00000001}" = Adobe Reader 9.2 - Français
 "{ACCA20B0-C4D1-4BF5-BF21-0A0E​B5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
 "{AEF9DC35ADDF4825B049ACBFD1C6​EB37}" = AAC Decoder
 "{B131E59D-202C-43C6-84C9-68F0​C37541F1}" = Galerie de photos Windows Live
 "{B13A7C41581B411290FBC0395694​E2A9}" = DivX Converter
 "{B7050CBDB2504B34BC2A9CA0A692​CC29}" = DivX Web Player
 "{BBF0A67B-5DBA-452F-9D2E-6F16​8BC226E4}" = Need for Speed™ SHIFT
 "{BD64AF4A-8C80-4152-AD77-FCDD​F05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
 "{C05D8CDB-417D-4335-A38C-A065​9EDFD6B8}" = Les Sims™ 3
 "{C09FB3CD-3D0C-3F2D-899A-6A1D​67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
 "{C0B48A76-2FA3-4497-B51F-0487​D96F65E3}" = Patch pour les accents des fichiers WAV
 "{C5C1C0F0-D62F-4DBF-81D4-D7EF​397C228B}" = NVIDIA PhysX
 "{CB099890-1D5F-11D5-9EA9-0050​BAE317E1}" = CyberLink PowerDirector
 "{CE2CDD62-0124-36CA-84D3-9F4D​CF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{D5D81435-B8DE-4CAF-867F-7998​F2B92CFC}" = Windows Live Contrôle parental
 "{DA7F79E4-9B0B-4358-86AA-C8AB​27959E45}" = TronMe
 "{DCE8CD14-FBF5-4464-B9A4-E18E​473546C7}" = Assistant de connexion Windows Live
 "{DFEF49D9-FC95-4301-99B9-2FB9​1C6ABA06}" = Les Sims™ 2 Au fil des saisons
 "{E2DFE069-083E-4631-9B6C-43C4​8E991DE5}" = Junk Mail filter update
 "{E3E71D07-CD27-46CB-8448-16D4​FB29AA13}" = Microsoft WSE 3.0 Runtime
 "{EA9FAF16-0E5C-42C4-9742-9AF8​D5F6D69B}" = ATI Catalyst Control Center
 "{EADAA6F7-991F-4CE9-B5CE-FCF3​D81F7C7D}" = USB PC Camera (SN9C103)
 "{EC7FE2ED-F305-41B7-90B8-3DAE​9E35307A}" = Ma-Config.com
 "{F0B430D1-B6AA-473D-9B06-AA3D​D01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
 "{F0E12BBA-AD66-4022-A453-A1C8​A0C4D570}" = Microsoft Choice Guard
 "{F132AF7F-7BCA-4EDE-8A7C-9581​08FE7DBC}" = Realtek High Definition Audio Driver
 "{F4F7F393-A8E8-42CC-8C2E-7A99​9B48B2AE}_is1" = DirectX10 LV (Last Version)
 "{F7D27C70-90F5-49B9-B188-0A13​3C0CE353}" = Windows Live Toolbar
 "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
 "Adobe Acrobat 5.0" = Adobe Acrobat 5.0
 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
 "Advanced SystemCare 3_is1" = Advanced SystemCare 3
 "Age of Empires 2.0" = Microsoft Age of Empires II
 "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II : The Conquerors Expansion
 "Alexandra Ledermann 4" = Alexandra Ledermann 4
 "Alexandra Ledermann 5" = Alexandra Ledermann 5
 "Arabisch Paard" = Arabisch Paard
 "ASIO4ALL" = ASIO4ALL
 "AVS Update Manager_is1" = AVS Update Manager 1.0
 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
 "AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
 "Cakewalk VST Adapter 4" = Cakewalk VST Adapter 4
 "Cakewalk VST Adapter 4.4.4.0" = Cakewalk VST Adapter 4.4.4.0
 "CCleaner" = CCleaner
 "Counter-Strike Source" = Counter-Strike Source
 "Diablo II" = Diablo II
 "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
 "DreamStation DXi2" = DreamStation DXi2
 "Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
 "EADM" = EA Download Manager
 "'Europese Eenhoorn'" = 'Europese Eenhoorn'
 "Fake Webcam_is1" = Fake Webcam 4.0.5
 "ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
 "FileZilla Client" = FileZilla Client 3.2.6.1
 "Fraps" = Fraps (remove only)
 "Free Video Converter_is1" = Free Video Converter V 2.0
 "Fries Paard" = Fries Paard
 "FruityLoops Studio Producer Edition v4.01" = FruityLoops Studio Producer Edition v4.01
 "GearBox 3.00" = GearBox 3.00 (Remove Only)
 "GIF Movie Gear_is1" = GIF Movie Gear 4.2
 "GTK 2.0" = Bibliothèques GTK+ 2.14.7 rev a (supprimer uniquement)
 "Guitar Pro 5_is1" = Guitar Pro 5.2
 "Half-Life Lan" = Half-Life Lan
 "Hamachi" = Hamachi 1.0.2.5
 "HijackThis" = HijackThis 2.0.2
 "HLSW_is1" = HLSW v1.3.1
 "HOMESTUDENTR" = Microsoft Office Home and Student 2007
 "Horse Life_is1" = Horse Life
 "Installing HSP56 MicroModem Drivers" = Sapphire V90 MicroModem Drivers
 "InstallShield_{15292416-A464-​4FBA-BB96-7298EAACFC07}" = Zoo Tycoon 2 - Animaux disparus
 "InstallShield_{4A7FDA4D-F4D7-​4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
 "InstallShield_{6BE2A4A4-99FB-​48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
 "InstallShield_{CB099890-1D5F-​11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
 "LucasArts' Rogue Squadron" = LucasArts' Rogue Squadron
 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
 "Messenger Plus! Live" = Messenger Plus! Live
 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
 "mIRC" = mIRC
 "Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
 "Multi Virus Cleaner 2009_is1" = Multi Virus Cleaner 2009
 "Mumble" = Mumble and Murmur
 "Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
 "NSS" = Norton Security Scan
 "NVIDIA Drivers" = NVIDIA Drivers
 "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
 "Nvu_is1" = Nvu 1.0
 "OneSwarm 0.6" = OneSwarm 0.6
 "PhotoFiltre" = PhotoFiltre
 "PunkBusterSvc" = PunkBuster Services
 "Steam App 10" = Counter-Strike
 "Steam App 240" = Counter-Strike: Source
 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
 "TeamViewer 5" = TeamViewer 5
 "TmNationsForever_is1" = TmNationsForever
 "Video Capture Master_is1" = Video Capture Master 7.0.1.89
 "VirusKeeper 2009 Pro Evaluation_is1" = VirusKeeper 2009 Pro Evaluation
 "VLC media player" = VLC media player 1.0.1
 "Waves SSL Collection v1.2" = Waves SSL Collection v1.2
 "WebTarot_is1" = WebTarot 1.29
 "Windows Media Format Runtime" = Windows Media Format 11 runtime
 "Windows Media Player" = Lecteur Windows Media 11
 "WinLiveSuite_Wave3" = Installation Windows Live
 "WinRAR archiver" = Archiveur WinRAR
 "WMFDist11" = Windows Media Format 11 runtime
 "wmp11" = Windows Media Player 11
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\S-1-5-21-725345543-​1677128483-1417001333-1005\SOF​TWARE\Microsoft\Windows\Curren​tVersion\Uninstall]
 "I-Doser v4" = I-Doser v4
 "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
 "Octoshape Streaming Services" = Octoshape Streaming Services
 "uTorrent" = µTorrent
 "Warcraft III" = Warcraft III: All Products
 
 ========== Last 10 Event Log Errors ==========
 
 [ Application Events ]
 Error - 19/12/2009 11:07:12 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 Error - 19/12/2009 11:14:12 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 Error - 19/12/2009 14:30:17 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 Error - 20/12/2009 08:32:49 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 Error - 20/12/2009 09:39:22 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 Error - 20/12/2009 10:26:37 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 Error - 20/12/2009 19:52:21 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 Error - 20/12/2009 23:37:56 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 Error - 21/12/2009 00:11:30 | Computer Name = SCAMP-1 | Source = Application Hang | ID = 1002
 Description = Application bloquée firefox.exe, version 1.9.1.3622, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
 Error - 21/12/2009 01:21:14 | Computer Name = SCAMP-1 | Source = MsiInstaller | ID = 11402
 Description = Product: MSXML 4.0 SP2 (KB954430) -- Error 1402. Could not open key:
 HKEY_LOCAL_MACHINE\Software\Cl​asses\Msxml2.DOMDocument.4.0\C​LSID.  System error
 5.  Verify that you have sufficient access to that key, or contact your support
 personnel.
 
 [ System Events ]
 Error - 21/12/2009 06:32:25 | Computer Name = SCAMP-1 | Source = PSched | ID = 14107
 Description = QoS [Carte NDISWANIP] :  le planificateur de paquets n'a pas pu initialiser
 le miniport virtuel avec NDIS.
 
 Error - 21/12/2009 06:32:25 | Computer Name = SCAMP-1 | Source = PSched | ID = 14104
 Description = QoS [Carte NDISWANIP] :  le planificateur de paquets n'a pas pu effectuer
 la liaison avec le pilote miniport de la carte réseau.
 
 Error - 21/12/2009 06:32:27 | Computer Name = SCAMP-1 | Source = Service Control Manager | ID = 7000
 Description = Le service General Purpose USB Driver (adildr.sys) n'a pas pu démarrer
 en raison de l'erreur :   %%2
 
 Error - 21/12/2009 06:32:27 | Computer Name = SCAMP-1 | Source = Service Control Manager | ID = 7000
 Description = Le service fssfltr n'a pas pu démarrer en raison de l'erreur :   %%2
 
 Error - 21/12/2009 06:32:27 | Computer Name = SCAMP-1 | Source = Service Control Manager | ID = 7000
 Description = Le service ANIO Service n'a pas pu démarrer en raison de l'erreur :

%%2
 
 Error - 21/12/2009 06:32:27 | Computer Name = SCAMP-1 | Source = Service Control Manager | ID = 7000
 Description = Le service McAfee Real-time Scanner n'a pas pu démarrer en raison
 de l'erreur :   %%3
 
 Error - 21/12/2009 06:32:27 | Computer Name = SCAMP-1 | Source = Service Control Manager | ID = 7000
 Description = Le service McAfee Personal Firewall Service n'a pas pu démarrer en
 raison de l'erreur :   %%3
 
 Error - 21/12/2009 06:32:27 | Computer Name = SCAMP-1 | Source = Service Control Manager | ID = 7000
 Description = Le service SeaPort n'a pas pu démarrer en raison de l'erreur :   %%3
 
 Error - 21/12/2009 06:32:28 | Computer Name = SCAMP-1 | Source = Service Control Manager | ID = 7024
 Description = Le service Routage et accès distant s'est arrêté avec l'erreur service
 particulière 2 (0x2).
 
 Error - 21/12/2009 06:32:30 | Computer Name = SCAMP-1 | Source = Service Control Manager | ID = 7026
 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
 charger :   AmdK7  mfehidk  MPFP  viaagp  ViaIde  Vmodem  Vpctcom  Vvoice
 
 
 < End of report >

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 21/12/2009 à 23:51:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 As-tu suivi une procédure de désinfection antérieurement ?

 Désactive tes logiciels de sécurité durant la procédure.

 1) Désactive les application ci-dessous (si présentes) via ajout/suppression de programmes :

 ANIO Service
 Multi Virus Cleaner 2009
 Norton Security Scan
 VirusKeeper 2009 Pro Evaluation


 2) McAfee n'est que partiellement désinstallé.
 Télécharge le McAfee Consumer Product Removal tool et sauvegarde-le sur ton bureau.

 - Clique deux fois sur l'icône MCPR.exe.
 - Suis les instructions.
 - Redémarre ton ordinateur lorsque l'outil affichera le message "CleanUp Successful".


 3) Relance OTL

 - Copie-colle l'entièreté de ceci ci dessous dans la partie "Customs Scans/Fixes" :



:Processes
 explorer.exe

 :otl
 PRC - C:\WINDOWS\rndll.exe ()
 SRV - (SiteAdvisor Service) -- File not found
 SRV - (SeaPort) -- File not found
 SRV - (MpfService) -- File not found
 SRV - (McSysmon) -- File not found
 SRV - (McShield) -- File not found
 SRV - (McProxy) -- File not found
 SRV - (McODS) -- File not found
 SRV - (McNASvc) -- File not found
 SRV - (mcmscsvc) -- File not found
 SRV - (maconfservice) -- File not found
 SRV - (fsssvc) -- File not found
 SRV - (ATI Smart) -- File not found
 SRV - (Ati HotKey Poller) -- File not found
 SRV - (ANIWZCSdService) -- File not found
 IE - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\SOFTWARE\M​icrosoft\Internet Explorer\Main,Start Page = http://www.gllod.com
 O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048A​E113215} - No CLSID value found.
 O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - No CLSID value found.
 O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F​01C5231} - No CLSID value found.
 O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6​E806AA0} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - No CLSID value found.
 O3 - HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\..\Toolbar​\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - No CLSID value found.
 O4 - HKLM..\Run: [Firevall Administrating] C:\WINDOWS\rndll.exe ()
 O4 - HKLM..\Run: [PCTVOICE] File not found
 O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - File not found
 [2009/12/15 19:03:07 | 01,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\VINZ\Bureau\WinsockXP​Fix.exe
 [2009/12/15 18:58:58 | 00,186,880 | ---- | C] (CEXX.ORG) -- C:\Documents and Settings\VINZ\Bureau\LSPFix.ex​e
 [2009/12/14 22:28:29 | 00,000,000 | ---D | C] -- C:\_OTM
 [2009/12/14 22:27:56 | 00,408,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\VINZ\Bureau\OTM.exe
 [2009/12/14 22:27:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VINZ\Bureau\Upload_Me
 [2009/12/14 22:23:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VINZ\Bureau\MSNFix
 [2009/12/14 22:22:59 | 00,000,000 | ---D | C] -- C:\backups
 [2009/12/14 22:17:47 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\HijackThis.exe
 [2009/12/13 15:18:15 | 00,000,000 | ---D | C] -- C:\rsit
 [2009/12/21 12:00:00 | 00,000,330 | ---- | M] () -- C:\WINDOWS\tasks\cgryvpzc.job
 [2009/12/14 22:40:29 | 00,000,023 | -HS- | M] () -- C:\WINDOWS\System32\dbecdbd_g.​dll
 [2009/12/14 22:40:29 | 00,000,023 | ---- | M] () -- C:\WINDOWS\System32\eaeeeb2_g.​ocx
 [2009/12/13 18:00:00 | 00,000,556 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for VINZ.job
 [2009/12/12 04:22:50 | 00,111,757 | RHS- | M] () -- C:\WINDOWS\rndll.exe
 [2009/12/10 21:38:28 | 00,499,630 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.d​at
 [2009/12/10 21:38:28 | 00,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.d​at
 [2009/12/10 21:38:28 | 00,080,680 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.d​at
 [2009/12/10 21:38:28 | 00,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.d​at
 [2009/12/10 21:38:27 | 00,404,934 | ---- | M] () -- C:\WINDOWS\System32\perfh040.d​at
 [2009/12/10 21:38:27 | 00,049,348 | ---- | M] () -- C:\WINDOWS\System32\perfc040.d​at
 [2009/01/20 18:01:24 | 01,465,612 | -HS- | C] () -- C:\WINDOWS\System32\hmclycon.i​ni
 [2009/01/19 18:02:28 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\yzydfb.dll
 [2009/01/19 18:02:27 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\chpquebq.d​ll
 [2009/01/19 18:00:23 | 01,436,206 | -HS- | C] () -- C:\WINDOWS\System32\pdfswjuj.i​ni
 [2009/01/21 18:19:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
 [2009/08/20 17:40:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
 [2009/12/16 10:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ISA ET FRANZ\Application Data\Grisoft
 [2009/12/15 20:19:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JULIE\Application Data\Grisoft
 [2009/02/28 15:55:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VINZ\Application Data\IObit

 :services
 SeaPort

 :reg
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiVirus]
 "DisableMonitoring"=-
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeFirewall]
 "DisableMonitoring"=-
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\ADILOAD​ER]
 "Start"=dword:00000000

 :Commands
 [Purity]
 [emptytemp]
 [start explorer]
 [Reboot]



 Clique ensuite sur "Run Fix". L'ordinateur peut demander à redémarrer, accepte.
 Une fois l'opération terminée, un fichier texte apparaîtra à l'écran. Copie/colle son contenu ici.


 4) Lance Malwarebytes' Anti-Malware  :

 - Fais une mise à jour de sa base de données
 - Coche la case "Exécuter un examen complet" puis clique sur Rechercher.
 - Sélectionne (coche) toutes tes partitions puis clique sur "Lancer l'examen".
 - Lorsque le scan est terminé, un message te prévient. Clique alors sur le bouton "Montrer les résultats".
 - Dans la fenêtre suivante clique sur "Supprimer la sélection". Si le programme te propose de redémarrer l'ordinateur, accepte!
 - Le rapport de scan va s'afficher. Sauvegarde le puis poste son contenu.


 5) Je te conseille grandement d'installer l'antivirus AntiVir.

 - Configure-le selon les instructions données par cette vidéo.

 - Fais un scan complet de tous tes disques durs.
 - Poste le rapport de scan dans ta prochaine réponse.


 Comment se comporte le système ?


 Cordialement.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/12/2009 à 18:11:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Yo !
 alors
 ANIO Service -> Pas pu desinstaller, quand je cliquais sur desinstaller, il ne se passait rien
 Multi Virus Cleaner 2009 -> desinstallé
 Norton Security Scan -> desinstallé
 VirusKeeper 2009 Pro Evaluation -> desinstallé

 McAfee supp avec succes

 OTL :
 All processes killed
 ========== PROCESSES ==========
 No active process named explorer.exe was found!
 ========== OTL ==========
 No active process named rndll.exe was found!
 Service SiteAdvisor Service stopped successfully!
 Service SiteAdvisor Service deleted successfully!
 File  File not found not found.
 Service SeaPort stopped successfully!
 Service SeaPort deleted successfully!
 File  File not found not found.
 Service MpfService stopped successfully!
 Service MpfService deleted successfully!
 File  File not found not found.
 Service McSysmon stopped successfully!
 Service McSysmon deleted successfully!
 File  File not found not found.
 Error: No service named McShield was found to stop!
 Unable to stop service McShield!
 File  File not found not found.
 Service McProxy stopped successfully!
 Service McProxy deleted successfully!
 File  File not found not found.
 Service McODS stopped successfully!
 Service McODS deleted successfully!
 File  File not found not found.
 Service McNASvc stopped successfully!
 Service McNASvc deleted successfully!
 File  File not found not found.
 Service mcmscsvc stopped successfully!
 Service mcmscsvc deleted successfully!
 File  File not found not found.
 Service maconfservice stopped successfully!
 Service maconfservice deleted successfully!
 File  File not found not found.
 Service fsssvc stopped successfully!
 Service fsssvc deleted successfully!
 File  File not found not found.
 Service ATI Smart stopped successfully!
 Service ATI Smart deleted successfully!
 File  File not found not found.
 Service Ati HotKey Poller stopped successfully!
 Service Ati HotKey Poller deleted successfully!
 File  File not found not found.
 Service ANIWZCSdService stopped successfully!
 Service ANIWZCSdService deleted successfully!
 File  File not found not found.
 Unable to set value : HKU\S-1-5-21-725345543-1677128​483-1417001333-1005\SOFTWARE\M​icrosoft\Internet Explorer\Main\\Start Page| /E!
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{089FD14D-132B-48FC-88​61-0048AE113215}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{089FD14D-132B-48F​C-8861-0048AE113215}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A1​4F-B9E3AAC4465B}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{6EBF7485-159F-4bf​f-A14F-B9E3AAC4465B}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B6​8D-6309F01C5231}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{7DB2D5A0-7241-4E7​9-B68D-6309F01C5231}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81​EA-DC94EC1ACF10}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E15A8DC0-8516-42A​1-81EA-DC94EC1ACF10}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{0BF43445-2F​28-4351-9252-17FE6E806AA0} not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{0BF43445-2F28-435​1-9252-17FE6E806AA0}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{21FA44EF-37​6D-4D53-9B0F-8A89D3229068} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{21FA44EF-376D-4D5​3-9B0F-8A89D3229068}\ not found.
 Registry value HKEY_USERS\S-1-5-21-725345543-​1677128483-1417001333-1005\Sof​tware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​32099AAC-C132-4136-9E9A-4E364A​424E17} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{32099AAC-C132-413​6-9E9A-4E364A424E17}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run\\Firevall Administrating deleted successfully.
 C:\WINDOWS\rndll.exe moved successfully.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run\\PCTVOICE deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Not​ify\AtiExtEvent\ deleted successfully.
 C:\Documents and Settings\VINZ\Bureau\WinsockXP​Fix.exe moved successfully.
 C:\Documents and Settings\VINZ\Bureau\LSPFix.ex​e moved successfully.
 C:\_OTM\MovedFiles\12152009_18​5448 folder moved successfully.
 C:\_OTM\MovedFiles\12142009_22​2829 folder moved successfully.
 C:\_OTM\MovedFiles folder moved successfully.
 C:\_OTM folder moved successfully.
 C:\Documents and Settings\VINZ\Bureau\OTM.exe moved successfully.
 C:\Documents and Settings\VINZ\Bureau\Upload_Me folder moved successfully.
 C:\Documents and Settings\VINZ\Bureau\MSNFix\in​cl\service folder moved successfully.
 C:\Documents and Settings\VINZ\Bureau\MSNFix\in​cl folder moved successfully.
 C:\Documents and Settings\VINZ\Bureau\MSNFix folder moved successfully.
 C:\backups folder moved successfully.
 C:\HijackThis.exe moved successfully.
 C:\rsit folder moved successfully.
 C:\WINDOWS\tasks\cgryvpzc.job moved successfully.
 C:\WINDOWS\system32\dbecdbd_g.​dll moved successfully.
 C:\WINDOWS\system32\eaeeeb2_g.​ocx moved successfully.
 File C:\WINDOWS\tasks\Norton Security Scan for VINZ.job not found.
 File C:\WINDOWS\rndll.exe not found.
 C:\WINDOWS\system32\perfh00C.d​at moved successfully.
 C:\WINDOWS\system32\perfh009.d​at moved successfully.
 C:\WINDOWS\system32\perfc00C.d​at moved successfully.
 C:\WINDOWS\system32\perfc009.d​at moved successfully.
 C:\WINDOWS\system32\perfh040.d​at moved successfully.
 C:\WINDOWS\system32\perfc040.d​at moved successfully.
 C:\WINDOWS\system32\hmclycon.i​ni moved successfully.
 C:\WINDOWS\system32\yzydfb.dll moved successfully.
 C:\WINDOWS\system32\chpquebq.d​ll moved successfully.
 C:\WINDOWS\system32\pdfswjuj.i​ni moved successfully.
 C:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads folder moved successfully.
 C:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5 folder moved successfully.
 C:\Documents and Settings\All Users\Application Data\Grisoft folder moved successfully.
 C:\Documents and Settings\All Users\Application Data\PopCap Games\.system folder moved successfully.
 C:\Documents and Settings\All Users\Application Data\PopCap Games folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Grisoft\AVG Antispyware 7.5\Reports folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Grisoft\AVG Antispyware 7.5\quarantine folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Grisoft\AVG Antispyware 7.5 folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Grisoft folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Grisoft\AVG Antispyware 7.5\Reports folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Grisoft\AVG Antispyware 7.5\quarantine folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Grisoft\AVG Antispyware 7.5 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Grisoft folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\IObit\Advanced SystemCare\Backup folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\IObit\Advanced SystemCare folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\IObit folder moved successfully.
 ========== SERVICES/DRIVERS ==========
 Error: No service named SeaPort was found to stop!
 Unable to stop service SeaPort!
 ========== REGISTRY ==========
 Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiVi​rus\\DisableMonitoring not found.
 Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeFirewa​ll\\DisableMonitoring not found.
 HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\ADILOAD​ER\\"Start"|dword:00000000 /E : value set successfully!
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: ISA ET FRANZ
 ->Temp folder emptied: 3778005 bytes
 ->Temporary Internet Files folder emptied: 439639 bytes
 ->Java cache emptied: 0 bytes
 ->FireFox cache emptied: 51892019 bytes
 
 User: JULIE
 ->Temp folder emptied: 3572922 bytes
 ->Temporary Internet Files folder emptied: 220154 bytes
 ->Java cache emptied: 14620552 bytes
 ->FireFox cache emptied: 93908620 bytes
 
 User: LocalService
 ->Temp folder emptied: 65984 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: NetworkService
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: VINZ
 ->Temp folder emptied: 8764684 bytes
 ->Temporary Internet Files folder emptied: 7830001 bytes
 ->Java cache emptied: 13967527 bytes
 ->FireFox cache emptied: 36932682 bytes
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 Windows Temp folder emptied: 0 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temp folder emptied: 23966488 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
 RecycleBin emptied: 1555855201 bytes
 
 Total Files Cleaned = 1 732,00 mb
 
 
 OTL by OldTimer - Version 3.1.19.0 log created on 12222009_022201

 Files\Folders moved on Reboot...

 Registry entries deleted on Reboot...


 Avec MBAM aucune erreur trouvée

 J installe a present Antivir, je ferai le scan et je t enverrai le résultat

 merci ! ;)

(Publicité)
snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/12/2009 à 21:25:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Terminé !

 Rapport AntiVir :


 Avira AntiVir Personal
 Date de création du fichier de rapport : mardi 22 décembre 2009  18:05

 La recherche porte sur 1464663 souches de virus.

 Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
 Numéro de série         : 0000149996-ADJIE-0000001
 Plateforme              : Windows XP
 Version de Windows      : (Service Pack 3)  [5.1.2600]
 Mode Boot               : Démarré normalement
 Identifiant             : SYSTEM
 Nom de l'ordinateur     : SCAMP-1

 Informations de version :
 BUILD.DAT               : 9.0.0.74      21698 Bytes  04/12/2009 13:56:00
 AVSCAN.EXE              : 9.0.3.10     466689 Bytes  13/10/2009 10:25:46
 AVSCAN.DLL              : 9.0.3.0       49409 Bytes  03/03/2009 09:21:02
 LUKE.DLL                : 9.0.3.2      209665 Bytes  20/02/2009 10:35:11
 LUKERES.DLL             : 9.0.2.0       13569 Bytes  03/03/2009 09:21:31
 VBASE000.VDF            : 7.10.0.0   19875328 Bytes  06/11/2009 06:35:52
 VBASE001.VDF            : 7.10.1.0    1372672 Bytes  19/11/2009 16:48:17
 VBASE002.VDF            : 7.10.1.1       2048 Bytes  19/11/2009 16:48:17
 VBASE003.VDF            : 7.10.1.2       2048 Bytes  19/11/2009 16:48:17
 VBASE004.VDF            : 7.10.1.3       2048 Bytes  19/11/2009 16:48:17
 VBASE005.VDF            : 7.10.1.4       2048 Bytes  19/11/2009 16:48:17
 VBASE006.VDF            : 7.10.1.5       2048 Bytes  19/11/2009 16:48:17
 VBASE007.VDF            : 7.10.1.6       2048 Bytes  19/11/2009 16:48:17
 VBASE008.VDF            : 7.10.1.7       2048 Bytes  19/11/2009 16:48:18
 VBASE009.VDF            : 7.10.1.8       2048 Bytes  19/11/2009 16:48:18
 VBASE010.VDF            : 7.10.1.9       2048 Bytes  19/11/2009 16:48:18
 VBASE011.VDF            : 7.10.1.10      2048 Bytes  19/11/2009 16:48:18
 VBASE012.VDF            : 7.10.1.11      2048 Bytes  19/11/2009 16:48:18
 VBASE013.VDF            : 7.10.1.79    209920 Bytes  25/11/2009 16:48:20
 VBASE014.VDF            : 7.10.1.128    197632 Bytes  30/11/2009 16:48:21
 VBASE015.VDF            : 7.10.1.178    195584 Bytes  07/12/2009 16:48:23
 VBASE016.VDF            : 7.10.1.224    183296 Bytes  14/12/2009 16:48:25
 VBASE017.VDF            : 7.10.1.247    182272 Bytes  15/12/2009 16:48:26
 VBASE018.VDF            : 7.10.2.30    198144 Bytes  21/12/2009 16:48:28
 VBASE019.VDF            : 7.10.2.31      2048 Bytes  21/12/2009 16:48:28
 VBASE020.VDF            : 7.10.2.32      2048 Bytes  21/12/2009 16:48:28
 VBASE021.VDF            : 7.10.2.33      2048 Bytes  21/12/2009 16:48:28
 VBASE022.VDF            : 7.10.2.34      2048 Bytes  21/12/2009 16:48:29
 VBASE023.VDF            : 7.10.2.35      2048 Bytes  21/12/2009 16:48:29
 VBASE024.VDF            : 7.10.2.36      2048 Bytes  21/12/2009 16:48:30
 VBASE025.VDF            : 7.10.2.37      2048 Bytes  21/12/2009 16:48:30
 VBASE026.VDF            : 7.10.2.38      2048 Bytes  21/12/2009 16:48:30
 VBASE027.VDF            : 7.10.2.39      2048 Bytes  21/12/2009 16:48:30
 VBASE028.VDF            : 7.10.2.40      2048 Bytes  21/12/2009 16:48:30
 VBASE029.VDF            : 7.10.2.41      2048 Bytes  21/12/2009 16:48:30
 VBASE030.VDF            : 7.10.2.42      2048 Bytes  21/12/2009 16:48:30
 VBASE031.VDF            : 7.10.2.50     66560 Bytes  22/12/2009 16:48:31
 Version du moteur       : 8.2.1.122
 AEVDF.DLL               : 8.1.1.2      106867 Bytes  08/11/2009 06:38:52
 AESCRIPT.DLL            : 8.1.3.4      586105 Bytes  22/12/2009 16:48:49
 AESCN.DLL               : 8.1.3.0      127348 Bytes  22/12/2009 16:48:47
 AESBX.DLL               : 8.1.1.1      246132 Bytes  08/11/2009 06:38:44
 AERDL.DLL               : 8.1.3.4      479605 Bytes  22/12/2009 16:48:46
 AEPACK.DLL              : 8.2.0.3      422261 Bytes  08/11/2009 06:38:40
 AEOFFICE.DLL            : 8.1.0.38     196987 Bytes  08/11/2009 06:38:38
 AEHEUR.DLL              : 8.1.0.189   2195833 Bytes  22/12/2009 16:48:44
 AEHELP.DLL              : 8.1.9.0      237943 Bytes  22/12/2009 16:48:35
 AEGEN.DLL               : 8.1.1.82     369014 Bytes  22/12/2009 16:48:34
 AEEMU.DLL               : 8.1.1.0      393587 Bytes  08/11/2009 06:38:26
 AECORE.DLL              : 8.1.9.1      180598 Bytes  22/12/2009 16:48:32
 AEBB.DLL                : 8.1.0.3       53618 Bytes  08/11/2009 06:38:20
 AVWINLL.DLL             : 9.0.0.3       18177 Bytes  12/12/2008 07:47:30
 AVPREF.DLL              : 9.0.3.0       44289 Bytes  26/08/2009 14:13:31
 AVREP.DLL               : 8.0.0.3      155905 Bytes  20/01/2009 13:34:28
 AVREG.DLL               : 9.0.0.0       36609 Bytes  07/11/2008 14:24:42
 AVARKT.DLL              : 9.0.0.3      292609 Bytes  24/03/2009 14:05:22
 AVEVTLOG.DLL            : 9.0.0.7      167169 Bytes  30/01/2009 09:36:37
 SQLITE3.DLL             : 3.6.1.0      326401 Bytes  28/01/2009 14:03:49
 SMTPLIB.DLL             : 9.2.0.25      28417 Bytes  02/02/2009 07:20:57
 NETNT.DLL               : 9.0.0.0       11521 Bytes  07/11/2008 14:40:59
 RCIMAGE.DLL             : 9.0.0.25    2438913 Bytes  17/06/2009 12:44:26
 RCTEXT.DLL              : 9.0.73.0      88321 Bytes  02/11/2009 15:58:32

 Configuration pour la recherche actuelle :
 Nom de la tâche.........................​......: Contrôle intégral du système
 Fichier de configuration.................​.....: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
 Documentation.................​................: bas
 Action principale....................​.........: interactif
 Action secondaire....................​.........: ignorer
 Recherche sur les secteurs d'amorçage maître..: marche
 Recherche sur les secteurs d'amorçage.........: marche
 Secteurs d'amorçage....................​.......: C:, X:,
 Recherche dans les programmes actifs..........: marche
 Recherche en cours sur l'enregistrement.......: marche
 Recherche de Rootkits......................​...: marche
 Contrôle d'intégrité de fichiers système......: arrêt
 Recherche optimisée.....................​......: marche
 Fichier mode de recherche.....................​: Tous les fichiers
 Recherche sur les archives....................: marche
 Limiter la profondeur de récursivité..........: 20
 Archive Smart Extensions....................​..: marche
 Heuristique de macrovirus....................​.: marche
 Heuristique fichier.......................​....: moyen
 Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+PFS,+S​PR,

 Début de la recherche : mardi 22 décembre 2009  18:05

 La recherche d'objets cachés commence.
 '81585' objets ont été contrôlés, '0' objets cachés ont été trouvés.

 La recherche sur les processus démarrés commence :
 Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'notepad.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'notepad.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'FTCOMModule.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'OraConfigRecover.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'CoreCom.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'ConnectivityManager.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'SystrayApp.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'AlertModule.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'razerofa.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'Launcher.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'LGDevAgt.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'RTHDCPL.EXE' - '1' module(s) sont contrôlés
 Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'vsnpstd2.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'razerhid.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'LGDCore.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
 '43' processus ont été contrôlés avec '43' modules

 La recherche sur les secteurs d'amorçage maître commence :
 Secteur d'amorçage maître HD0

[INFO]      Aucun virus trouvé !
 Secteur d'amorçage maître HD1

[INFO]      Aucun virus trouvé !

 La recherche sur les secteurs d'amorçage commence :
 Secteur d'amorçage 'C:\'

[INFO]      Aucun virus trouvé !
 Secteur d'amorçage 'X:\'

[INFO]      Aucun virus trouvé !

 La recherche sur les renvois aux fichiers exécutables (registre) commence :
 Le registre a été contrôlé ( '57' fichiers).


 La recherche sur les fichiers sélectionnés commence :

 Recherche débutant dans 'C:\'
 C:\hiberfil.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

[REMARQUE]  Ce fichier est un fichier système Windows.

[REMARQUE]  Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
 C:\pagefile.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

[REMARQUE]  Ce fichier est un fichier système Windows.

[REMARQUE]  Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
 C:\Documents and Settings\JULIE\Mes documents\IMG55876_32.JPG-www.​myspace.com.exe

[RESULTAT]  Contient le modèle de détection du dropper DR/Buzus.ctws
 C:\Documents and Settings\VINZ\Mes documents\AOEII.rar
  [0] Type d'archive: RAR

--> AOEII\GAME\EMPIRES2.EXE

[RESULTAT]  Contient le cheval de Troie TR/Spy.343552
 C:\Documents and Settings\VINZ\Mes documents\AOEII\GAME\EMPIRES2.​EXE

[RESULTAT]  Contient le cheval de Troie TR/Spy.343552
 C:\Documents and Settings\VINZ\Mes documents\Downloads\Diablo 2 full game with expansion\Diablo 2 CD Key Generator.exe

[RESULTAT]  Contient le modèle de détection du ver WORM/Virtool.BUY
 C:\Documents and Settings\VINZ\Mes documents\Mes fichiers reçus\Steam Hack v4.0.rar
  [0] Type d'archive: RAR

--> Steam Hack v4.0\Steam Hack v4.0.exe

[RESULTAT]  Contient le cheval de Troie TR/Hijacker.Gen
 C:\fixwareout\FindT\nircmd.exe

[RESULTAT]  Contient le modèle de détection  de l'application APPL/NirCmd.2
 C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe

[RESULTAT]  Contient le cheval de Troie TR/Spy.343552
 C:\RECYCLER\S-1-5-21-725345543​-1677128483-1417001333-1004\Dc​16.exe

[RESULTAT]  Contient le modèle de détection du logiciel publicitaire ADWARE/Adware.Gen
 C:\System Volume Information\_restore{F2B8E46C-​1B93-4760-90C0-61AF2CF4C4C7}\R​P237\A0010339.exe

[RESULTAT]  Contient le cheval de Troie TR/Crypt.ZPACK.Gen
 C:\System Volume Information\_restore{F2B8E46C-​1B93-4760-90C0-61AF2CF4C4C7}\R​P88\A0005771.dll

[RESULTAT]  Contient le modèle de détection du ver WORM/Agent.5632.3
 C:\WINDOWS\system32\drivers\sp​td.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !
 C:\_OTL\MovedFiles\12222009_02​2201\C_WINDOWS\rndll.exe

[RESULTAT]  Contient le cheval de Troie TR/Crypt.ZPACK.Gen
 C:\_OTL\MovedFiles\12222009_02​2201\C_WINDOWS\system32\chpque​bq.dll

[RESULTAT]  Contient le cheval de Troie TR/Vundo.Gen
 Recherche débutant dans 'X:\' <XTRNVINZ>
 C:\_OTL\MovedFiles\12222009_02​2201\C_WINDOWS\system32\yzydfb​.dll

[RESULTAT]  Contient le cheval de Troie TR/Vundo.Gen

 Début de la désinfection :
 C:\Documents and Settings\JULIE\Mes documents\IMG55876_32.JPG-www.​myspace.com.exe

[RESULTAT]  Contient le modèle de détection du dropper DR/Buzus.ctws

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b781d3b.qua' !
 C:\Documents and Settings\VINZ\Mes documents\AOEII.rar

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b761d3e.qua' !
 C:\Documents and Settings\VINZ\Mes documents\AOEII\GAME\EMPIRES2.​EXE

[RESULTAT]  Contient le cheval de Troie TR/Spy.343552

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b811d77.qua' !
 C:\Documents and Settings\VINZ\Mes documents\Downloads\Diablo 2 full game with expansion\Diablo 2 CD Key Generator.exe

[RESULTAT]  Contient le modèle de détection du ver WORM/Virtool.BUY

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b921d94.qua' !
 C:\Documents and Settings\VINZ\Mes documents\Mes fichiers reçus\Steam Hack v4.0.rar

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b961d9f.qua' !
 C:\fixwareout\FindT\nircmd.exe

[RESULTAT]  Contient le modèle de détection  de l'application APPL/NirCmd.2

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ba31d94.qua' !
 C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe

[RESULTAT]  Contient le cheval de Troie TR/Spy.343552

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ba11d98.qua' !
 C:\RECYCLER\S-1-5-21-725345543​-1677128483-1417001333-1004\Dc​16.exe

[RESULTAT]  Contient le modèle de détection du logiciel publicitaire ADWARE/Adware.Gen

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b621d8e.qua' !
 C:\System Volume Information\_restore{F2B8E46C-​1B93-4760-90C0-61AF2CF4C4C7}\R​P237\A0010339.exe

[RESULTAT]  Contient le cheval de Troie TR/Crypt.ZPACK.Gen

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b611d5c.qua' !
 C:\System Volume Information\_restore{F2B8E46C-​1B93-4760-90C0-61AF2CF4C4C7}\R​P88\A0005771.dll

[RESULTAT]  Contient le modèle de détection du ver WORM/Agent.5632.3

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4fa9bf25.qua' !
 C:\_OTL\MovedFiles\12222009_02​2201\C_WINDOWS\rndll.exe

[RESULTAT]  Contient le cheval de Troie TR/Crypt.ZPACK.Gen

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b951d9a.qua' !
 C:\_OTL\MovedFiles\12222009_02​2201\C_WINDOWS\system32\chpque​bq.dll

[RESULTAT]  Contient le cheval de Troie TR/Vundo.Gen

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ba11d94.qua' !
 C:\_OTL\MovedFiles\12222009_02​2201\C_WINDOWS\system32\yzydfb​.dll

[RESULTAT]  Contient le cheval de Troie TR/Vundo.Gen

[REMARQUE]  Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4baa1da6.qua' !


 Fin de la recherche : mardi 22 décembre 2009  20:25
 Temps nécessaire:  2:14:22 Heure(s)

 La recherche a été effectuée intégralement

  18215 Les répertoires ont été contrôlés
 529566 Des fichiers ont été contrôlés

13 Des virus ou programmes indésirables ont été trouvés

0 Des fichiers ont été classés comme suspects

0 Des fichiers ont été supprimés

0 Des virus ou programmes indésirables ont été réparés

13 Les fichiers ont été déplacés dans la quarantaine

0 Les fichiers ont été renommés

3 Impossible de contrôler des fichiers
 529550 Fichiers non infectés

4274 Les archives ont été contrôlées

3 Avertissements

15 Consignes
  81585 Des objets ont été contrôlés lors du Rootkitscan

0 Des objets cachés ont été trouvés

 Voila jvais voir sur msn...

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/12/2009 à 21:47:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bon, je crois que je dois te remercier  :D
 Plus aucun message intenpestif !  :youpi:

 Vraiment un grand merci Curson pour ton aide !

 Ma soeur va garder la vie !

 a plus mec et encore merci ;)

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 22/12/2009 à 23:00:17  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Ce n'est pas encore tout à fait terminé.

 1) Supprime les dossiers ci-dessous ; ils contiennent des fichiers infectés:

 C:\Documents and Settings\VINZ\Mes documents\AOEII
 C:\Documents and Settings\VINZ\Mes documents\Downloads\Diablo 2 full game with expansion
 C:\Documents and Settings\VINZ\Mes documents\Mes fichiers reçus\Steam Hack v4.0.rar

 Lire : Le danger des cracks !


 Suppression des outils utilisés

 1) Télécharge ToolsCleaner2 de A.Rothstein et enregistre-le sur ton bureau.

 2) Double-clique sur ToolsCleaner2.exe pour lancer l'outil.

 - Clique sur le bouton Recherche.
 - Une fois la recherche terminée, clique sur le bouton Suppression.

 - Copie/colle le rapport et poste-le dans ta prochaine réponse.

 Tu peux ensuite supprimer ToolsCleaner.


 Sécurisation du système

 1) Java n'est pas à jour.
 Télécharge JavaRa et suis les instructions de ce tutorial.
 Poste le rapport obtenu.


 2) Internet Explorer n'est pas à jour, il contient des failles de sécurités qui peuvent via des exploits sur des sites WEB conduire à l'infection.

 Télécharge et installe Internet Explorer 8.


 3) Ta version d'Adobe Reader est elle-aussi non à jour. Des failles

 - Fais la mise à jour vers la version 9.2


 Comment se comporte le système ?


 Cordialement.

(Publicité)
snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/12/2009 à 23:33:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
C:\Documents and Settings\VINZ\Mes documents\AOEII Supprimé
 C:\Documents and Settings\VINZ\Mes documents\Downloads\Diablo 2 full game with expansion Supprimé
 C:\Documents and Settings\VINZ\Mes documents\Mes fichiers reçus\Steam Hack v4.0.rar Pas trouvé...

 ToolsCleaner2, je l ai téléchargé mais lorsque je clique sur rechercher, le bouton reste enfoncé et c est comme si le soft avait planté...

 Pour Javara, je bloque a cette etape : http://lh5.ggpht.com/bertrandj [...] imgmax=800

 Il ne se passe rien lorsque je clique sur Search.

 Comment procéder a la mise a jour d AR ?

 merci :)

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/12/2009 à 23:34:59  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ah oui et la mise a jour de Java se lance, mais a la fin je reçois 2 messages d erreur et ça me dit que la MAJ n a pas été effectuée.

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 22/12/2009 à 23:44:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Nous allons nous y prendre autrement.

 1) Supprime les outils avec cette méthode :

 - Relance OTL et clique sur le bouton "CleanUP".
 - Le système va demander à redémarrer, accepte.


 2) Désinstalle Java 6 Update 13 via ajout/suppression de programme.

 - Télécharge et installe JRE Update 17


 3) Pour mettre à jour Adobe Reader, clique sur le menu "Aide" puis "Rechercher les mises à jour"


 Comment se comporte le système ?


 Cordialement.

(Publicité)
snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/12/2009 à 00:17:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir !
 J ai effectué Clean Up avec OTL

 Lorsque je met a jour AR, je reçois ce message pendant l installation :
 http://img707.imageshack.us/im [...] ilar92.png

 Et pour la desinstallation de Java :
 http://img20.imageshack.us/img20/7056/failjava.png
 Puis je reçois : La source d installation pour ce produit n est pas disponible. Verifiez que la source existe et que vous y avez acces.

 En attendant ta réponse !

 merci

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 23/12/2009 à 00:53:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 1) Télécharge et installe le Windows Installer CleanUp

 - Lance l'utilitaire et sélectionne "(All Users) Java(TM) 6 Update 12"
 - Clique sur le bouton "Remove" ; si l'ordinateur veut redémarrer accepte.
 - Procède ensuite à l'installation de Java Update 17.


 2) Il te faut désinstaller Adobe reader puis le réinstaller à partir de cet exécutable.


 Comment se comporte le système ?


 Cordialement.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/12/2009 à 03:21:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Lors de l install de Java, je reçois
 Échec de la decompression des fichiers Core.

 Pour AR c est installé ;)

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 23/12/2009 à 17:07:16  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 1) Relance JavaRa et clique sur "Additional Tasks"
 Coche les cases comme ci-dessous, puis clique sur Go :

 http://lh4.ggpht.com/bertrandj​un/SIOSnV3POPI/AAAAAAAAAY0/ART​QLK11S3Y/2008-07-20_210607%5B1​0%5D.jpg

 Plusieurs messages vont s'afficher, valide à chaque fois par OK.


 2) Retente l'installation de JRE Update 17


 L'installation a-t-elle fonctionné ?


 Cordialement.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/12/2009 à 20:18:21  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Erf non...
 Joyeux noel !

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 24/12/2009 à 21:05:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Toujours la même erreur ?

 1) Télécharge OTMoveIt3 de OldTimer :

 - Enregistre-le sur ton bureau
 - Double-clique sur OTM.exe pour le lancer (l'extension peut ne pas apparaître).
 - Assure toi que la case "Unregistrer DLL's and Ocx's" soit cochée
 - Copie-colle l'entièreté de ceci ci dessous dans la partie "Paste Instructions for Items to be Moved" (en-dessous de la barre jaune) :

 



:Processes
 explorer.exe
 jusched.exe

 :Files
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\jre1.6.0_12
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\jre1.6.0_12
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\jre1.6.0_12

 :Commands
 [emptytemp]
 [start explorer]



 - Ferme tous tes programmes et clique sur le bouton rouge Moveit! pour lancer le nettoyage
 - Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results (en vert à droite)
 --> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)
 - Ferme OTMoveIt3 (en cliquant sur Exit)

 Note : Si un fichier ou un dossier ne sait être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus. Clique alors sur "Yes" pour accepter...


 2) Télécharge CCleaner et installe-le. (Avant de cliquer sur le bouton "Installer", décoche toutes les "options supplémentaires".)

 Suppression des fichiers temporaires

 - Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Retourne ensuite dans la section "Nettoyeur".
 - Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé) - Onglet "Windows".
 - Procède de même avec l'onglet "Applications".

 - Clique sur "Analyse".
 - Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
 - Une fois le scan terminé, clique sur "Lancer le Nettoyage".

 Retente l'installation.


 Joyeux noël à toi aussi.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/12/2009 à 14:50:04  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Je ne trouve pas la case Unregistrer DLL's and Ocx's

 Merci

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 27/12/2009 à 15:19:58  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Clique directement sur le bouton "MoveIt!".

 Cordialement.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 30/12/2009 à 19:18:14  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
erf toujours pas je sais pas ce qui cloche pourtant je suis a la ligne les instructions ;)

 All processes killed
 ========== PROCESSES ==========
 No active process named explorer.exe was found!
 No active process named jusched.exe was found!
 ========== FILES ==========
 File/Folder C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\jre1.6.0_12 not found.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\jre1.6.0_12 folder moved successfully.
 File/Folder C:\Documents and Settings\VINZ\Application Data\Sun\Java\jre1.6.0_12 not found.
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: ISA ET FRANZ
 ->Temp folder emptied: 910708 bytes
 ->Temporary Internet Files folder emptied: 1533369 bytes
 ->Java cache emptied: 13690431 bytes
 ->FireFox cache emptied: 79102034 bytes
 
 User: JULIE
 ->Temp folder emptied: 49853059 bytes
 ->Temporary Internet Files folder emptied: 537665 bytes
 ->Java cache emptied: 29528629 bytes
 ->FireFox cache emptied: 85591913 bytes
 
 User: LocalService
 ->Temp folder emptied: 115616 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: NetworkService
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: VINZ
 ->Temp folder emptied: 30023572 bytes
 ->Temporary Internet Files folder emptied: 63711484 bytes
 ->Java cache emptied: 259788 bytes
 ->FireFox cache emptied: 84128104 bytes
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 Windows Temp folder emptied: 409504 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temp folder emptied: 0 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
 RecycleBin emptied: 3132509721 bytes
 
 Total Files Cleaned = 3 406,00 mb
 
 
 OTM by OldTimer - Version 3.1.4.0 log created on 12272009_212834

 Files moved on Reboot...

 Registry entries deleted on Reboot...


 Joyeuse fin d annee !

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 31/12/2009 à 00:29:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Télécharge SystemLook sur ton Bureau.

 - Double-clique sur SystemLook.exe pour le lancer.

 - Copie le contenu du cadre ci-dessous et colle-le dans la zone texte de SystemLook :
 



:filefind
 *Java*

 :folderfind
 *Java*



 - Clique sur le bouton Look pour démarrer l'examen ; cela peut prendre un peu de temps.
 - A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.


 Cordialement.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 31/12/2009 à 00:44:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
SystemLook v1.0 by jpshortstuff (29.08.09)
 Log created at 23:40 on 30/12/2009 by VINZ (Administrator - Elevation successful)

 ========== filefind ==========

 Searching for "*Java*"
 C:\Documents and Settings\JULIE\Local Settings\Temp\java_install_reg​.log --a--- 5073 bytes [11:03 28/12/2009] [14:15 29/12/2009] D82B03D266500591511FE8AE8F8F8D​D9
 C:\Documents and Settings\VINZ\Bureau\JavaRa.de​f --a--- 245103 bytes [21:25 22/12/2009] [20:53 22/05/2009] 7581E3AE14AA8BD29F72A0A4D09306​E8
 C:\Documents and Settings\VINZ\Bureau\JavaRa.ex​e --a--- 157696 bytes [21:25 22/12/2009] [12:33 16/07/2009] 8FB2BAFDA81520867539C5393E715D​89
 C:\Documents and Settings\VINZ\Local Settings\Temp\java_install.log --a--- 266 bytes [20:49 27/12/2009] [20:49 27/12/2009] 5232D3D5265421F621C74B52DDF0F9​10
 C:\Documents and Settings\VINZ\Local Settings\Temp\java_install_reg​.log --a--- 2388 bytes [20:49 27/12/2009] [21:56 30/12/2009] 9904BE70FE97C592756A955BB6AABC​9B
 C:\Documents and Settings\VINZ\Local Settings\Temp\java_install_sp.​log --a--- 1877 bytes [21:01 27/12/2009] [21:01 27/12/2009] C2FE130CC7D2DF1FE8F58CDA963972​CA
 C:\JavaRa.log --a--- 0 bytes [23:32 23/12/2009] [23:32 23/12/2009] D41D8CD98F00B204E9800998ECF842​7E
 C:\Program Files\ABBYY FineReader 6.0 Sprint\Java.amd --a--- 10123 bytes [13:11 20/06/2000] [13:11 20/06/2000] A818C5D3FF79C68E9C59FE7CCAC2BB​F1
 C:\Program Files\Fichiers communs\System\ado\adojavas.in​c --a--- 14610 bytes [20:40 17/12/2008] [12:00 14/04/2008] 398FD657D8EA0BD77325E6BAEEA250​90
 C:\Program Files\Fichiers communs\System\msadc\adcjavas.​inc --a--- 629 bytes [20:40 17/12/2008] [12:00 14/04/2008] 49B9878B48D6614A5D76C7B07AE00F​25
 C:\Program Files\Java\jre6\bin\java-rmi.e​xe --a--- 33056 bytes [20:17 26/02/2009] [03:23 25/07/2009] AAA6FAD48DCD65F40A2144E718BDD5​C9
 C:\Program Files\Java\jre6\bin\java.dll --a--- 126976 bytes [20:17 26/02/2009] [03:22 25/07/2009] 8D8530720C7EE2621D56600787CBB6​30
 C:\Program Files\Java\jre6\bin\java.exe --a--- 145184 bytes [20:17 26/02/2009] [03:23 25/07/2009] F1AA94EC34AABCD94973AA553F2BCB​4F
 C:\Program Files\Java\jre6\bin\javacpl.cp​l --a--- 73728 bytes [20:17 26/02/2009] [01:00 25/07/2009] 5AAF8E8ABC676BD8DFC1B078ABDD44​AC
 C:\Program Files\Java\jre6\bin\javacpl.ex​e --a--- 59168 bytes [20:17 26/02/2009] [03:23 25/07/2009] B7F937ED1C6CC241C64F2BAD566141​A6
 C:\Program Files\Java\jre6\bin\javaw.exe --a--- 145184 bytes [20:17 26/02/2009] [03:23 25/07/2009] C3F6AF1D18ADF78E8735D9D3B0D8D7​ED
 C:\Program Files\Java\jre6\bin\javaws.exe --a--- 149280 bytes [20:17 26/02/2009] [03:23 25/07/2009] A1A0E7945DE214F4CB701841C1502E​EE
 C:\Program Files\Java\jre6\bin\java_crw_d​emo.dll --a--- 14336 bytes [20:17 26/02/2009] [03:22 25/07/2009] 1C9EDA3081400DFBB8936B62961B51​6C
 C:\Program Files\Java\jre6\lib\ext\QTJava​.zip --a--- 935850 bytes [14:18 05/01/2009] [14:18 05/01/2009] FBF75758DCAC6AA563CBB082F49755​17
 C:\Program Files\Java\jre6\lib\javaws.jar --a--- 716912 bytes [20:17 26/02/2009] [03:16 25/07/2009] A88EB30B44731DB5BE1BB6A7E42B6A​C0
 C:\Program Files\Java\jre6\lib\security\j​ava.policy --a--- 2221 bytes [20:17 26/02/2009] [20:17 26/02/2009] 28A85BEFF3EF87D4F0C643C52F183A​3D
 C:\Program Files\Java\jre6\lib\security\j​ava.security --a--- 9979 bytes [20:17 26/02/2009] [23:39 24/07/2009] 81CA5353C2F3A63F8585C4872B6F19​F3
 C:\Program Files\Java\jre6\lib\security\j​avaws.policy --a--- 132 bytes [20:17 26/02/2009] [20:17 26/02/2009] 921F971B69450756EFDD5E14322E10​37
 C:\Program Files\QuickTime\QTSystem\QTJav​a.zip --a--- 935850 bytes [14:18 05/01/2009] [14:18 05/01/2009] FBF75758DCAC6AA563CBB082F49755​17
 C:\Program Files\QuickTime\QTSystem\QTJav​aNative.dll --a--- 466944 bytes [14:19 05/01/2009] [14:19 05/01/2009] DC86238FBAC8F8B702E3613A2E0A3F​2C
 C:\Program Files\QuickTime\QTSystem\Quick​TimeJavaExtras.qtx --a--- 5120 bytes [14:18 05/01/2009] [14:18 05/01/2009] 92F0B1C071488A4153D622E1EF2B84​E2
 C:\WINDOWS\Prefetch\JAVA.EXE-0​C263507.pf --a--- 79864 bytes [14:50 14/12/2009] [21:56 30/12/2009] 21F8E43C05EA46F0E976BA24C68AAC​A9
 C:\WINDOWS\system32\java.exe --a--- 145184 bytes [03:23 25/07/2009] [03:23 25/07/2009] F1AA94EC34AABCD94973AA553F2BCB​4F
 C:\WINDOWS\system32\javacpl.cp​l --a--- 73728 bytes [20:17 26/02/2009] [01:00 25/07/2009] 5AAF8E8ABC676BD8DFC1B078ABDD44​AC
 C:\WINDOWS\system32\javaw.exe --a--- 145184 bytes [03:23 25/07/2009] [03:23 25/07/2009] C3F6AF1D18ADF78E8735D9D3B0D8D7​ED
 C:\WINDOWS\system32\javaws.exe --a--- 149280 bytes [03:23 25/07/2009] [03:23 25/07/2009] A1A0E7945DE214F4CB701841C1502E​EE
 C:\WINDOWS\system32\msjava.dll --a--- 940304 bytes [13:50 25/10/2009] [13:47 18/09/2008] 67986EC074B86590E110A76480F7DA​99

 ========== folderfind ==========

 Searching for "*Java*"
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Adobe\Acrobat\9.0\JavaScr​ipts d----- [13:33 02/01/2009]
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java d----- [16:55 08/01/2009]
 C:\Documents and Settings\JULIE\Application Data\Sun\Java d----- [11:00 24/12/2008]
 C:\Documents and Settings\VINZ\Application Data\Adobe\Acrobat\9.0\JavaScr​ipts d----- [13:11 10/05/2009]
 C:\Documents and Settings\VINZ\Application Data\Sun\Java d----- [14:02 23/12/2008]
 C:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts d----- [20:50 17/12/2008]
 C:\Program Files\Adobe\Reader 9.0\Reader\Javascripts d----- [01:20 23/12/2009]
 C:\Program Files\Java d----- [20:17 26/02/2009]
 C:\Program Files\OrangeHSS\Installation\G​UI\javascript d----- [19:17 26/10/2009]
 C:\WINDOWS\java d----- [21:21 17/12/2008]
 C:\WINDOWS\Sun\Java d----- [14:09 23/12/2008]
 C:\_OTM\MovedFiles\12272009_21​2834\C_Documents and Settings\JULIE\Application Data\Sun\Java d----- [20:28 27/12/2009]

 -=End Of File=-

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 31/12/2009 à 01:54:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Nous allons totalement supprimer Java de ton système puis le réinstaller au propre.

 1) Relance OTMoveIt :

 - Assure toi que la case "Unregistrer DLL's and Ocx's" soit cochée
 - Copie-colle l'entièreté de ceci ci dessous dans la partie "Paste Instructions for Items to be Moved" (en-dessous de la barre jaune) :

 



:Processes
 explorer.exe

 :Services
 JavaQuickStarterService

 :Files
 C:\Program Files\Java
 C:\WINDOWS\Prefetch\JAVA.EXE-0​C263507.pf
 C:\WINDOWS\system32\java.exe
 C:\WINDOWS\system32\javacpl.cp​l
 C:\WINDOWS\system32\javaw.exe
 C:\WINDOWS\system32\javaws.exe
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java
 C:\Documents and Settings\JULIE\Application Data\Sun\Java
 C:\Documents and Settings\VINZ\Application Data\Sun\Java
 C:\WINDOWS\Sun\Java

 :Commands
 [emptytemp]
 [start explorer]
 [Reboot]



 - Ferme tous tes programmes et clique sur le bouton rouge Moveit! pour lancer le nettoyage
 - Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results (en vert à droite)
 --> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)
 - Ferme OTMoveIt3 (en cliquant sur Exit)

 Note : Si un fichier ou un dossier ne sait être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus. Clique alors sur "Yes" pour accepter...


 2) Télécharge CCleaner et installe-le. (Avant de cliquer sur le bouton "Installer", décoche toutes les "options supplémentaires".)

 Suppression des fichiers temporaires

 - Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Retourne ensuite dans la section "Nettoyeur".
 - Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé) - Onglet "Windows".
 - Procède de même avec l'onglet "Applications".

 - Clique sur "Analyse".
 - Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
 - Une fois le scan terminé, clique sur "Lancer le Nettoyage".


 Suppression des incohérence du registre

 - Clique sur l'icône "Registre" situé dans la marge à gauche.
 - Puis clique sur "Chercher des erreurs".
 - Patiente pendant que CCleaner scanne ton registre.

 - Une fois le scan terminé, clique sur "Réparer les erreurs sélectionnées".
 - Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrées cochées pour les restaurer ultérieurement.

 Refais l'opération jusqu'à ce que le programme ne trouve plus aucune erreur.


 3) Retente l'installation de JRE Update 17.


 Le problème est-il résolu ?


 Cordialement.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 02/01/2010 à 19:56:17  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
BRAVO CHAMPION !
 Merci Java est installé ^^
 merci beaucoup pour ton aide tout au long de cette aventure informatique
 par contre, sur CCleaner, il y a UNE erreur de registre qu il n arrive pas a supprimer bien que j ai rééssayé plusieurs fois

 celle ci : http://img192.imageshack.us/im [...] refail.png

 est ce que c est grave ?

 Bonne soiree !  =D

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 02/01/2010 à 20:14:19  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
All processes killed
 ========== PROCESSES ==========
 No active process named explorer.exe was found!
 ========== SERVICES/DRIVERS ==========
 Error: No service named JavaQuickStarterService was found to stop!
 Unable to stop service JavaQuickStarterService!
 ========== FILES ==========
 C:\Program Files\Java\jre6\lib\zi\SystemV folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Pacific folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Indian folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Europe folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Etc folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Austral​ia folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Atlanti​c folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Asia folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Antarct​ica folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\America​\North_Dakota folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\America​\Kentucky folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\America​\Indiana folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\America​\Argentina folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\America folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi\Africa folder moved successfully.
 C:\Program Files\Java\jre6\lib\zi folder moved successfully.
 C:\Program Files\Java\jre6\lib\servicetag folder moved successfully.
 C:\Program Files\Java\jre6\lib\security folder moved successfully.
 C:\Program Files\Java\jre6\lib\management folder moved successfully.
 C:\Program Files\Java\jre6\lib\images\cur​sors folder moved successfully.
 C:\Program Files\Java\jre6\lib\images folder moved successfully.
 C:\Program Files\Java\jre6\lib\im folder moved successfully.
 C:\Program Files\Java\jre6\lib\i386 folder moved successfully.
 C:\Program Files\Java\jre6\lib\fonts folder moved successfully.
 C:\Program Files\Java\jre6\lib\ext folder moved successfully.
 C:\Program Files\Java\jre6\lib\deploy\jqs​\ie folder moved successfully.
 C:\Program Files\Java\jre6\lib\deploy\jqs​\ff\chrome\content folder moved successfully.
 C:\Program Files\Java\jre6\lib\deploy\jqs​\ff\chrome folder moved successfully.
 C:\Program Files\Java\jre6\lib\deploy\jqs​\ff folder moved successfully.
 C:\Program Files\Java\jre6\lib\deploy\jqs folder moved successfully.
 C:\Program Files\Java\jre6\lib\deploy folder moved successfully.
 C:\Program Files\Java\jre6\lib\cmm folder moved successfully.
 C:\Program Files\Java\jre6\lib\audio folder moved successfully.
 C:\Program Files\Java\jre6\lib\applet folder moved successfully.
 C:\Program Files\Java\jre6\lib folder moved successfully.
 C:\Program Files\Java\jre6\bin\new_plugin folder moved successfully.
 C:\Program Files\Java\jre6\bin\client folder moved successfully.
 C:\Program Files\Java\jre6\bin folder moved successfully.
 C:\Program Files\Java\jre6 folder moved successfully.
 C:\Program Files\Java folder moved successfully.
 C:\WINDOWS\Prefetch\JAVA.EXE-0​C263507.pf moved successfully.
 C:\WINDOWS\system32\java.exe moved successfully.
 C:\WINDOWS\system32\javacpl.cp​l moved successfully.
 C:\WINDOWS\system32\javaw.exe moved successfully.
 C:\WINDOWS\system32\javaws.exe moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\jre1.6.0_17 folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\jre1.6.0_15 folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\Deployment\secur​ity folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\Deployment\log folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\Deployment\ext folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\Deployment\cache folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java\Deployment folder moved successfully.
 C:\Documents and Settings\ISA ET FRANZ\Application Data\Sun\Java folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\jre1.6.0_17 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\jre1.6.0_15 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\tmp\s​i folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\tmp folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\secur​ity folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\log folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\ext folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\tmp folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\muffin folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\host folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\9 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\8 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\7 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\63 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\62 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\61 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\60 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\6 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\59 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\58 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\57 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\56 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\55 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\54 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\53 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\52 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\51 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\50 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\5 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\49 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\48 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\47 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\46 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\45 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\44 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\43 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\42 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\41 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\40 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\4 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\39 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\38 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\37 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\36 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\35 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\34 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\33 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\32 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\31 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\30 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\3 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\29 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\28 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\27 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\26 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\25 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\24 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\23 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\22 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\21 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\20 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\2 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\19 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\18 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\17 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\16 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\15 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\14 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\13 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\12 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\11 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\10 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\1 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0\0 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache​\6.0 folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment\cache folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java\Deployment folder moved successfully.
 C:\Documents and Settings\JULIE\Application Data\Sun\Java folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\jre1.6.0_17 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\jre1.6.0_15 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\jre1.6.0_13 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\jre1.6.0_11 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\tmp\s​i folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\tmp folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\secur​ity folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\log folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\ext folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\tmp folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\muffin folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\host folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\9 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\8 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\7 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\63 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\62 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\61 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\60 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\6 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\59 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\58 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\57 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\56 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\55 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\54 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\53 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\52 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\51 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\50 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\5 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\49 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\48 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\47 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\46 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\45 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\44 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\43 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\42 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\41 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\40 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\4 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\39 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\38 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\37 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\36 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\35 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\34 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\33 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\32 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\31 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\30 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\3 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\29 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\28 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\27 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\26 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\25 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\24 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\23 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\22 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\21 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\20 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\2 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\19 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\18 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\17 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\16 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\15 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\14 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\13 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\12 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\11 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\10 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\1 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0\0 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache​\6.0 folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment\cache folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java\Deployment folder moved successfully.
 C:\Documents and Settings\VINZ\Application Data\Sun\Java folder moved successfully.
 C:\WINDOWS\Sun\Java\Deployment folder moved successfully.
 C:\WINDOWS\Sun\Java folder moved successfully.
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: ISA ET FRANZ
 ->Temp folder emptied: 644971 bytes
 ->Temporary Internet Files folder emptied: 514587 bytes
 ->FireFox cache emptied: 59818909 bytes
 
 User: JULIE
 ->Temp folder emptied: 12289951 bytes
 ->Temporary Internet Files folder emptied: 719157 bytes
 ->FireFox cache emptied: 35397077 bytes
 
 User: LocalService
 ->Temp folder emptied: 66016 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: NetworkService
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: VINZ
 ->Temp folder emptied: 103750428 bytes
 ->Temporary Internet Files folder emptied: 4744424 bytes
 ->FireFox cache emptied: 35306164 bytes
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 Windows Temp folder emptied: 0 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temp folder emptied: 0 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
 RecycleBin emptied: 3262705 bytes
 
 Total Files Cleaned = 245,00 mb
 
 
 OTM by OldTimer - Version 3.1.4.0 log created on 01022010_183015

 Files moved on Reboot...

 Registry entries deleted on Reboot...

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 03/01/2010 à 00:03:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Cette clé de registre appartient à Antivir 9, il est normal qu'elle ne puisse pas être supprimée.

 Certains malwares détectés se trouvent dans les points de restauration système. Ils ne sont pas actifs.
 



C:\System Volume Information\



 Il te suffit d'effacer le contenu de la restauration système :

 - Cliquer droit sur "Poste de travail" puis choisir "Propriétés".
 - Sélectionner l'onglet "Restauration du système".
 - Cocher "Désactiver la Restauration du système sur tous les lecteurs" ou "Désactiver la Restauration du système" puis appliquer.

 - Un message informera la suppression de tous les points de restauration existants.
 - Confirmer par "Oui".
 - Réactiver ensuite la restauration du système en décochant "Désactiver la Restauration du système".
 - Appliquer puis valider par "OK".

 http://www.commentcamarche.net/faq/images/2nKzldY3hBOy5voQ-s​-.png


 Quelques conseils de sécurité

 



 - Windows Update parfaitement à jour (catégorie critique, Services Pack et Services Release)
 - pare-feu bien paramétré - antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier.
 - IMPORTANT : une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, etc) et vis à vis de la messagerie (les fichiers joints aux messages doivent être scanné avant d'être ouvert ainsi que les fichiers téléchargés dont la provenance n'est pas sûre !!)
 - une attitude vigilante (être l'affût de fonctionnements inhabituels de ton système)



 Je te conseille également la lecture de ce document.

 Si tu désires mieux connaître le domaine de la sécurité informatique, je ne peux que t'encourager à visiter le site de Malekal_Morte.


 Cordialement.

snohi
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 05/01/2010 à 20:15:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
C est bon pour la restauration du systeme !


 Je te remercie beaucoup Curson pour tout le mal que tu t es donné !  :super:

 Meilleurs voeux pour cette année !

May CastleCops live forever in our memories.
curson
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 05/01/2010 à 21:45:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

 Meilleures vœux à toi aussi.

 Bonne continuation. :hello:

allounedu79
  1. Posté le 21/01/2011 à 18:18:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir curson,

 J'ai un problème et j'apprécierai si vous pouviez m'aider. Depuis que j'ai cliquer sur un lien venant de facebook ( un lien espagnol avec "foto" il me semble ), je ne peux plus me connecter à MSN sans que des messages s'envoient tous seuls à mes contacts ( les messages contiennent le même lien que précédent ). J'ai fait une analyse avec Malwarebytes et j'ai supprimé les fichiers infectés. Je vous met le rapport qu'il m'a fait dans le message suivant ...

allounedu79
  1. Posté le 21/01/2011 à 18:20:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le rapport

 Malwarebytes' Anti-Malware 1.50.1.1100
 www.malwarebytes.org

 Version de la base de données: 5564

 Windows 6.1.7600
 Internet Explorer 8.0.7600.16385

 21/01/2011 14:26:55
 mbam-log-2011-01-21 (14-26-55).txt

 Type d'examen: Examen complet (C:\|D:\|E:\|F:\|)
 Elément(s) analysé(s): 446081
 Temps écoulé: 1 heure(s), 40 minute(s), 5 seconde(s)

 Processus mémoire infecté(s): 1
 Module(s) mémoire infecté(s): 1
 Clé(s) du Registre infectée(s): 28
 Valeur(s) du Registre infectée(s): 3
 Elément(s) de données du Registre infecté(s): 1
 Dossier(s) infecté(s): 10
 Fichier(s) infecté(s): 18

 Processus mémoire infecté(s):
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\clickpotatolitesa.exe (Adware.ClickPotato) -> 3404 -> Unloaded process successfully.

 Module(s) mémoire infecté(s):
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\clickpotatolitesahook.d​ll (Adware.ClickPotato) -> Delete on reboot.

 Clé(s) du Registre infectée(s):
 HKEY_CLASSES_ROOT\CLSID\{1602F​07D-8BF3-4c08-BDD6-DDDB1C48AED​C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\TypeLib\{C55​CA95C-324B-451C-B2D2-6E895AA75​FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Interface\{3​0B15818-E110-4527-9C05-46ACE5A​3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\ClickPotatoL​iteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\ClickPotatoL​iteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Ext\PreApproved\{1602F07D-8BF​3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{7A3D6​D17-9DD5-4C60-8076-D1784DABAF8​C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\TypeLib\{814​BAA91-DC22-4350-87D6-0C86E93F7​F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Interface\{4​19EDA30-6DFF-432C-B534-E15D899​ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\MenuButtonIE​.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\MenuButtonIE​.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{AC6D8​19E-AA8F-4418-A3BB-D165C1B18BB​5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\ClickPotatoL​iteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\ClickPotatoL​iteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Ext\PreApproved\{AC6D819E-AA8​F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Extensions\{B58926D6-​CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Ext\PreApproved\{B58926D6-CFB​0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F6​91-9C07-4AF2-BF43-35E79EECF8B7​} (Adware.Softomate) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Ext\PreApproved\{69725738-CD6​8-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\AppID\MenuBu​ttonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\B60​JHDGR6V (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\JP5​95IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\NtW​qIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\Software\cli​ckpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Cl​ickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run\ClickPotatoLiteSA (Adware.ClickPotato) -> Value: ClickPotatoLiteSA -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Associations\bak_App​lication (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zilla\Firefox\extensions\Click​PotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLit​e.com -> Quarantined and deleted successfully.

 Elément(s) de données du Registre infecté(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Associations\Applica​tion (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=​app&ext=%s) Good: (http://shell.windows.com/file​assoc/%04x/xml/redir.asp?Ext=%​s) -> Quarantined and deleted successfully.

 Dossier(s) infecté(s):
 c:\programdata\2aca5cc3-0f83-4​53d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
 c:\programdata\clickpotatolite​sa (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\Users\Alloune\AppData\Roami​ng\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite (Adware.ClickPotato) -> Delete on reboot.
 c:\program files (x86)\clickpotatolite\bin (Adware.ClickPotato) -> Delete on reboot.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0 (Adware.ClickPotato) -> Delete on reboot.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\firefox\extensions\plug​ins (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\programdata\microsoft\Windo​ws\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.

 Fichier(s) infecté(s):
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\clickpotatolitesa.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\clickpotatolitesahook.d​ll (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\clickpotatolitesabho.dl​l (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\clickpotatoliteuninstal​ler.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\firefox\extensions\plug​ins\npclntax_clickpotatolitesa​.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\mozilla firefox\plugins\npclntax_click​potatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\Windows\System32\secushr.da​t (Malware.Trace) -> Quarantined and deleted successfully.
 c:\Windows\SysWOW64\secushr.da​t (Malware.Trace) -> Quarantined and deleted successfully.
 c:\programdata\clickpotatolite​sa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\programdata\clickpotatolite​sa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\programdata\clickpotatolite​sa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\programdata\clickpotatolite​sa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\programdata\clickpotatolite​sa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\program files (x86)\clickpotatolite\bin\10.0​.655.0\firefox\extensions\inst​all.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\programdata\microsoft\Windo​ws\start menu\Programs\clickpotato\Abou​t Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\programdata\microsoft\Windo​ws\start menu\Programs\clickpotato\clic​kpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
 c:\programdata\microsoft\Windo​ws\start menu\Programs\clickpotato\clic​kpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.


 Voilà merci de bien vouloir m'aider s'il vous plait
 Cordialement

 Page :
1

Aller à :
 

Sujets relatifs
disque dur infecté par un virus Virus par MSN live messanger
pc infecte par un virus que je n'arrive pas a supprimer virus ou autre ? malgrès le blocage trafic internet continue
Virus Michael Jackson  
Plus de sujets relatifs à : Virus MSN

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
windows security alert 1
virus foto msn 5
Carte Graphique se désinstalle et se réinstalle toute seule 0
Connexions intempestives 2
allerte avast je ne sais pas quoi faire 1