Ordi surement infecte et quelque question

salut a tous, mon ordi est surement infecté vu que mon frere a ete sur des sites illicite ( pas de p*** vous inquiete pas )

Donc j'aimerais savoir comment vous faites pour enleve ces virus avec les programmes, ... et les explications a la suite pour que je n'ai plus a vous embete par la suite

Merci a tous

Bonsoir,

Télécharge HiJackThis de Merijn sur ton bureau.

- Double-clic sur HijackThis.
- Génère un rapport en suivant ces indications :
- Exécute le et clique sur Do a scan and save log file.
- Le rapport s'ouvre sur le Bloc-Note.

- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller

Aide : N'hésite pas à consulter l'aide HiJackThis.


Cordialement.

salut
deso pour le retard :
voici
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:25:49, on 11/07/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\C&E\OSD\osd.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [OSD] C:\Program Files\C&E\OSD\osd.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 9573 bytes

Bonsoir,

Le rapport révèle des restes d'infections, mais rien d'important.
Désactive tes logiciels de sécurité durant la procédure.

1) Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

- Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
- Double-clique sur l'icône AD-Remover située sur ton Bureau.
- Au menu principal, choisis l'option L.
- Poste le rapport qui apparaît à la fin.

Le rapport est sauvegardé aussi sous C:\Ad-report(date).log


Comment se comporte le système ?


Cordialement.

Salut
je suis entrain de le faire, mais peux tu m'expliquer comment tu vois ces restes d'infection ?
++

Bonsoir,

Deux infections sont visibles.
Désactive l'UAC avant de lancer Ad-Remover. Tutorial.

Adware.Ask

R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)

Adware.SmartShopper

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll


Cordialement.

desolé de ne pas su avoir repondu plutot, j'ai eu des vacances

Pour ce qui est le UAC , c'est quoi :D?

Bonsoir,

L'UAC (User Account Control) est un mécanisme de protection des données introduit dans le système d'exploitation Microsoft Windows Vista.
Suis ce tutoriel pour le désactiver

Cordialement.

voici le rapport
mais je ne comprend toujours pas comment tu arrives a trouver les infections

++.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 10:36:54, sam. 08/08/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium v6.0.6000
Nom du PC: PC-DE-USER | Utilisateur actuel: user
.
Administrateur: Administrateur *Desactive*
N'est pas administrateur: Invité *Desactive*
Administrateur: user
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
.

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.

* Mozilla FireFox Version 3.0.13 *

Nom du profil: j2oduckq.default (user)
.
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.13");
.
.

* Internet Explorer Version 8.0.6001.18813 *

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page: hxxp://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

.
============== Processus Caches/Bloque ==============
.
PID: 1008 [LOCKED] livesrv.exe
PID: 1032 [LOCKED] vsserv.exe
PID: 1272 [LOCKED] audiodg.exe
PID: 2056 [LOCKED] bdagent.exe
PID: 860 [LOCKED] seccenter.exe
.

============== Suspect (Cracks, Serials ... ) ==============

.
C:\Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
C:\Users\user\Downloads\age_of_empires_iii_patch_v1.12_francais_43234(2).exe
.
===================================
.
2755 Octet(s) - C:\Ad-Report-CLEAN.log
.
131 Fichier(s) - C:\Users\user\AppData\Local\Temp
39 Fichier(s) - C:\Windows\Temp
.
18 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 11:09:52 | sam. 08/08/2009
.
============== E.O.F ==============
.

Bonjour,

Désactive tes logiciels de sécurité durant la procédure.

Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche "Minimal Output". Fais de même avec "Scan All Users".
- Coche également les cases à côté de "LOP Check" et "Purity Check".
- Dans la zone "Extra Registry", coche "Use Safelist".

Ne modifie pas les autres paramètres !

- Clique sur le bouton Run Scan.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

- Copie/colle ici le contenu des deux fichiers. Utilise un message par rapport.


Cordialement.

OTL Extras logfile created on: 8/08/2009 14:05:13 - Run 1
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Users\user\Desktop\okd
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,37% Memory free
4,00 Gb Paging File | 3,20 Gb Available in Paging File | 79,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,59 Gb Total Space | 50,24 Gb Free Space | 33,81% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 214,39 Gb Free Space | 92,06% Space Free | Partition Type: NTFS
Drive E: | 12,00 Gb Total Space | 5,06 Gb Free Space | 42,19% Space Free | Partition Type: NTFS
Drive F: | 72,29 Gb Total Space | 61,79 Gb Free Space | 85,47% Space Free | Partition Type: NTFS
Drive G: | 6,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-USER
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4BF1E8AC-C6A7-4D8A-85F4-77A50D4D6D5A}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{4D72B4B2-862F-4E81-B72E-D6AC8322A9F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{572120F0-D5D1-4ADD-A887-21722B11297C}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{595CE54E-27B4-47A0-B25C-CC3E0F34B3DB}" = rport=137 | protocol=17 | dir=out | app=system |
"{5AEDA312-D953-47D5-86F1-CF2BE0F313CC}" = rport=445 | protocol=6 | dir=out | app=system |
"{78893573-FFBA-4804-877C-32606499FDBF}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{9B3EFF26-68E9-4096-B8F0-D7AF37E621AF}" = lport=139 | protocol=6 | dir=in | app=system |
"{9B8BE962-C04D-4A10-B062-BE38F41D9A96}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{9C09640F-1D71-4D3A-881F-FF28423A18B1}" = rport=139 | protocol=6 | dir=out | app=system |
"{A52A8504-B003-4ED1-A8AB-B2ED251EAF19}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AF0C5CD3-EC66-406E-AC0D-085090481AF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C2A51E06-DCA8-4053-9D56-27E981D9CDF4}" = lport=138 | protocol=17 | dir=in | app=system |
"{C557BC9B-E4A4-481A-9764-7E7EDF32884E}" = lport=137 | protocol=17 | dir=in | app=system |
"{D8E7C528-B701-4556-B997-548AD00408CC}" = rport=138 | protocol=17 | dir=out | app=system |
"{E1260E17-2DA0-4BA8-B5A5-55B5379129D9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E6F2F499-4FD6-431E-82C2-E663FC237DBF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C64BF0-CD8B-43AC-BAFE-A05C7689AFA7}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield 2142\bf2142.exe |
"{02BB74C2-3FD3-4B0F-9A9A-34D50DA4EC3B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{096CE329-E69E-4346-930C-A05A19425FF4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1381006B-9F34-42A0-90C7-BEFD52B263A0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1518A1CA-DD6A-498C-BDB6-506003FA7139}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{3AFB422C-7D39-40CC-92CC-DEB28924CAB1}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{3C2B4FC4-4B23-42C1-8D8D-418E5A4597E6}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{46CEE3F7-CAFD-46CB-8726-69FAB53DAF00}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{4975549C-1CB3-4CF8-9A52-E9651068CDC6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4B723D68-DD42-4CC7-AD69-D3B187E03A30}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5A506D91-8157-4136-A525-D1C7F4188239}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5CB2F588-5737-4425-8C0B-0BD9A0E7FCD6}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{65C56887-54C8-4F18-9766-3407FF44F32B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{69EB9C37-E071-4F4F-ADF8-1270F2C7873B}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{6FFB5871-2A4A-4ED4-AF5C-57C054859EDD}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{7C25C580-5016-4340-9F2F-E65E6320F161}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{7D817E81-F3BD-4119-BE60-95685AAF1EC0}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{7F40F941-DEEA-4595-960F-7E90C55927B4}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{8164B5C9-9875-473B-A959-9A90394DECF3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{85164713-935E-4966-BE1E-FD74B44290F5}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{8F2B095E-65C9-406E-B0F8-37425305E080}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{9055558A-4AFD-435F-90F2-DC104ABABF54}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{A7E58A5B-C1AD-4B0D-BC3C-EF949F49B61B}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{AF315EAE-392D-4259-9A08-41EF1FEDA2F0}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{B9161125-288A-4705-A94D-6D17B17F35C5}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{BD9B72FF-F3BC-4C5E-B63D-2EB2C2695B6C}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield 2142\bf2142.exe |
"{CD27987B-DF65-4E56-9131-C5AE923DB1A3}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{D271FBAA-1278-48BA-9B1D-D7752B83E947}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E3775B2E-7B8A-4A1D-A06C-22717410893B}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{E3F5CD33-AFEC-45C0-9ED9-C3EFA5C3F3EC}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{E6CB569D-48F2-42E6-87BD-D7CDFEAA5FBE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F4780D22-6B2D-474F-A201-A38E63882E45}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{F512FFA1-91FF-454D-8A54-E3D0BFFF5622}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{F5A11BB4-17EB-4839-A9D9-A93F51BD1DFD}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0004040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 CD-ROM 2
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0CCD509A-0BC3-46E4-8905-11543F0F70A0}" = Planificateur route Belux Vélo/Piéton
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{262BF2CD-601D-4F43-919C-4B00B1D1F338}" = Boris Graffiti
"{2697C026-58DE-4A42-83E5-5837C999630A}" = Garmin City Navigator Europe v9
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2FD94FBC-07AE-475C-B522-BFE899B9048E}" = Garmin WebUpdater
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Kit d’installation automatisée (Windows AIK)
"{3231DC24-3346-4F01-BDAF-91F9532B1036}" = Nero 8
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III
"{53480370-6CA2-47EC-BC05-02B4B9271C31}" = O&O Defrag Professional Edition
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pilote vidéo Pinnacle
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C4D4FC0-467B-4BD7-8D11-50E49B2770D2}" = Ma-Config.com
"{7A040D13-9A85-481D-9D6C-94095ABE5120}" = 2142 Sig Generator
"{84CC9583-C2D6-42E6-A373-6FDDDA6A8BA6}" = Garmin Communicator Plugin
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8FB5A544-2343-4C41-B605-19E1D8333A68}" = MMM - Astro-math 2
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{9642D14D-D984-498D-A606-32F44353A4B9}" = DriveHQ Email Manager
"{9D34D0B6-D9C7-11D6-A442-00505659192F}" = IGN-NGI CDROM Belgium
"{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.3 - Français
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.82
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D1860E6E-520E-4380-8433-E58E8F88B473}" = Pinnacle Studio 12 Ultimate Plugins
"{D2777D85-7E63-402F-A5E7-2AF436C1C9D4}" = Logiciel Intel(R) PROSet/Wireless WiFi
"{D48D8EB0-FFC6-423B-BC12-FC8090E27B52}" = BitDefender Total Security 2009
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{EB863CFD-6889-47B0-9D79-492DE0D07EE7}" = OSDInstall
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"7-Zip" = 7-Zip 4.60 beta
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-remover" = Ad-remover
"Audacity_is1" = Audacity 1.2.6
"BF2142 1.40 Clan mod v 3.0" = BF2142 1.40 Clan mod v 3.0
"BF2142 1.50 Clan mod v 3.02" = BF2142 1.50 Clan mod v 3.02
"CCleaner" = CCleaner (remove only)
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Free Download Manager_is1" = Free Download Manager 3.0
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"MSN Toolbar" = Barre d'outils MSN
"nLite_is1" = nLite 1.4.9.1
"NVIDIA Drivers" = NVIDIA Drivers
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"ProInst" = Intel PROSet Wireless
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Software Informer_is1" = Software Informer 1.0 BETA
"ST5UNST #1" = Handtalk
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"The Many Faces of Go 11.0" = The Many Faces of Go 11.0
"VLC media player" = VLC media player 0.9.9

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{9D34D0B6-D9C7-11D6-A442-00505659192F}" = IGN-NGI CDROM Belgium

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15/07/2009 9:26:33 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage
0x47c6bd1b, module défaillant NMIndexStoreSvr.exe, version 3.3.3.0, horodatage
0x47c6bd1b, code d’exception 0xc0000005, décalage d’erreur 0x000c463c, ID du processus
0x810, heure de début de l’application 0x01ca054fa6a96c65.

Error - 15/07/2009 15:54:42 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 8.5.1302.1018, horodatage
0x4717a53b, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x07a56ba0, ID du processus 0x11fc,
heure de début de l’application 0x01ca056e9d631fb2.

Error - 22/07/2009 12:28:25 | Computer Name = PC-de-user | Source = System Restore | ID = 8193
Description =

Error - 23/07/2009 6:22:28 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage
0x47c6bd1b, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x12271227, ID du processus 0x850,
heure de début de l’application 0x01ca0b7f4cb16628.

Error - 24/07/2009 12:03:39 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante sapisvr.exe, version 5.3.6000.16386, horodatage
0x4549b69b, module défaillant SpeechUX.DLL, version 6.0.6000.16386, horodatage
0x4549bdd9, code d’exception 0xc0000005, décalage d’erreur 0x0003c86c, ID du processus
0xed8, heure de début de l’application 0x01ca0c6c0965e72f.

Error - 2/08/2009 6:05:14 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage
0x47c6bd1b, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x12271227, ID du processus 0x8d4,
heure de début de l’application 0x01ca13589c459154.

Error - 2/08/2009 9:19:34 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage
0x47c6bd1b, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x0c0c0c0c, ID du processus 0x838,
heure de début de l’application 0x01ca13738340474b.

Error - 3/08/2009 13:04:13 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante NMIndexStoreSvr.exe, version 3.3.3.0, horodatage
0x47c6bd1b, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x17271727, ID du processus 0x83c,
heure de début de l’application 0x01ca145c30c1a052.

Error - 4/08/2009 10:17:56 | Computer Name = PC-de-user | Source = RasClient | ID = 20227
Description =

Error - 6/08/2009 11:40:42 | Computer Name = PC-de-user | Source = Application Hang | ID = 1002
Description = Le programme bdsubwiz.exe version 12.0.12.6 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : 164c Heure
de début : 01ca16ac0ee117dc Heure de fin : 58

[ System Events ]
Error - 6/08/2009 11:20:07 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =

Error - 6/08/2009 16:40:10 | Computer Name = PC-de-user | Source = DCOM | ID = 10010
Description =

Error - 7/08/2009 7:29:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =

Error - 7/08/2009 10:47:28 | Computer Name = PC-de-user | Source = BTHUSB | ID = 327697
Description = La carte locale Bluetooth a échoué d'une manière indéterminée et ne
sera pas utilisée. Le pilote a été déchargée.

Error - 7/08/2009 13:41:24 | Computer Name = PC-de-user | Source = DCOM | ID = 10010
Description =

Error - 7/08/2009 13:41:27 | Computer Name = PC-de-user | Source = BTHUSB | ID = 327697
Description = La carte locale Bluetooth a échoué d'une manière indéterminée et ne
sera pas utilisée. Le pilote a été déchargée.

Error - 7/08/2009 13:44:17 | Computer Name = PC-de-user | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 19:41:24 le 7/08/2009 n'était pas prévu.

Error - 7/08/2009 13:45:02 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =

Error - 7/08/2009 13:46:07 | Computer Name = PC-de-user | Source = bowser | ID = 8003
Description =

Error - 8/08/2009 4:21:40 | Computer Name = PC-de-user | Source = BTHUSB | ID = 327697
Description = La carte locale Bluetooth a échoué d'une manière indéterminée et ne
sera pas utilisée. Le pilote a été déchargée.


< End of report >

OTL logfile created on: 8/08/2009 14:05:13 - Run 1
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Users\user\Desktop\okd
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,37% Memory free
4,00 Gb Paging File | 3,20 Gb Available in Paging File | 79,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,59 Gb Total Space | 50,24 Gb Free Space | 33,81% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 214,39 Gb Free Space | 92,06% Space Free | Partition Type: NTFS
Drive E: | 12,00 Gb Total Space | 5,06 Gb Free Space | 42,19% Space Free | Partition Type: NTFS
Drive F: | 72,29 Gb Total Space | 61,79 Gb Free Space | 85,47% Space Free | Partition Type: NTFS
Drive G: | 6,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-USER
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
PRC - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\C&E\OSD\osd.exe (C&E)
PRC - C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
PRC - C:\Windows\System32\oodag.exe (O&O Software GmbH)
PRC - C:\Windows\System32\IoctlSvc.exe (Prolific Technology Inc.)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\Hamachi\hamachi.exe (LogMeIn Inc.)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe ()
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programmes\Free Download Manager\fdm.exe File not found
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\user\Desktop\okd\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Arrakis3 [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe ()
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (LIVESRV [Auto | Running]) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
SRV - (maconfservice [On_Demand | Stopped]) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (Nero BackItUp Scheduler 3 [Auto | Running]) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (O&O Defrag [Auto | Running]) -- C:\Windows\System32\oodag.exe (O&O Software GmbH)
SRV - (PLFlash DeviceIoControl Service [Auto | Running]) -- C:\Windows\System32\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (scan [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (StarWindServiceAE [Auto | Running]) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (VSSERV [Auto | Running]) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.)
SRV - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (AsAudioDevice_349 [On_Demand | Stopped]) -- C:\Windows\System32\drivers\AsAudioDevice_349.sys (Wondershare)
DRV - (Avc [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (AVCSTRM [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\avcstrm.sys (Microsoft Corporation)
DRV - (bdfm [On_Demand | Running]) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (Bdfndisf [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\bdfndisf.sys (BitDefender LLC)
DRV - (bdfsfltr [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (bdftdif [System | Running]) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (BDSelfPr [On_Demand | Running]) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender S.R.L.)
DRV - (BDVEDISK [Auto | Running]) -- C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys (BitDefender S.R.L.)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (driverhardwarev2 [On_Demand | Stopped]) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (grmnusb [On_Demand | Stopped]) -- C:\Windows\System32\drivers\grmnusb.sys (GARMIN Corp.)
DRV - (hamachi [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (iaNvStor [Boot | Running]) -- C:\Windows\system32\DRIVERS\iaNvStor.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (itecir [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\itecir.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (JRAID [Boot | Running]) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (MarvinBus [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (MSDV [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (MSTAPE [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\mstape.sys (Microsoft Corporation)
DRV - (NETw4v32 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\NETw4v32.sys (Intel Corporation)
DRV - (NETw5v32 [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\NETw5v32.sys (Intel Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (Profos [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys ()
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (RimUsb [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\RimUsb.sys (Research In Motion Limited)
DRV - (RTL8169 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\Rtlh86.sys (Realtek Corporation )
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Si3531 [Boot | Running]) -- C:\Windows\system32\DRIVERS\Si3531.sys (Silicon Image, Inc)
DRV - (SiFilter [Boot | Running]) -- C:\Windows\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (SiRemFil [Boot | Running]) -- C:\Windows\system32\DRIVERS\SiRemFil.sys (Silicon Image, Inc.)
DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (smserial [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\smserial.sys (Motorola Inc.)
DRV - (sptd [Boot | Running]) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Trufos [On_Demand | Stopped]) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\System32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (USB_RNDIS [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\usb8023.sys (Microsoft Corporation)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (WimFltr [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\wimfltr.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 C1 9A 0C 47 EE C9 01 [binary data]
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\S-1-5-21-1953480431-1458221126-176749597-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\S-1-5-21-1953480431-1458221126-176749597-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.5
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {bb628310-0ab7-11db-9cd8-0800200c9a66}:3.1.1.1
FF - prefs.js..extensions.enabledItems: {e3868d2c-9a68-4c4a-87f2-4e9d78fd16ee}:1.0Final
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\FFToolbar\ [2009/07/08 12:39:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 22:17:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/05 18:35:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/05 18:35:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\tbextension\ [2009/04/13 11:50:05 | 00,000,000 | ---D | M]

[2008/09/03 12:17:46 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2008/09/03 12:17:46 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/08 14:00:32 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\j2oduckq.default\extensions
[2009/06/25 10:21:19 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\j2oduckq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/01 11:02:30 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\j2oduckq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/03/14 23:07:58 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\j2oduckq.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2009/05/22 14:05:02 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\j2oduckq.default\extensions\{e3868d2c-9a68-4c4a-87f2-4e9d78fd16ee}
[2009/07/05 16:40:57 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\j2oduckq.default\extensions\DTToolbar@toolbarnet.com
[2009/07/05 16:40:10 | 00,002,395 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\j2oduckq.default\searchplugins\daemon-search.xml
[2008/10/14 21:10:37 | 00,004,486 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\j2oduckq.default\searchplugins\ldlccom-belgique.xml
[2009/03/31 20:28:04 | 00,000,919 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\j2oduckq.default\searchplugins\wattv.xml
[2009/08/08 11:34:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/05 18:35:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/22 14:14:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/08/05 18:35:05 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/05 18:35:05 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/05 18:08:04 | 00,049,664 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2004/09/09 01:03:50 | 00,049,152 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/05/22 14:13:55 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/08/05 18:35:09 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/10/14 22:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/06/01 16:42:50 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/01 16:42:50 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/01 16:42:50 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/01 16:42:50 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/01 16:42:50 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/01 16:42:50 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/01 16:42:50 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/04/01 10:44:21 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/04/01 10:44:21 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/04/01 10:44:21 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/01 10:44:21 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/04/01 10:44:21 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/04/01 10:44:21 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (307235 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 10576 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmes\Spybot - Search & Destroy\SDHelper.dll File not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (no name) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - No CLSID value found.
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (Barre d'outils MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe (BitDefender)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OSD] C:\Program Files\C&E\OSD\osd.exe (C&E)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [CubeDesktop] File not found
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [fsm] File not found
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmes\Spybot - Search & Destroy\SDHelper.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1953480431-1458221126-176749597-1000\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{084d45d1-2818-11de-947e-b58fe354ff06}\Shell\AutoRun\command - "" = J:\EmDesk.exe -- File not found
O33 - MountPoints2\{084d45d1-2818-11de-947e-b58fe354ff06}\Shell\EmDesk\command - "" = J:\EmDesk.exe -- File not found
O33 - MountPoints2\{8ba619b2-7dc8-11dd-9cb8-001060d1846e}\Shell - "" = AutoRun
O33 - MountPoints2\{8ba619b2-7dc8-11dd-9cb8-001060d1846e}\Shell\AutoRun\command - "" = H:\StartCD.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)

========== Files/Folders - Created Within 30 Days ==========

[2009/08/08 14:03:22 | 00,000,000 | ---D | C] -- C:\Users\user\Desktop\okd
[2009/08/08 10:35:54 | 00,001,670 | ---- | C] () -- C:\Users\user\Desktop\Ad-remover.lnk
[2009/08/08 10:35:51 | 00,000,000 | ---D | C] -- C:\Program Files\Ad-remover
[2009/08/08 10:28:27 | 00,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009/07/30 08:30:32 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/07/30 08:30:30 | 11,067,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/07/30 08:30:29 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/07/30 08:30:29 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/07/30 08:30:28 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/07/30 08:30:28 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/07/30 08:30:28 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/07/30 08:30:27 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/07/30 08:30:27 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/07/30 08:30:26 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/07/30 08:30:26 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/07/30 08:30:26 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/07/30 08:30:26 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/07/30 08:30:26 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/07/30 08:30:26 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/07/30 08:30:26 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/07/30 08:30:26 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/07/30 08:30:25 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/07/30 08:30:25 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/07/30 08:30:25 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/07/30 08:30:24 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009/07/15 15:37:17 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/07/15 15:37:17 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/07/15 15:37:16 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/07/15 15:37:16 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2009/07/15 15:37:16 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
[2009/07/15 15:37:16 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/07/14 16:16:29 | 73,493,0944 | ---- | C] () -- C:\Users\user\Desktop\17.again.FRENCH.DVDScr.XviD-VODKA.avi
[2009/07/11 12:24:52 | 00,001,874 | ---- | C] () -- C:\Users\user\Desktop\HijackThis.lnk
[2009/07/11 12:24:52 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/26 15:56:22 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/12/22 23:23:14 | 00,000,174 | ---- | C] () -- C:\Windows\wininit.ini
[2008/10/09 16:31:54 | 00,192,512 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2008/09/15 14:18:03 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/09/08 21:03:43 | 00,237,568 | R--- | C] () -- C:\Windows\System32\qtmlClient.dll
[2008/09/08 21:03:43 | 00,002,145 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini
[2008/09/08 19:03:33 | 00,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/09/05 20:21:34 | 00,506,560 | ---- | C] () -- C:\Windows\System32\owl253.dll
[2008/08/12 01:47:10 | 00,167,936 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008/02/08 17:13:44 | 00,319,488 | ---- | C] () -- C:\Windows\System32\LS3Renderer.dll
[2007/01/31 14:50:32 | 00,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2007/01/26 02:04:12 | 00,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 02:04:12 | 00,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2006/11/02 14:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:23:31 | 00,000,240 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 12:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/03/14 15:38:28 | 00,000,469 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[1999/01/22 20:46:58 | 00,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[1 C:\Windows\System32\*.tmp files]
[2009/08/08 14:03:19 | 00,076,528 | ---- | M] () -- C:\Users\user\AppData\Roaming\nvModes.001
[2009/08/08 13:27:45 | 00,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/08 13:27:45 | 00,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/08 11:10:03 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009/08/08 10:35:54 | 00,001,670 | ---- | M] () -- C:\Users\user\Desktop\Ad-remover.lnk
[2009/08/08 10:28:27 | 00,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2009/08/08 10:27:47 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/08 10:27:40 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/08 10:27:37 | 21,458,20672 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/08 10:27:34 | 00,089,337 | ---- | M] () -- C:\Windows\System32\OODBS.lor
[2009/08/08 10:26:33 | 00,081,984 | ---- | M] () -- C:\Windows\System32\bdod.bin
[2009/08/08 10:26:29 | 00,001,660 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/08/08 10:26:08 | 02,236,256 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2009/08/07 19:44:07 | 29,250,7706 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/07 14:28:01 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{019EF815-3E60-448F-B64C-4DF0060B5DC5}.job
[2009/08/06 19:17:37 | 00,690,832 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/08/06 19:17:37 | 00,117,572 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/08/06 19:17:36 | 01,512,256 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/06 19:17:36 | 00,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/06 19:17:36 | 00,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/05 18:30:30 | 00,025,600 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/22 18:39:47 | 00,000,675 | ---- | M] () -- C:\Windows\System32\BDUpdateV1.xml
[2009/07/21 23:52:28 | 00,915,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/07/21 23:52:13 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/07/21 23:50:46 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/07/21 23:48:31 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/07/21 23:48:27 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/07/21 23:48:27 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/07/21 23:47:47 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/07/21 23:47:41 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/07/21 23:47:28 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/07/21 23:47:28 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/07/21 23:47:27 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/07/21 23:47:27 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/07/21 23:47:26 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/07/21 23:47:26 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/07/21 23:47:26 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/07/21 23:47:21 | 00,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/07/21 22:13:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/07/21 22:13:51 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/07/21 22:13:15 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/07/21 22:12:49 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/07/21 20:31:43 | 00,057,667 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2009/07/21 17:08:00 | 00,076,528 | ---- | M] () -- C:\Users\user\AppData\Roaming\nvModes.dat
[2009/07/16 14:35:09 | 00,414,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/15 21:58:58 | 00,000,542 | ---- | M] () -- C:\Users\user\Documents\Mes dossiers de partage.lnk
[2009/07/11 12:24:52 | 00,001,874 | ---- | M] () -- C:\Users\user\Desktop\HijackThis.lnk
[2009/07/09 19:10:55 | 73,493,0944 | ---- | M] () -- C:\Users\user\Desktop\17.again.FRENCH.DVDScr.XviD-VODKA.avi

========== LOP Check ==========

[2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming
[2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs
[2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming
[2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs
[2009/07/05 16:31:58 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming
[2009/04/13 11:50:27 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BitDefender
[2008/09/03 10:52:26 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Consultia
[2009/07/05 16:42:16 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DAEMON Tools Lite
[2009/06/01 21:02:02 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Desktopicon
[2009/07/01 20:29:36 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Download Manager
[2008/09/24 21:43:47 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DriveHQ
[2009/05/12 12:50:49 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\dvdcss
[2009/08/08 14:05:00 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Free Download Manager
[2009/06/08 12:22:29 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GARMIN
[2009/08/08 14:07:52 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Hamachi
[2008/11/26 13:48:57 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Intel
[2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Media Center Programs
[2008/09/08 21:04:55 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\proDAD
[2009/06/21 18:09:02 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SystemRequirementsLab
[2009/08/05 13:01:22 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\teamspeak2
[2008/09/24 21:46:06 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Uniblue
[2009/08/08 10:27:47 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/08/08 10:26:30 | 00,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/08/07 14:28:01 | 00,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{019EF815-3E60-448F-B64C-4DF0060B5DC5}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 924 bytes -> C:\Users\user\Documents\Vacature vertaalster bij Colruyt - ref _ 48658974.eml:OECustomProperty
@Alternate Data Stream - 885 bytes -> C:\Users\user\Documents\

Bonjour,

Désactive tes logiciels de sécurité durant la procédure.

1) Désinstalle les applications suivantes (si présentes) via ajout/suppression de programmes :

Bonjour
DAEMON Tools Toolbar


2) Relance OTL

- Copie-colle l'entièreté de ceci ci dessous dans la partie "Customs Scans/Fixes" :

Clique ensuite sur "Run Fix". L'ordinateur peut demander à redémarrer, accepte.
Une fois l'opération terminée, un fichier texte apparaîtra à l'écran. Copie/colle son contenu ici.


3) Télécharge Malwarebytes Anti-Malware.

- Installe-le et fais les mises à jour.


4) Lance MBAM :

- Coche la case "Exécuter un examen complet" puis clique sur Rechercher.
- Sélectionne (coche) toutes tes partitions puis clique sur "Lancer l'examen".
- Lorsque le scan est terminé, un message te prévient. Clique alors sur le bouton "Montrer les résultats".
- Dans la fenêtre suivante clique sur "Supprimer la sélection". Si le programme te propose de redémarrer l'ordinateur, accepte!
- Le rapport de scan va s'afficher. Sauvegarde le puis poste son contenu.


Comment se comporte le système ?


Cordialement.

pour otl
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== OTL ==========
Service\Driver Bonjour Service not found.
Service\Driver Bonjour Service not found.
File C:\Program Files\Bonjour\mDNSResponder.exe not found.
Prefs.js: DTToolbar@toolbarnet.com:1.0.8.0552 removed from extensions.enabledItems
Prefs.js: {e3868d2c-9a68-4c4a-87f2-4e9d78fd16ee}:1.0Final removed from extensions.enabledItems
C:\Users\user\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} moved successfully.
File move failed. C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\j2oduckq.default\extensions\DTToolbar@toolbarnet.com\ scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1953480431-1458221126-176749597-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1953480431-1458221126-176749597-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CubeDesktop deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1953480431-1458221126-176749597-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fsm deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008\ not found.
File C:\Program Files\Bonjour\mdnsNSP.dll not found.
C:\Windows\System32\perfh00C.dat moved successfully.
C:\Windows\System32\perfc00C.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Users\user\AppData\Roaming\Uniblue moved successfully.
========== FILES ==========
File\Folder C:\Program Files\Bonjour not found.
C:\Program Files\DAEMON Tools Toolbar moved successfully.
File\Folder C:\Program Files\uniblue not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

voila pour mbam

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2586
Windows 6.0.6000

9/08/2009 23:03:42
mbam-log-2009-08-09 (23-03-41).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 214163
Temps écoulé: 57 minute(s), 23 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

est ce suffisant ?

Bonsoir,

Rencontres-tu encore des problèmes ?

Cordialement.

non plus de souci
par contre je continue sur ce post pour un autre pc ou je cree un nouveau

Bonsoir,

Nous n'avons pas encore terminé pour cet ordinateur.
Désactive tes logiciels de sécurité durant la procédure.

Suppression des outils utilisés

1) Télécharge ToolsCleaner2 de A.Rothstein et enregistre-le sur ton bureau.


2) Double-clique sur ToolsCleaner2.exe pour lancer l'outil. (Clique droit sur l'exécutable >> sélectionner "Exécuter en tant qu'administrateur").

- Clique sur le bouton Recherche.
- Une fois la recherche terminée, clique sur le bouton Suppression.

- Copie/colle le rapport et poste-le dans ta prochaine réponse.

Tu peux ensuite supprimer ToolsCleaner.


Sécurisation du système

1) Ta version d'Adobe Reader n'est pas à jour. Des failles de sécurité peuvent permettre l'infection de ton ordinateur. Plus d'informations.

- Désinstalle ta version actuelle.
- Télécharge et installe Adobe Reader 9.1.3.


2) Java n'est pas à jour. Télécharge JavaRa et suis les instructions de ce tutorial.
Poste le rapport obtenu.


3) Windows n'est également pas à jour et, par conséquent, comporte lui-aussi des failles de sécurité.

- Tout d'abord, télécharge et installe le Service Pack 1.

- Ensuite, télécharge et installe le Service Pack 2.


Comment se comporte le système ?


Cordialement.

windows pas a jour???? il ne met mets aucune MAJ dans le truc de securite

Bonsoir,

Je te confirme que Windows n'est pas à jour. Les Service Packs n'apparaissent pas forcément dans le gestionnaire de mise à jour.

Je te conseille fortement d'installer les mises à jours spécifiées dans mon précédent message.


Cordialement.

voila pour tools cleaner

[ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Downloads\Software\HJTInstall.exe: trouvé !
C:\Downloads\Software\Ad-R.exe: trouvé !
C:\Program Files\Ad-remover: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Ad-remover: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-remover: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\Ad-remover: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Ad-remover: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\user\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis: trouvé !
C:\Users\user\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\Ad-remover: trouvé !
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ad-remover: trouvé !
C:\Users\user\Desktop\HijackThis.lnk: trouvé !
C:\Users\user\Desktop\Ad-remover.lnk: trouvé !

---------------------------------
--> Suppression:

C:\Downloads\Software\HJTInstall.exe: supprimé !
C:\Downloads\Software\Ad-R.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: ERREUR DE SUPPRESSION !!
C:\Users\user\Desktop\HijackThis.lnk: supprimé !
C:\Users\user\Desktop\Ad-remover.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Program Files\Ad-remover: ERREUR DE SUPPRESSION !!
C:\Program Files\Trend Micro\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Ad-remover: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-remover: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\Ad-remover: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Ad-remover: ERREUR DE SUPPRESSION !!
C:\Users\user\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis: supprimé !
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\Ad-remover: ERREUR DE SUPPRESSION !!
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ad-remover: supprimé !