[Résolu] pc infecté

Sylvie67 · par **Sylvie67** » 15 sept. 2010 09:01

Bonjour,
mon pc est infecté firefox très lent thunderbird aussi l'ouverture de l'explorateur prends du temps,
j'ai passé antivir et malwarebytes' qui m'ont enlever des saletés
mais le prob demeure j'ai voulu passer combofix, il se passe bien mais c'est très long jusqu'à l'écran où il précise que le rapport est sous e:.combofix.txt puis ecran noir ecran bleu "bad pool header" 0x00000019
pluisieurs essais et pas de rapport sous e.
merci pour votre aide

je poste le rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:33:21, on 15/09/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Avira\AntiVir Desktop\sched.exe
E:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
E:\Program Files\Avira\AntiVir Desktop\avguard.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
E:\WINDOWS\eHome\ehRecvr.exe
E:\WINDOWS\eHome\ehSched.exe
E:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
E:\WINDOWS\system32\E_S00RP2.EXE
E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
E:\WINDOWS\system32\FsUsbExService.Exe
E:\WINDOWS\System32\GEARSec.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\Program Files\Norton Ghost\Agent\VProSvc.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
E:\WINDOWS\System32\Drivers\WTSRV.EXE
E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\WINDOWS\system32\dllhost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\ehome\ehtray.exe
E:\WINDOWS\stsystra.exe
E:\WINDOWS\eHome\ehmsas.exe
E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\WINDOWS\system32\InstallVCOM.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\System32\svchost.exe
E:\Program Files\DynDNS Updater\DynDNS.exe
E:\Program Files\Mozilla Thunderbird\thunderbird.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\Sylvie\Bureau\HiJacks.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ehTray] E:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [InstallVCOM] E:\WINDOWS\system32\InstallVCOM.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [DynDNS Updater] "E:\Program Files\DynDNS Updater\DynDNS.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] e:\program files\orange\media player\Media Player.exe /systray (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - E:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - E:\Program Files\Xi\NetTransport 2\NTAddList.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 1360521921
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1356096968
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1731B338-F73B-4BC8-9E19-808970A42EF0}: NameServer = 192.168.1.1
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - E:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - E:\WINDOWS\system32\E_S00RP2.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: FsUsbExService - Teruten - E:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: GEARSecurity - GEAR Software - E:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Imapi Helper - Alex Feinman - E:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccess - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Norton Ghost - Symantec Corporation - E:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - e:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - E:\WINDOWS\System32\Drivers\WTSRV.EXE

--
End of file - 11352 bytes

SkyTech · par **SkyTech** » 15 sept. 2010 14:13

Salut,

Poste C:\Combofix.txt

Tu as des restes de Norton :

Vas dans ajout/suppression de programmes du panneau de configuration.
Dans la liste, cherche tout ce qui peut porter le mot suivant et lance la désinstallation :
CC_ccProxyMSI
CC_ccStart
ccCommon
LiveReg (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Tout ce qui porte le mot Symantec
Tout ce qui porte le mot Norton

Utilise le removals tools de Symantec.

---

Tu as plusieurs barre d'outils (toolbars), en as-tu besoin ?
Plusieurs barre d'outils peuvent ralentir l'ordinateur ou occasionner des plantages du navigateur.
Je te conseille de faire du ménage pour désinstaller les barres d'outils dont tu ne te sers pas à partir d'ajout/suppression de programmes du panneau de configuration.
Pour plus d'informations, voir l'article Les Toolbars, c'est pas obligatoire!

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Program Files\AskBarDis\bar\bin\askBar.dll

http://forum.malekal.com/daemon-tools-s ... html#p3720

Sylvie67 · par **Sylvie67** » 15 sept. 2010 18:10

bonjour merci de ta réponse, j'ai supprimé tes toolbar, mais pour l'utilisation de removaltool, je crois qu'il va m'enlever aussi norton ghost !?
pour combofix, comme je l'écris dans mon premier post, il est très long mais ne va pas jusqu'au bout j'ai un ecran bleu stop 0x00000019 bad pool header après qu'il met le fichier sera sous c:combofix donc pas de fichier au redémarrage enfin je tente encore une fois mais j'espère que cela ne va pas altérer mon disque dur il met tellement de temps ...
cdlt

sylvie67 · par **sylvie67** » 15 sept. 2010 18:24

puis je lancer combofix en mode sans échec ?

Sylvie67 · par **Sylvie67** » 15 sept. 2010 19:08

Voici le log combofix passé en mode sans echec, en mode normal j'a encore eu cet écran bleu bad pool header stop 0x00000019

ComboFix 10-09-14.05 - Sylvie 15/09/2010 18:42:24.19.1 - x86 NETWORK
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1470.1165 [GMT 2:00]
Lancé depuis: e:\documents and settings\Sylvie\Bureau\COIaF.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((( Fichiers créés du 2010-08-15 au 2010-09-15 ))))))))))))))))))))))))))))))))))))
.

2010-09-15 11:30 . 2010-09-15 11:46 -------- d-----w- e:\program files\Ad-Remover
2010-09-13 16:05 . 2007-12-07 00:08 86528 ----a-w- e:\windows\system32\E_FLBCEE.DLL
2010-09-13 16:05 . 2007-12-07 00:01 78848 ----a-w- e:\windows\system32\E_FD4BCEE.DLL
2010-09-09 11:25 . 2010-09-09 11:34 -------- d-----w- e:\documents and settings\Sylvie\Application Data\DVD Flick
2010-09-09 11:24 . 2010-09-09 11:24 -------- d-----w- e:\program files\DVD Flick
2010-09-06 17:39 . 2010-09-06 17:39 -------- d-----w- e:\program files\Video mp3 Extractor
2010-09-03 10:25 . 2010-08-11 21:50 307200 ----a-w- e:\windows\system32\TubeFinder.exe
2010-09-03 10:25 . 2009-06-19 17:51 9728 ----a-w- e:\windows\system32\PCCLPFR.DLL
2010-09-03 10:25 . 2010-09-03 10:25 -------- d-----w- e:\documents and settings\Sylvie\Application Data\FreeFLVConverter
2010-09-03 10:25 . 2010-09-03 10:25 -------- d-----w- e:\program files\Free FLV Converter
2010-09-03 10:20 . 2005-03-11 16:37 1986560 ----a-w- e:\windows\system32\AudFile.dll
2010-09-03 10:20 . 2005-03-10 15:00 454656 ----a-w- e:\windows\system32\AudioRecord.dll
2010-09-03 10:20 . 2005-02-24 14:21 458752 ----a-w- e:\windows\system32\AudPlayer.dll
2010-09-03 10:20 . 2005-02-24 11:11 479232 ----a-w- e:\windows\system32\AudioVisu.dll
2010-09-03 10:20 . 2005-02-24 11:11 1212416 ----a-w- e:\windows\system32\AudioInfos.dll
2010-09-03 10:20 . 2005-02-24 11:10 417792 ----a-w- e:\windows\system32\AudDisplay.dll
2010-09-03 10:20 . 2005-02-24 11:10 2084864 ----a-w- e:\windows\system32\AudDesign.dll
2010-09-03 10:20 . 2005-02-24 10:51 348160 ----a-w- e:\windows\system32\WMAFile.dll
2010-09-03 10:20 . 1998-07-12 22:00 15360 ----a-w- e:\windows\system32\inetfr.DLL
2010-09-03 10:20 . 2010-09-03 10:20 -------- d-----w- e:\documents and settings\Sylvie\Application Data\FreeAudioPack
2010-09-03 10:20 . 2010-09-03 10:20 -------- d-----w- e:\program files\Free Audio Pack
2010-09-03 09:41 . 2010-09-03 09:41 -------- d-----w- e:\program files\HooTech WMA MP3 Converter
2010-09-03 07:10 . 2010-09-03 09:33 -------- d-----w- e:\program files\ConvertHelper
2010-09-02 09:04 . 2010-09-02 09:04 -------- d-----w- e:\program files\Photo Story 3 for Windows
2010-08-26 18:15 . 2010-09-02 15:22 -------- d-----w- e:\documents and settings\Sylvie\Application Data\vlc

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-15 16:01 . 2007-11-28 12:03 -------- d-----w- e:\program files\Symantec
2010-09-14 22:17 . 2008-12-02 13:23 -------- d-----w- e:\program files\DynDNS Updater
2010-09-13 18:07 . 2009-01-31 09:09 1 ----a-w- e:\documents and settings\Sylvie\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-13 16:05 . 2008-08-01 14:23 -------- d-----w- e:\documents and settings\All Users\Application Data\EPSON
2010-09-08 11:16 . 2007-11-26 09:33 -------- d-----w- e:\program files\Mozilla Thunderbird
2010-09-02 09:27 . 2007-12-19 17:44 29926 ----a-r- e:\documents and settings\Sylvie\Application Data\Microsoft\Installer\{AF7C627C-F354-4FF1-8450-398C806B436E}\_3d366f1d.exe
2010-09-02 09:27 . 2007-12-19 17:44 3774 ----a-r- e:\documents and settings\Sylvie\Application Data\Microsoft\Installer\{AF7C627C-F354-4FF1-8450-398C806B436E}\_4bde371b.exe
2010-09-02 09:27 . 2007-12-19 17:44 -------- d-----w- e:\program files\Power IE
2010-08-25 11:37 . 2010-05-26 07:03 -------- d-----w- e:\program files\Recuva
2010-08-22 10:31 . 2007-11-25 17:42 -------- d-----w- e:\documents and settings\Sylvie\Application Data\Thunderbird
2010-08-18 20:48 . 2004-08-10 12:00 93836 ----a-w- e:\windows\system32\perfc00C.dat
2010-08-18 20:48 . 2004-08-10 12:00 531488 ----a-w- e:\windows\system32\perfh00C.dat
2010-08-18 20:42 . 2010-02-25 11:51 -------- d-----w- e:\documents and settings\All Users\Application Data\Microsoft Help
2010-08-08 09:18 . 2008-11-18 14:20 -------- d-----w- e:\documents and settings\All Users\Application Data\NOS
2010-07-29 09:16 . 2010-08-09 20:01 221184 ----a-w- e:\documents and settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}\plugins\npOrangeInstaller.dll
2010-07-21 11:31 . 2010-07-21 11:31 -------- d-----w- e:\program files\Microsoft Fix it Center
2010-07-01 16:19 . 2010-07-01 16:19 686080 ----a-w- e:\documents and settings\Sylvie\Application Data\OpenOffice.org\3\user\uno_packages\cache\uno_packages\14.tmp_\sun-pdfimport.oxt\pdfimport.uno.dll
2010-07-01 16:19 . 2010-07-01 16:19 568832 ----a-w- e:\documents and settings\Sylvie\Application Data\OpenOffice.org\3\user\uno_packages\cache\uno_packages\14.tmp_\sun-pdfimport.oxt\msvcp90.dll
2010-07-01 16:19 . 2010-07-01 16:19 655872 ----a-w- e:\documents and settings\Sylvie\Application Data\OpenOffice.org\3\user\uno_packages\cache\uno_packages\14.tmp_\sun-pdfimport.oxt\msvcr90.dll
2010-07-01 16:19 . 2010-07-01 16:19 583168 ----a-w- e:\documents and settings\Sylvie\Application Data\OpenOffice.org\3\user\uno_packages\cache\uno_packages\14.tmp_\sun-pdfimport.oxt\xpdfimport.exe
2010-07-01 16:19 . 2010-07-01 16:19 224768 ----a-w- e:\documents and settings\Sylvie\Application Data\OpenOffice.org\3\user\uno_packages\cache\uno_packages\14.tmp_\sun-pdfimport.oxt\msvcm90.dll
2010-06-30 12:32 . 2004-08-10 12:00 149504 ----a-w- e:\windows\system32\schannel.dll
2010-06-24 09:02 . 2004-08-10 12:00 1852032 ----a-w- e:\windows\system32\win32k.sys
2010-06-23 06:04 . 2010-06-23 06:05 331184 ----a-w- e:\windows\system32\difxapi.dll
2010-06-21 15:27 . 2004-08-10 12:00 354304 ----a-w- e:\windows\system32\drivers\srv.sys
2007-11-27 17:18 . 2007-11-27 17:18 2293848 ----a-w- e:\program files\FLV PlayerFCSetup.exe
2007-11-27 16:55 . 2007-11-27 16:51 20256064 ----a-w- e:\program files\QuickTimeInstaller.exe
2007-11-27 16:52 . 2007-11-27 16:52 2453357 ----a-w- e:\program files\cartagogo_cartagogo_3.1.8_francais_11201.zip
2007-11-27 16:51 . 2007-11-27 16:50 15180000 ----a-w- e:\program files\gimp-2.4.2-i686-setup.exe
2007-11-27 16:51 . 2007-11-27 16:48 24536608 ----a-w- e:\program files\AdbeRdr810_fr_FR.exe
2007-11-25 17:28 . 2007-11-25 17:28 2725528 ----a-w- e:\program files\ccsetup202.exe
2007-11-25 16:40 . 2007-11-25 16:39 6540856 ----a-w- e:\program files\Thunderbird Setup 2.0.0.9.exe
2007-11-25 16:19 . 2007-11-25 16:19 5837392 ----a-w- e:\program files\Firefox Setup 2.0.0.9.exe
2007-11-25 16:11 . 2007-11-25 16:11 17521856 ----a-w- e:\program files\setupfre.exe
2007-06-02 20:51 . 2007-11-26 07:45 2855080 ----a-w- e:\program files\aawsepersonal.exe
1998-10-15 09:04 . 1998-10-15 09:04 8219 ----a-w- e:\program files\setup.inf
1998-10-15 09:04 . 1998-10-15 09:04 734517 ----a-w- e:\program files\mssce.cab
1998-10-15 09:04 . 1998-10-15 09:04 37136 ----a-w- e:\program files\regsvr32.exe
1998-10-15 09:04 . 1998-10-15 09:04 267 ----a-w- e:\program files\scesetup.inf
1998-10-15 09:04 . 1998-10-15 09:04 222976 ----a-w- e:\program files\mssce.exe
1998-10-15 09:04 . 1998-10-15 09:04 1462 ----a-w- e:\program files\scefiles.inf
1998-10-15 09:04 . 1998-10-15 09:04 11830 ----a-w- e:\program files\readme.txt
1998-07-16 12:15 . 1998-07-16 12:15 1215720 ----a-w- e:\program files\immc.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DynDNS Updater"="e:\program files\DynDNS Updater\DynDNS.exe" [2006-09-17 1352704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="e:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 282624]
"avgnt"="e:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"InstallVCOM"="e:\windows\system32\InstallVCOM.exe" [2009-07-20 307200]
"NvMediaCenter"="e:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"Synchronization Manager"="e:\windows\system32\mobsync.exe" [2008-04-14 143872]
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"OrangePlayer"="e:\program files\orange\media player\Media Player.exe" [2009-09-05 319488]

[HKLM\~\startupfolder\E:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^EPSON Status Monitor 3 Environment Check 2.lnk]
path=e:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk
backup=e:\windows\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup

[HKLM\~\startupfolder\E:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v3 Smart Wizard.lnk]
path=e:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\NETGEAR WG111v3 Smart Wizard.lnk
backup=e:\windows\pss\NETGEAR WG111v3 Smart Wizard.lnkCommon Startup

[HKLM\~\startupfolder\E:^Documents and Settings^Sylvie^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=e:\documents and settings\Sylvie\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=e:\windows\pss\OpenOffice.org 2.3.lnkStartup

[HKLM\~\startupfolder\E:^Documents and Settings^Sylvie^Menu Démarrer^Programmes^Démarrage^PowerReg Scheduler.exe]
path=e:\documents and settings\Sylvie\Menu Démarrer\Programmes\Démarrage\PowerReg Scheduler.exe
backup=e:\windows\pss\PowerReg Scheduler.exeStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-06-14 15:43 149024 ----a-w- e:\program files\Fichiers communs\Seagate\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2007-06-15 07:58 1966384 ----a-w- e:\program files\Seagate\DiscWizard\TimounterMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- e:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- e:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-09-04 09:15 106952 ----a-w- e:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-01 08:21 153136 ----a-w- e:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2005-01-20 13:53 58992 ----a-w- e:\program files\Fichiers communs\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- e:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiscWizardMonitor.exe]
2007-08-21 08:15 1192336 ----a-w- e:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
2007-12-17 06:00 188928 ----a-w- e:\windows\system32\spool\drivers\w32x86\3\E_FATIEGE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 17:07 141608 ----a-w- e:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxBlastMonitor.exe]
2007-06-15 07:55 1192632 ----a-w- e:\program files\Seagate\DiscWizard\MaxBlastMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- e:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
2005-09-09 18:09 1537648 ----a-w- e:\program files\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-03 17:23 13670504 ----a-w- e:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 10:00 49152 ----a-w- e:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrangePlayer]
2009-09-05 15:29 319488 ----a-w- e:\program files\Orange\Media Player\Media Player.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 16:06 406016 ----a-w- e:\windows\system32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCRemote]
2005-11-07 17:43 73728 ----a-w- e:\program files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCS]
2005-11-08 08:41 65536 ----a-w- e:\program files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 ----a-w- e:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- e:\program files\Fichiers communs\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-01-13 09:03 198160 ----a-w- e:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2008-05-02 04:15 15872 ----a-w- e:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-04-10 17:29 37888 ----a-w- e:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\WINDOWS\\system32\\fxsclnt.exe"=
"e:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"e:\\Program Files\\GIMP-2.0\\lib\\gimp\\2.0\\plug-ins\\script-fu.exe"=
"e:\\Program Files\\UltraVNC\\vncviewer.exe"=
"e:\\Documents and Settings\\Sylvie\\Bureau\\Site Sylvie\\PcHelpWare_rel10_Fr\\PcHelpWare\\PcHelpWare_viewer.exe"=
"e:\\WINDOWS\\system32\\dpvsetup.exe"=
"e:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"e:\\Program Files\\OpenOffice.org 3\\program\\soffice.bin"=
"e:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"e:\\Program Files\\DMV\\MaxTV4\\core\\maxtv_xul.exe"=
"e:\\Program Files\\DMV\\MaxTV4\\maxtv.exe"=
"e:\\Program Files\\DMV\\MaxTV4\\recorder.exe"=
"e:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"e:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"e:\\WINDOWS\\system32\\dplaysvr.exe"=
"e:\\Program Files\\iTunes\\iTunes.exe"=
"e:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"e:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"e:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5500:TCP"= 5500:TCP:pchelpware

R1 SSHDRV85;SSHDRV85;e:\windows\system32\drivers\SSHDRV85.sys [25/03/2010 18:22 78848]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;e:\program files\Avira\AntiVir Desktop\sched.exe [16/05/2009 13:26 108289]
S2 FsUsbExService;FsUsbExService;e:\windows\system32\FsUsbExService.Exe [22/12/2009 19:17 238040]
S2 vnccom;vnccom;e:\windows\system32\drivers\vnccom.SYS [22/11/2008 16:06 6016]
S3 DTV-DVBM9205;DTV-DVB USB Hybrid Analog/Capture;e:\windows\system32\drivers\M9205.sys [22/01/2008 19:52 70272]
S3 FsUsbExDisk;FsUsbExDisk;e:\windows\system32\FsUsbExDisk.Sys [22/12/2009 19:17 36608]
S3 M9207;DTV-DVB M9207 USB DVB-T / TV BOX;e:\windows\system32\drivers\M9207BDA.sys [22/01/2008 19:41 37248]
S3 maconfservice;Ma-Config Service;e:\program files\ma-config.com\maconfservice.exe [17/12/2009 20:00 243056]
S3 MatSvc;Microsoft Automated Troubleshooting Service;e:\program files\Microsoft Fix it Center\Matsvc.exe [10/04/2010 17:05 266544]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;e:\windows\System32\svchost.exe -k nosGetPlusHelper [10/08/2004 14:00 14336]
S3 pctvvbi;PCTVVBI;e:\windows\system32\drivers\pctvvbi.sys [08/01/2010 13:28 6400]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;e:\windows\system32\drivers\wg111v3.sys [23/04/2007 15:11 224896]
S3 RTLWUSB;802.11g USB 2.0 WLAN Dongle;e:\windows\system32\drivers\RTL8187.sys [10/12/2007 18:21 169472]
S3 SWUSBFLT;Pilote de filtre Microsoft SideWinder VIA;e:\windows\system32\drivers\SWUSBFLT.SYS [14/02/2008 21:46 3968]
S4 sptd;sptd;e:\windows\system32\drivers\sptd.sys [28/08/2009 21:19 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contenu du dossier 'Tâches planifiées'

2010-08-28 e:\windows\Tasks\AppleSoftwareUpdate.job
- e:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-09-15 e:\windows\Tasks\SyncBack Bureau.job
- e:\program files\2BrightSparks\SyncBack\SyncBack.exe [2008-05-28 16:45]

2010-09-15 e:\windows\Tasks\SyncBack Mes documents.job
- e:\program files\2BrightSparks\SyncBack\SyncBack.exe [2008-05-28 16:45]

2010-09-15 e:\windows\Tasks\SyncBack Pascale.job
- e:\program files\2BrightSparks\SyncBack\SyncBack.exe [2008-05-28 16:45]

2010-09-15 e:\windows\Tasks\SyncBack thunderbird.job
- e:\program files\2BrightSparks\SyncBack\SyncBack.exe [2008-05-28 16:45]
.
.
------- Examen supplémentaire -------
.
IE: &Télécharger avec NetTransport - e:\program files\Xi\NetTransport 2\NTAddLink.html
IE: Add to Google Photos Screensa&ver - e:\windows\system32\GPhotos.scr/200
IE: Tout t&élécharger avec NetTransport - e:\program files\Xi\NetTransport 2\NTAddList.html
TCP: {1731B338-F73B-4BC8-9E19-808970A42EF0} = 192.168.1.1
DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} - hxxp://webtv.guidetv.orange.fr/resources/OCS_9418.cab
FF - ProfilePath - e:\documents and settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 8880
FF - prefs.js: network.proxy.gopher - localhost
FF - prefs.js: network.proxy.gopher_port - 8880
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 8880
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 8880
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 8880
FF - prefs.js: network.proxy.type - 4
FF - component: e:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-15 18:51
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
InstallVCOM = e:\windows\system32\InstallVCOM.exe?????????????????????????????l???????"??|????? ??????????D??????????? ??|(??|????"??|???|???|????$????????????????????????????? ??? ??????????????????????? ??? ? ???????????????????????X???????H???????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2052111302-861567501-1801674531-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,17,82,2b,7e,50,8a,ce,2f,c9,0d,9f,5e,7e,d3,a1,ab,e0,be,57,f7,a2,a5,
ad,b9,05,ea,dc,b2,84,8a,d8,fa,ee,a8,0f,47,85,63,2d,5b,ac,d7,a4,4e,e4,3a,e5,\
"??"=hex:99,18,82,02,fb,95,69,74,6e,1d,6b,df,1c,87,17,65

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@e:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="e:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(896)
e:\windows\system32\relog_ap.dll
.
Heure de fin: 2010-09-15 18:54:53
ComboFix-quarantined-files.txt 2010-09-15 16:54
ComboFix2.txt 2010-07-07 13:03
ComboFix3.txt 2010-07-07 06:13
ComboFix4.txt 2010-07-06 20:22
ComboFix5.txt 2010-09-14 21:52

Avant-CF: 36 646 567 936 octets libres
Après-CF: 36 636 073 984 octets libres

- - End Of File - - D8FBC002B10A159B694C2AE994BDDAC8

SkyTech · par **SkyTech** » 15 sept. 2010 20:05

Re,

Sylvie67 a écrit :je crois qu'il va m'enlever aussi norton ghost !?

Je pense mais bon en même temps y en d'autres des programmes comme ça : https://www.malekal.com/tutorial_Drive_Image_XML.php

Tu sembles infecté, je passe la main à Angelique

par **angelique** » 16 sept. 2010 11:51

► rend toi sur ce site http://www.virustotal.com/ , et analyze ce fichier : e:\windows\system32\InstallVCOM.exe

Pour le voir :

Ouvre le poste de travail
Clic sur le menu outils en haut à droite puis options des dossiers
Dans la nouvelle fenêtre, clic sur l'onglet Affichage en haut
Coche dans la liste "Afficher les fichiers cachés"
Décoche "masquer les fichier proteger du systeme d exploitation (recommandée)"| appliquer
Tu vas recevoir un message qui te dit que cela peut endommager le système, n'en tiens pas compte et va scanner le fichier puis donne l'adresse du lien apres analyze

► ouvre une invite de commande [executer---> cmd] , dans la fenetre qui s'ouvre tape en respectant les espaces et valide par la touche "enter" la ligne ci dessous :

Code : Tout sélectionner

chkdsk /f /r e:

accepte , oui , et redemarre le pc , laisse le chkdsk s'executer sans l'interrompre sur ecran bleu , sur 5 étapes , le pc redemarrera seul

► Télécharge Malwarebytes' Anti-Malware (MBAM)
http://mbam.malwarebytes.org/program/mbam-setup.exe

* Double clique sur le fichier téléchargé pour lancer le processus d'installation.
* Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
* Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
* Sélectionne "Exécuter un examen complet"
* Clique sur "Rechercher"
* L'analyse démarre, le scan est relativement long, c'est normal.
* A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
* Ferme tes navigateurs.
* Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

NB : Si MBAM te demande à redémarrer, fais-le.

Sylvie67 · par **Sylvie67** » 16 sept. 2010 14:50

bonjour
merci de ton aide
voici le lien pour virus total
http://www.virustotal.com/file-scan/rep ... 1284640998
malawarebytes n'a rien détecté
chkdsk /f/r e:
s'est bien passé le pc a redémarré mais je n'étais pas devant dont j'ai pas vu s'il y avait des problèmes !

par **angelique** » 16 sept. 2010 15:02

SkyTech a dit "Tu sembles infecté, je passe la main à Angelique" , moi je trouve pas

si SkyTech veut developper stp!

SkyTech · par **SkyTech** » 16 sept. 2010 15:27

Salut,

J'avais pensé à ça :

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
InstallVCOM = e:\windows\system32\InstallVCOM.exe?????????????????????????????l???????"??|????? ??????????D??????????? ??|(??|????"??|???|???|????$????????????????????????????? ??? ??????????????????????? ??? ? ???????????????????????X???????H???????????????????????????????

Mais si c'est clean...

Pour voir plus loin :

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Sylvie67 · par **Sylvie67** » 16 sept. 2010 15:49

voici le rapport
OTL logfile created on: 16/09/2010 15:36:52 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = E:\Documents and Settings\Sylvie\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): E:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
Drive E: | 149,00 Gb Total Space | 34,15 Gb Free Space | 22,92% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAMIE
Current User Name: Sylvie
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - E:\Documents and Settings\Sylvie\Bureau\OTL.exe (OldTimer Tools)
PRC - E:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - E:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - E:\WINDOWS\system32\InstallVCOM.exe ()
PRC - E:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - E:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - E:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
PRC - E:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe (Acronis)
PRC - E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - E:\Program Files\DynDNS Updater\DynDNS.exe (Kana Solution)
PRC - E:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - E:\Program Files\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
PRC - E:\WINDOWS\system32\gearsec.exe (GEAR Software)
PRC - E:\WINDOWS\system32\drivers\WtSrv.exe (Tablet Driver)
PRC - E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
PRC - E:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - E:\WINDOWS\system32\E_S00RP2.EXE (SEIKO EPSON CORPORATION)

========== Modules (SafeList) ==========

MOD - E:\Documents and Settings\Sylvie\Bureau\OTL.exe (OldTimer Tools)
MOD - E:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll File not found
SRV - (SQLAgent$PINNACLESYS) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE File not found
SRV - (MSSQL$PINNACLESYS) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe File not found
SRV - (nosGetPlusHelper) getPlus(R) -- E:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (MatSvc) -- E:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
SRV - (getPlusHelper) getPlus(R) -- E:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (NMSAccess) -- E:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (maconfservice) -- E:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (FsUsbExService) -- E:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (AntiVirService) -- E:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- E:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (ose) -- E:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ServiceLayer) -- E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (Symantec Core LC) -- E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
SRV - (AcrSch2Svc) -- E:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe (Acronis)
SRV - (NMIndexingService) -- E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (Imapi Helper) -- E:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe (Alex Feinman)
SRV - (PinnacleSys.MediaServer) -- e:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe (Pinnacle Systems)
SRV - (Norton Ghost) -- E:\Program Files\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
SRV - (GEARSecurity) -- E:\WINDOWS\system32\gearsec.exe (GEAR Software)
SRV - (WinTabService) -- E:\WINDOWS\System32\Drivers\WTSRV.EXE (Tablet Driver)
SRV - (ccSetMgr) -- E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (ccPwdSvc) -- E:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (EPSONStatusAgent2) -- E:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV2_02) EPSON V3 Service2(02) -- E:\WINDOWS\system32\E_S00RP2.EXE (SEIKO EPSON CORPORATION)

========== Driver Services (SafeList) ==========

DRV - (wanusb) D-Link DSL-200 USB ADSL Modem(WAN) -- E:\WINDOWS\System32\DRIVERS\gwausb.sys File not found
DRV - (DSDrv4) -- E:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys File not found
DRV - (catchme) -- E:\DOCUME~1\L'AMIE~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (nv) -- E:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (SSHDRV85) -- E:\WINDOWS\system32\drivers\SSHDRV85.sys ()
DRV - (portio) -- E:\WINDOWS\system32\drivers\throttle.sys (Windows (R) 2000 DDK provider)
DRV - (driverhardwarev2) -- E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (avgntflt) -- E:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (StarOpen) -- E:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (sptd) -- E:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (vmm) -- E:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation)
DRV - (ssmdrv) -- E:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- E:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- E:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (avgio) -- E:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (timounter) -- E:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- E:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- E:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (MPE) -- E:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (GcKernel) -- E:\WINDOWS\system32\drivers\gckernel.sys (Microsoft Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- E:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- E:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (symlcbrd) -- E:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (pccsmcfd) -- E:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ssm_mdm) -- E:\WINDOWS\system32\drivers\ssm_mdm.sys (MCCI Corporation)
DRV - (ssm_mdfl) -- E:\WINDOWS\system32\drivers\ssm_mdfl.sys (MCCI Corporation)
DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- E:\WINDOWS\system32\drivers\ssm_bus.sys (MCCI Corporation)
DRV - (RTLWUSB) -- E:\WINDOWS\system32\drivers\RTL8187.sys (Realtek Semiconductor Corporation )
DRV - (RTL8187B) -- E:\WINDOWS\system32\drivers\wg111v3.sys (Realtek Semiconductor Corporation )
DRV - (speedfan) -- E:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (STHDA) -- E:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (bcm4sbxp) -- E:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (PCANDIS5) -- E:\WINDOWS\system32\pcandis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (DTV-DVBM9205) -- E:\WINDOWS\system32\drivers\M9205.sys ()
DRV - (M9207) -- E:\WINDOWS\system32\drivers\M9207BDA.sys ()
DRV - (SymSnap) -- E:\WINDOWS\System32\drivers\SymSnap.sys (StorageCraft)
DRV - (V2IMount) -- E:\WINDOWS\System32\drivers\V2iMount.sys (Symantec Corporation)
DRV - (TClass2k) -- E:\WINDOWS\system32\drivers\TClass2k.sys (Tablet Driver)
DRV - (Tablet2k) -- E:\WINDOWS\System32\Drivers\Tablet2k.sys (Windows (R) 2000 DDK provider)
DRV - (UCTblHid) -- E:\WINDOWS\system32\drivers\UCTblHid.sys (Tablet Driver)
DRV - (ser2pl) -- E:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (ASAPIW2k) -- E:\WINDOWS\system32\drivers\asapiW2k.sys (VOB Computersysteme GmbH)
DRV - (BANTExt) -- E:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (VPCNetS2) -- E:\WINDOWS\system32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (vnccom) -- E:\WINDOWS\system32\drivers\vnccom.SYS (RDV Soft)
DRV - (vncdrv) -- E:\WINDOWS\system32\drivers\vncdrv.sys (RDV Soft)
DRV - (PQNTDrv) -- E:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (HSFHWBS2) -- E:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- E:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- E:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (PCAMPR5) -- E:\WINDOWS\system32\pcampr5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (pctvvbi) -- E:\WINDOWS\system32\drivers\pctvvbi.sys (Pinnacle Systems)
DRV - (SWUSBFLT) -- E:\WINDOWS\system32\drivers\SWUSBFLT.SYS (Microsoft Corporation)
DRV - (HIDSwvd) -- E:\WINDOWS\system32\drivers\HIDSwvd.sys (Microsoft Corporation)
DRV - (MODEMCSA) -- E:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (giveio) -- E:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 56 89 7F 69 EA B8 C9 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2010/09/16 12:20:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2010/09/15 11:39:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: E:\Program Files\Mozilla Thunderbird\components [2010/09/08 13:15:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: E:\Program Files\Mozilla Thunderbird\plugins [2010/08/23 08:59:04 | 000,000,000 | ---D | M]

[2010/08/22 12:31:56 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Extensions
[2010/08/22 12:31:56 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/11/10 15:12:43 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Extensions\[email protected]
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] (Bandwidth Tester) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\{7C06F9C2-B0D0-47b4-93B8-116C919084BA}
[2008/10/29 05:29:54 | 000,000,000 | ---D | M] (Ma-config.com) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\[email protected]
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\[email protected]
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\fr-FR@dico_vazkor
[2009/12/07 19:11:53 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par dÃ©faut\extensions
[2009/12/07 19:11:53 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par dÃ©faut\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/11/04 09:13:43 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par dÃ©faut\extensions\[email protected]
[2010/09/15 21:06:01 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions
[2010/05/30 11:36:10 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/05/10 14:03:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/09 22:01:14 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}
[2009/06/09 13:06:08 | 000,000,000 | ---D | M] (IE Tab) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/02/15 09:58:10 | 000,000,000 | ---D | M] (Live HTTP Headers) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010/08/09 22:01:15 | 000,000,000 | ---D | M] (DownloadHelper) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/12/17 10:00:04 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2008/11/18 16:20:37 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2010/08/18 18:06:45 | 000,000,000 | ---D | M] (Adblock Plus) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/25 12:28:09 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\[email protected]
[2010/02/07 14:52:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\[email protected]
[2010/09/10 09:16:05 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\unplug@compunach
[2010/09/15 21:06:01 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions
[2010/05/17 10:04:09 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/12/07 19:27:24 | 000,072,960 | ---- | M] (Foxit Software Company) -- E:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/09/15 12:52:06 | 000,376,832 | ---- | M] ( ) -- E:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
[2010/08/25 02:40:16 | 000,001,516 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/08/25 02:40:16 | 000,001,822 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/25 02:40:16 | 000,000,757 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/08/25 02:40:16 | 000,001,426 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/08/25 02:40:16 | 000,000,956 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/09/15 00:22:38 | 000,000,791 | R--- | M]) - E:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (NTIECatcher Class) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll (Xi)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avgnt] E:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [InstallVCOM] E:\WINDOWS\system32\InstallVCOM.exe ()
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] E:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [DynDNS Updater] E:\Program Files\DynDNS Updater\DynDNS.exe (Kana Solution)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = E:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = E:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Télécharger avec NetTransport - E:\Program Files\Xi\NetTransport 2\NTAddLink.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - E:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - E:\Program Files\Xi\NetTransport 2\NTAddList.html ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.4.8.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 1360521921 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1356096968 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_9418.cab (FTMediaPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crl ... crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - E:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - E:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - E:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: E:\Documents and Settings\Sylvie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: E:\Documents and Settings\Sylvie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - E:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/16 15:35:37 | 000,575,488 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Sylvie\Bureau\OTL.exe
[2010/09/15 19:08:35 | 000,000,000 | -HSD | C] -- E:\RECYCLER
[2010/09/15 18:55:24 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Bureau\desinfection combo
[2010/09/15 18:54:55 | 000,000,000 | ---D | C] -- E:\WINDOWS\temp
[2010/09/15 13:30:01 | 000,000,000 | ---D | C] -- E:\Program Files\Ad-Remover
[2010/09/15 11:36:13 | 000,000,000 | RH-D | C] -- E:\Documents and Settings\Sylvie\Recent
[2010/09/15 08:31:31 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Bureau\backups
[2010/09/15 08:24:10 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- E:\Documents and Settings\Sylvie\Bureau\HiJacks.exe
[2010/09/13 18:05:18 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- E:\WINDOWS\System32\E_FLBCEE.DLL
[2010/09/13 18:05:18 | 000,078,848 | ---- | C] (SEIKO EPSON CORPORATION) -- E:\WINDOWS\System32\E_FD4BCEE.DLL
[2010/09/10 09:29:58 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Mes documents\Calendrier_V2.0.1
[2010/09/09 13:25:11 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Application Data\DVD Flick
[2010/09/09 13:24:50 | 000,036,864 | ---- | C] (Robdogg Inc.) -- E:\WINDOWS\System32\trayicon_handler.ocx
[2010/09/09 13:24:50 | 000,028,672 | ---- | C] (-) -- E:\WINDOWS\System32\mousewheel.ocx
[2010/09/09 13:24:49 | 000,212,240 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\richtx32.ocx
[2010/09/09 13:24:49 | 000,000,000 | ---D | C] -- E:\Program Files\DVD Flick
[2010/09/06 19:39:17 | 000,000,000 | ---D | C] -- E:\Program Files\Video mp3 Extractor
[2010/09/03 12:25:20 | 000,307,200 | ---- | C] (Koyote Soft - http://www.koyotesoft.com) -- E:\WINDOWS\System32\TubeFinder.exe
[2010/09/03 12:25:19 | 000,084,512 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\PICCLP32.OCX
[2010/09/03 12:25:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\PCCLPFR.DLL
[2010/09/03 12:25:18 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Application Data\FreeFLVConverter
[2010/09/03 12:25:18 | 000,000,000 | ---D | C] -- E:\Program Files\Free FLV Converter
[2010/09/03 12:20:27 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudDesign.dll
[2010/09/03 12:20:27 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudFile.dll
[2010/09/03 12:20:27 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudioInfos.dll
[2010/09/03 12:20:27 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudioVisu.dll
[2010/09/03 12:20:27 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudPlayer.dll
[2010/09/03 12:20:27 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudioRecord.dll
[2010/09/03 12:20:27 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudDisplay.dll
[2010/09/03 12:20:27 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\WMAFile.dll
[2010/09/03 12:20:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\inetfr.DLL
[2010/09/03 12:20:24 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Application Data\FreeAudioPack
[2010/09/03 12:20:24 | 000,000,000 | ---D | C] -- E:\Program Files\Free Audio Pack
[2010/09/03 11:41:41 | 000,000,000 | ---D | C] -- E:\Program Files\HooTech WMA MP3 Converter
[2010/09/03 09:10:20 | 000,000,000 | ---D | C] -- E:\Program Files\ConvertHelper
[2010/09/02 11:04:05 | 000,000,000 | ---D | C] -- E:\Program Files\Photo Story 3 for Windows
[2010/09/02 09:48:41 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Mes documents\Exportations HTML Picasa
[2010/08/31 11:44:15 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Bureau\Rootkit
[2010/08/26 20:15:53 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Application Data\vlc
[2010/08/22 12:41:09 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Bureau\mélodie
[2009/05/12 19:27:31 | 000,061,440 | ---- | C] ( ) -- E:\WINDOWS\System32\vsnpstd3.dll
[2007/11/27 18:51:38 | 020,256,064 | ---- | C] (Apple Inc.) -- E:\Program Files\QuickTimeInstaller.exe
[2007/11/27 18:50:19 | 015,180,000 | ---- | C] ( ) -- E:\Program Files\gimp-2.4.2-i686-setup.exe
[2007/11/27 18:48:43 | 024,536,608 | ---- | C] ( ) -- E:\Program Files\AdbeRdr810_fr_FR.exe
[2007/11/25 19:28:28 | 002,725,528 | ---- | C] (Piriform Ltd) -- E:\Program Files\ccsetup202.exe
[2007/11/25 18:39:48 | 006,540,856 | ---- | C] (Mozilla) -- E:\Program Files\Thunderbird Setup 2.0.0.9.exe
[2007/11/25 18:19:31 | 005,837,392 | ---- | C] (Mozilla) -- E:\Program Files\Firefox Setup 2.0.0.9.exe
[1998/10/15 11:04:00 | 000,222,976 | ---- | C] (AXA) -- E:\Program Files\mssce.exe
[1998/10/15 11:04:00 | 000,037,136 | ---- | C] (Microsoft Corporation) -- E:\Program Files\regsvr32.exe
[1998/07/16 14:15:46 | 001,215,720 | ---- | C] (Microsoft Corporation) -- E:\Program Files\immc.exe
[3 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[2 E:\*.tmp files -> E:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/16 15:35:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Sylvie\Bureau\OTL.exe
[2010/09/16 14:00:09 | 000,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT
[2010/09/16 13:59:59 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2010/09/16 12:21:56 | 016,252,928 | ---- | M] () -- E:\Documents and Settings\Sylvie\ntuser.dat
[2010/09/16 09:00:00 | 000,000,464 | ---- | M] () -- E:\WINDOWS\tasks\SyncBack Mes documents.job
[2010/09/16 09:00:00 | 000,000,460 | ---- | M] () -- E:\WINDOWS\tasks\SyncBack thunderbird.job
[2010/09/16 09:00:00 | 000,000,452 | ---- | M] () -- E:\WINDOWS\tasks\SyncBack Pascale.job
[2010/09/16 09:00:00 | 000,000,450 | ---- | M] () -- E:\WINDOWS\tasks\SyncBack Bureau.job
[2010/09/15 21:22:52 | 000,000,184 | -HS- | M] () -- E:\Documents and Settings\Sylvie\ntuser.ini
[2010/09/15 18:51:19 | 000,000,227 | ---- | M] () -- E:\WINDOWS\system.ini
[2010/09/15 18:39:38 | 704,643,072 | ---- | M] () -- E:\WINDOWS\MEMORY.DMP
[2010/09/15 18:16:17 | 003,845,259 | R--- | M] () -- E:\Documents and Settings\Sylvie\Bureau\COIaF.exe
[2010/09/15 13:30:02 | 000,001,565 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\AD-R.lnk
[2010/09/15 11:39:58 | 000,001,631 | ---- | M] () -- E:\Documents and Settings\Sylvie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/15 11:39:58 | 000,001,613 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/09/15 10:41:08 | 000,080,384 | ---- | M] () -- E:\Documents and Settings\Sylvie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/15 09:32:32 | 000,000,104 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Malekal's forum • VIRUS Aide Malwares (vers, trojans, spywares, hijack).URL
[2010/09/15 08:24:11 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- E:\Documents and Settings\Sylvie\Bureau\HiJacks.exe
[2010/09/14 16:53:54 | 000,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2010/09/14 16:44:47 | 000,000,116 | ---- | M] () -- E:\WINDOWS\NeroDigital.ini
[2010/09/13 18:06:08 | 000,000,676 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\EPSON Scan.lnk
[2010/09/10 09:29:44 | 000,033,280 | ---- | M] () -- E:\Documents and Settings\Sylvie\Mes documents\Calendrier_V2.0.1.zip
[2010/09/10 09:20:07 | 000,011,029 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\calendrier.odt
[2010/09/09 13:24:56 | 000,001,588 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\DVD Flick.lnk
[2010/09/09 10:41:40 | 026,626,605 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\jazz_manouche_le_poin_onneur_des_lillas.wmv
[2010/09/06 19:39:18 | 000,000,701 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Video mp3 Extractor.lnk
[2010/09/03 12:25:22 | 000,000,803 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Free FLV Converter.lnk
[2010/09/03 12:20:31 | 000,000,929 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Easy Audio Cutter.lnk
[2010/09/03 12:20:31 | 000,000,913 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Free CD Ripper.lnk
[2010/09/03 12:20:31 | 000,000,911 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Free Mp3 Wma Converter.lnk
[2010/09/03 11:42:33 | 001,597,022 | ---- | M] () -- E:\Documents and Settings\Sylvie\Mes documents\A_bicyclette.mp3
[2010/09/03 11:41:42 | 000,000,731 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\WMA MP3 Converter.lnk
[2010/08/30 09:29:48 | 000,001,489 | ---- | M] () -- E:\Documents and Settings\Sylvie\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2010/08/28 15:35:21 | 000,000,284 | ---- | M] () -- E:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/26 20:15:46 | 000,000,730 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/08/25 13:37:28 | 000,001,523 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Recuva.lnk
[2010/08/23 08:59:04 | 000,001,740 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/08/22 15:41:56 | 000,000,105 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Comment analyser un rapport HijackThis.URL
[2010/08/19 08:45:07 | 000,248,696 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/18 22:48:41 | 001,136,990 | ---- | M] () -- E:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/18 22:48:41 | 000,531,488 | ---- | M] () -- E:\WINDOWS\System32\perfh00C.dat
[2010/08/18 22:48:41 | 000,461,124 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2010/08/18 22:48:41 | 000,093,836 | ---- | M] () -- E:\WINDOWS\System32\perfc00C.dat
[2010/08/18 22:48:41 | 000,080,176 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[3 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[2 E:\*.tmp files -> E:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/15 18:11:15 | 003,845,259 | R--- | C] () -- E:\Documents and Settings\Sylvie\Bureau\COIaF.exe
[2010/09/15 13:30:02 | 000,001,565 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\AD-R.lnk
[2010/09/15 11:39:58 | 000,001,631 | ---- | C] () -- E:\Documents and Settings\Sylvie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/15 11:39:58 | 000,001,613 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/09/15 09:32:32 | 000,000,104 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Malekal's forum • VIRUS Aide Malwares (vers, trojans, spywares, hijack).URL
[2010/09/10 09:29:43 | 000,033,280 | ---- | C] () -- E:\Documents and Settings\Sylvie\Mes documents\Calendrier_V2.0.1.zip
[2010/09/10 09:20:07 | 000,011,029 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\calendrier.odt
[2010/09/09 13:24:56 | 000,001,588 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\DVD Flick.lnk
[2010/09/09 10:39:08 | 026,626,605 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\jazz_manouche_le_poin_onneur_des_lillas.wmv
[2010/09/06 19:39:18 | 000,000,701 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Video mp3 Extractor.lnk
[2010/09/03 12:25:22 | 000,000,803 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Free FLV Converter.lnk
[2010/09/03 12:25:19 | 000,364,544 | ---- | C] () -- E:\WINDOWS\System32\PropertyGrid.ocx
[2010/09/03 12:25:19 | 000,208,500 | ---- | C] () -- E:\WINDOWS\System32\ReyXpBasics.tlb
[2010/09/03 12:25:18 | 000,024,576 | ---- | C] () -- E:\WINDOWS\System32\ControlSubX.ocx
[2010/09/03 12:20:31 | 000,000,929 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Easy Audio Cutter.lnk
[2010/09/03 12:20:31 | 000,000,913 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Free CD Ripper.lnk
[2010/09/03 12:20:31 | 000,000,911 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Free Mp3 Wma Converter.lnk
[2010/09/03 12:20:27 | 000,116,296 | ---- | C] () -- E:\WINDOWS\System32\NCTWMAProfiles.prx
[2010/09/03 11:42:27 | 001,597,022 | ---- | C] () -- E:\Documents and Settings\Sylvie\Mes documents\A_bicyclette.mp3
[2010/09/03 11:41:42 | 000,000,731 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\WMA MP3 Converter.lnk
[2010/08/26 20:15:46 | 000,000,730 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/08/25 13:37:28 | 000,001,523 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\Recuva.lnk
[2010/08/22 15:41:56 | 000,000,105 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Comment analyser un rapport HijackThis.URL
[2010/07/01 18:15:28 | 000,000,249 | ---- | C] () -- E:\WINDOWS\pdf2word.INI
[2010/06/22 18:11:15 | 000,001,297 | ---- | C] () -- E:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/06/15 15:13:33 | 000,000,016 | ---- | C] () -- E:\Documents and Settings\Sylvie\Application Data\qcopjv.dat
[2010/04/12 19:16:12 | 000,034,816 | ---- | C] () -- E:\WINDOWS\System32\ODMA32.DLL
[2010/03/25 18:22:07 | 000,078,848 | ---- | C] () -- E:\WINDOWS\System32\drivers\SSHDRV85.sys
[2010/02/28 23:14:18 | 000,000,000 | ---- | C] () -- E:\WINDOWS\darkstoneDemo.INI
[2010/01/13 10:50:49 | 000,178,176 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll
[2010/01/13 10:50:48 | 000,000,038 | ---- | C] () -- E:\WINDOWS\avisplitter.ini
[2010/01/13 10:50:46 | 000,881,664 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2010/01/13 10:50:46 | 000,205,824 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2010/01/13 10:50:45 | 003,596,288 | ---- | C] () -- E:\WINDOWS\System32\qt-dx331.dll
[2010/01/13 10:50:43 | 000,000,547 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/01/13 10:50:42 | 000,085,504 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll
[2010/01/08 15:47:27 | 000,138,752 | ---- | C] () -- E:\WINDOWS\System32\MASE32.DLL
[2010/01/08 15:47:27 | 000,057,856 | ---- | C] () -- E:\WINDOWS\System32\MASD32.DLL
[2010/01/08 15:47:26 | 000,196,096 | ---- | C] () -- E:\WINDOWS\System32\MACD32.DLL
[2010/01/08 15:47:26 | 000,136,192 | ---- | C] () -- E:\WINDOWS\System32\MAMC32.DLL
[2010/01/08 15:47:26 | 000,027,648 | ---- | C] () -- E:\WINDOWS\System32\MA32.DLL
[2010/01/08 15:47:06 | 000,484,352 | ---- | C] () -- E:\WINDOWS\System32\lame_enc.dll
[2009/12/22 19:17:09 | 000,110,592 | ---- | C] () -- E:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/12/22 19:17:09 | 000,036,608 | ---- | C] () -- E:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/12/22 19:17:00 | 000,002,528 | ---- | C] () -- E:\Documents and Settings\Sylvie\Application Data\$_hpcst$.hpc
[2009/09/14 16:52:56 | 000,000,754 | ---- | C] () -- E:\WINDOWS\WORDPAD.INI
[2009/07/09 14:07:46 | 000,000,862 | ---- | C] () -- E:\WINDOWS\posteriza.INI
[2009/05/12 19:29:20 | 000,031,831 | ---- | C] () -- E:\WINDOWS\unvpeye.ini
[2009/04/30 09:36:42 | 000,004,757 | ---- | C] () -- E:\WINDOWS\Irremote.ini
[2009/03/17 23:16:27 | 000,000,069 | ---- | C] () -- E:\WINDOWS\Listed.INI
[2009/01/31 11:54:58 | 000,000,029 | ---- | C] () -- E:\WINDOWS\DEBUGSM.INI
[2008/12/19 15:28:14 | 000,114,310 | ---- | C] () -- E:\Documents and Settings\Sylvie\Local Settings\Application Data\FASTWiz.log
[2008/08/01 16:26:08 | 000,000,097 | ---- | C] () -- E:\WINDOWS\System32\PICSDK.ini
[2008/08/01 16:22:22 | 000,000,025 | ---- | C] () -- E:\WINDOWS\CDE SX400DEFGIPS.ini
[2008/03/18 18:59:47 | 000,116,224 | ---- | C] () -- E:\WINDOWS\System32\pdfcmnnt.dll
[2008/03/18 17:09:51 | 000,000,043 | ---- | C] () -- E:\WINDOWS\gswin32.ini
[2008/02/01 11:59:45 | 000,000,532 | ---- | C] () -- E:\WINDOWS\MAXLINK.INI
[2008/01/31 14:46:03 | 000,000,109 | ---- | C] () -- E:\WINDOWS\cdplayer.ini
[2008/01/22 19:52:48 | 000,070,272 | ---- | C] () -- E:\WINDOWS\System32\drivers\M9205.sys
[2008/01/22 19:41:10 | 000,037,248 | R--- | C] () -- E:\WINDOWS\System32\drivers\M9207BDA.sys
[2008/01/21 22:21:51 | 000,069,632 | R--- | C] () -- E:\WINDOWS\System32\xmltok.dll
[2008/01/21 22:21:51 | 000,036,864 | R--- | C] () -- E:\WINDOWS\System32\xmlparse.dll
[2008/01/09 13:24:41 | 000,031,594 | ---- | C] () -- E:\Documents and Settings\Sylvie\Application Data\Valeurs séparées par une virgule (Windows).ADR
[2007/12/17 11:44:23 | 000,003,840 | ---- | C] () -- E:\WINDOWS\System32\drivers\BANTExt.sys
[2007/12/13 21:34:23 | 000,000,139 | ---- | C] () -- E:\WINDOWS\SIERRA.INI
[2007/12/01 22:29:03 | 000,001,755 | ---- | C] () -- E:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/12/01 21:57:54 | 000,000,116 | ---- | C] () -- E:\WINDOWS\NeroDigital.ini
[2007/11/29 15:16:19 | 000,001,208 | ---- | C] () -- E:\WINDOWS\Radio_Fr.ini
[2007/11/28 16:19:21 | 000,003,712 | ---- | C] () -- E:\WINDOWS\System32\fxsperf.ini
[2007/11/27 19:18:34 | 002,293,848 | ---- | C] () -- E:\Program Files\FLV PlayerFCSetup.exe
[2007/11/27 18:52:34 | 002,453,357 | ---- | C] () -- E:\Program Files\cartagogo_cartagogo_3.1.8_francais_11201.zip
[2007/11/27 12:44:23 | 000,000,616 | ---- | C] () -- E:\WINDOWS\ODBC.INI
[2007/11/27 12:44:23 | 000,000,011 | ---- | C] () -- E:\WINDOWS\exchng.ini
[2007/11/26 20:57:20 | 000,080,384 | ---- | C] () -- E:\Documents and Settings\Sylvie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/26 09:45:21 | 002,855,080 | ---- | C] () -- E:\Program Files\aawsepersonal.exe
[2007/11/25 18:11:03 | 017,521,856 | ---- | C] () -- E:\Program Files\setupfre.exe
[2007/11/25 17:57:46 | 000,286,720 | ---- | C] () -- E:\WINDOWS\System32\nvnt4cpl.dll
[2007/11/25 17:57:45 | 000,581,632 | ---- | C] () -- E:\WINDOWS\System32\nvhwvid.dll
[2007/11/25 17:21:34 | 000,000,142 | ---- | C] () -- E:\Documents and Settings\Sylvie\Local Settings\Application Data\fusioncache.dat
[2007/10/25 18:26:10 | 000,007,168 | ---- | C] () -- E:\WINDOWS\System32\drivers\StarOpen.sys
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelKorean.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelGerman.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelFrench.dll
[2005/12/20 15:41:15 | 000,020,480 | ---- | C] () -- E:\WINDOWS\System32\CPUINFO2.DLL
[2005/09/22 16:50:41 | 000,000,265 | ---- | C] () -- E:\WINDOWS\System32\oeminfo.ini
[2005/08/16 01:48:32 | 000,069,632 | ---- | C] () -- E:\WINDOWS\System32\PcHook.DLL
[2005/08/16 01:48:19 | 000,045,056 | ---- | C] () -- E:\WINDOWS\System32\ucinst32.dll
[2005/08/10 00:13:31 | 000,831,488 | ---- | C] () -- E:\WINDOWS\System32\libeay32.dll
[2005/08/10 00:13:31 | 000,159,744 | ---- | C] () -- E:\WINDOWS\System32\ssleay32.dll
[2004/08/10 09:30:16 | 000,185,856 | ---- | C] () -- E:\WINDOWS\System32\psisdecd.dll
[2001/06/24 11:32:44 | 000,172,032 | ---- | C] () -- E:\WINDOWS\japi2.dll
[2000/07/28 12:48:12 | 000,102,400 | ---- | C] () -- E:\WINDOWS\japi.dll
[1998/10/15 11:04:00 | 000,734,517 | ---- | C] () -- E:\Program Files\mssce.cab
[1998/10/15 11:04:00 | 000,011,830 | ---- | C] () -- E:\Program Files\readme.txt
[1998/10/15 11:04:00 | 000,008,219 | ---- | C] () -- E:\Program Files\setup.inf
[1998/10/15 11:04:00 | 000,001,462 | ---- | C] () -- E:\Program Files\scefiles.inf
[1998/10/15 11:04:00 | 000,000,267 | ---- | C] () -- E:\Program Files\scesetup.inf
[1997/08/29 01:00:00 | 000,022,016 | ---- | C] () -- E:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/29 01:00:00 | 000,012,288 | ---- | C] () -- E:\WINDOWS\System32\VAFR232.DLL
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- E:\WINDOWS\System32\giveio.sys
< End of report >

Sylvie67 · par **Sylvie67** » 16 sept. 2010 15:52

voici le rapport extra

OTL Extras logfile created on: 16/09/2010 15:36:52 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = E:\Documents and Settings\Sylvie\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): E:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
Drive E: | 149,00 Gb Total Space | 34,15 Gb Free Space | 22,92% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAMIE
Current User Name: Sylvie
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "E:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "E:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
"5500:TCP" = 5500:TCP:*:Enabled:pchelpware

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"E:\Program Files\Windows Live\Messenger\wlcsdk.exe" = E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"E:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = E:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\WINDOWS\system32\fxsclnt.exe" = E:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"E:\Program Files\Mozilla Firefox\firefox.exe" = E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"E:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe" = E:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe:*:Enabled:script-fu -- ()
"E:\Program Files\UltraVNC\vncviewer.exe" = E:\Program Files\UltraVNC\vncviewer.exe:*:Enabled:VNCViewer -- (UltraVNC)
"E:\Documents and Settings\Sylvie\Bureau\Site Sylvie\PcHelpWare_rel10_Fr\PcHelpWare\PcHelpWare_viewer.exe" = E:\Documents and Settings\Sylvie\Bureau\Site Sylvie\PcHelpWare_rel10_Fr\PcHelpWare\PcHelpWare_viewer.exe:*:Enabled:GUI Fr du client PcHelpware -- (http://www.pchelpware.fr)
"E:\WINDOWS\system32\dpvsetup.exe" = E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"E:\WINDOWS\system32\usmt\migwiz.exe" = E:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres -- (Microsoft Corporation)
"E:\Program Files\Windows Live\Messenger\wlcsdk.exe" = E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"E:\Program Files\OpenOffice.org 3\program\soffice.bin" = E:\Program Files\OpenOffice.org 3\program\soffice.bin:*:Enabled:OpenOffice.org 3.0 -- (OpenOffice.org)
"E:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe" = E:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"E:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe" = E:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe:*:Enabled:MaxTV -- (Mozilla Foundation)
"E:\Program Files\DMV\MaxTV4\maxtv.exe" = E:\Program Files\DMV\MaxTV4\maxtv.exe:*:Enabled:MaxTV Framework -- ()
"E:\Program Files\DMV\MaxTV4\recorder.exe" = E:\Program Files\DMV\MaxTV4\recorder.exe:*:Enabled:MaxTV Recorder -- ()
"E:\Program Files\ma-config.com\maconfservice.exe" = E:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"E:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = E:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"E:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = E:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"E:\Program Files\Pinnacle\MediaCenter\PMC.exe" = E:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe -- ( )
"E:\Program Files\Pinnacle\MediaCenter\PSST.exe" = E:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe -- (Pinnacle Systems)
"E:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe" = E:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe -- (Pinnacle Systems)
"E:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe" = E:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe -- ( )
"E:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe" = E:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe -- (Pinnacle Systems)
"E:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe" = E:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe -- ( )
"E:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" = E:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService -- (Pinnacle Systems)
"E:\WINDOWS\system32\dplaysvr.exe" = E:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"E:\Program Files\iTunes\iTunes.exe" = E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"E:\Program Files\Real\RealPlayer\realplay.exe" = E:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"E:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = E:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
"E:\Program Files\TeamViewer\Version5\TeamViewer.exe" = E:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18754BA4-4F0C-4E6E-888B-9496AFA05F43}" = Ma-Config.com
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver
"{1A6A6531-08FC-47AD-BAC4-C41497E71033}" = Nero 7 Essentials
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1C943495-B69F-4D41-AE0E-23C57ECD90EE}" = Debugging Tools for Windows
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{314AD191-596F-40C0-ACED-3AD78C9649F1}_is1" = WMA MP3 Converter v4.1 build 1296
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32F720F5-2D0D-4245-A2B0-9EB3CECF8101}" = Norton Ghost 10.0
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3C02ED4F-46B0-4E9E-87F7-47AEBA4031C8}" = Pinnacle PCTV
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
"{4360BB46-507E-4361-8DCB-4FF9BDC9907B}" = SnagIt 7
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{460CE8B9-6EC2-458A-90D4-691631ECE9D9}" = Pinnacle MediaServer
"{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photorécit 3 pour Windows
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A71F923-7E74-4D20-897E-3EF5F66E579A}" = Internet Explorer
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{61E7A44F-3BCC-11D4-9A7A-006067325E47}" = Baldur's Gate(TM) II - Shadows of Amn(TM) Demo
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{81A60A13-224D-4637-8203-3EAC03B121A4}" = Maxtor MaxBlast
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{838BC0FB-4F8F-47B9-847F-06AE4CCE4181}" = Manual CanoScan LiDE 25
"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-001C-040C-0000-0000000FF1CE}" = Microsoft Office Access Runtime (French) 2007
"{91B323B5-A79C-4D23-BD6D-046C565F9BCF}" = MadOnion.com/3DMark2001 SE
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{a22779d7-cd69-4cdb-94e6-4951158d86c2}" = Nero 9 Trial
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.4 - Français
"{AC76BA86-7AD7-2448-0000-800000000003}" = Chinese Traditional Fonts Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{ADD9E56D-2DD8-448A-8887-B3AF76AB1036}" = Nero 7 Essentials
"{AF7C627C-F354-4FF1-8450-398C806B436E}" = Power IEv3
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = Canon CanoScan Toolbox 4.9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CCCAFDDE-ECEC-4AE4-BD97-047076BBD4A9}" = Microsoft Virtual PC 2004
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{DFC6573E-124D-4026-BFA4-B433C9D3FF21}" = ISO Recorder
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (PINNACLESYS)
"{E149E957-F289-45E3-8645-1794A173F5AB}" = Pacific Fighters
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F1DF6605-BE14-4F81-93B5-AC25CFA5EBFD}" = inSSIDer
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle MediaCenter
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"0D20D36D-A11C-444c-9AF7-70CBFED42ECF" = Otto
"1Fh" = 1Fh 1.16
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"99A88D57-2C93-491B-87B8-E41A870FB6BE" = GemMaster Mystic
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-Remover" = Ad-Remover By C_XX
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Age of Empires Expansion 1.0" = Microsoft Age of Empires Expansion
"AIDA32_is1" = AIDA32 v3.93
"Amimo+_is1" = Amimo+ 4.32
"Applian FLV Player2.0.23" = Applian FLV Player
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BeckerCAD 4-12-2010 19:15:54" = SuperCAD 4.1.1485.102 - 4-12-2010 - 19:15:54
"Belarc Advisor 2.0" = Belarc Advisor 7.2
"Camtasia Studio 3" = Camtasia Studio 3
"CartaGoGo v3.1.8_is1" = CartaGoGo v3.1.8
"CartaGoGo_is1" = CartaGoGo v2.0.8
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Creative Removable Disk Manager" = Gestionnaire de disques amovible Creative
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp Real Audio (Helix) Encoder" = dBpoweramp Real Audio (Helix) Encoder
"diplo" = Le Monde diplomatique (remove only)
"Double Finder_is1" = Double FInder 1.1
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"DVD Flick_is1" = DVD Flick 1.3.0.7
"DVD Shrink_is1" = DVD Shrink 3.2
"DynDNS Updater_is1" = DynDNS Updater 3.1
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"Easy Audio Cutter_is1" = Easy Audio Cutter V1.1
"EasyPHP_is1" = EasyPHP 2.0b1
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX200_SX400_TX200_TX400 Guide d'utilisation" = EPSON Stylus SX200_SX400_TX200_TX400 Manuel
"EPSON Stylus SX400 Series" = EPSON Stylus SX400 Series Printer Uninstall
"ESWIN_USB" = ESWIN_USB 0.6g
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Free FLV Converter_is1" = Free FLV Converter V 6.92.0
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.91
"Heredis 2000" = Heredis 2000
"Heredis v.10_is1" = Heredis v.10
"HijackThis" = HijackThis 2.0.2
"ie7" = Windows Internet Explorer 7
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"InstallShield_{E149E957-F289-45E3-8645-1794A173F5AB}" = Pacific Fighters
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.6.1
"LiveReg" = LiveReg (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MaxTV" = MaxTV
"Media Player" = Media Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"Mozilla Thunderbird (3.1.3)" = Mozilla Thunderbird (3.1.3)
"Net Transport_is1" = Net Transport 1.94.282
"nLite_is1" = nLite 1.4
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Nvu_is1" = Nvu 1.0
"Orange WebTV Player_is1" = Orange WebTV Player 1.29418
"PDFZilla_is1" = PDFZilla V1.2.7
"Picasa 3" = Picasa 3
"Radio_Fr" = Radio Fr Solo 2.1
"RealPlayer 12.0" = RealPlayer
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.88
"RM Converter_is1" = RM Converter 4.12
"Sacred_is1" = Sacred
"SAGEM My Pictures And Sounds" = My Pictures And Sounds 7.15
"SAGEM USB-Serial" = SAGEM USB-Serial v2.0.2.1
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Download Driver" = SAMSUNG Mobile USB Download Driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Scribus 1.3.4" = Scribus 1.3.4
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Micro Scrabble
"SyncBack_is1" = SyncBack
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"Tripartite Traduction 1.4b" = Tripartite Traduction 1.4b
"Tweak-XP Pro 4" = Tweak-XP Pro 4
"UBCD4Win_is1" = UBCD4Win 3.50
"Unlocker" = Unlocker 1.8.7
"Video Fixer 3.23_is1" = Video Fixer 3.23
"Video mp3 Extractor_is1" = Video mp3 Extractor
"VLC media player" = VLC media player 1.1.3
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.4.5
"WinLiveSuite_Wave3" = Installation Windows Live

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"f031ef6ac137efc5" = Dell Driver Download Manager - 1
"GESTAN" = GESTAN

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16/09/2010 05:41:59 | Computer Name = LAMIE | Source = Userenv | ID = 1041
Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

Error - 16/09/2010 05:41:59 | Computer Name = LAMIE | Source = Userenv | ID = 1041
Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

Error - 16/09/2010 05:54:59 | Computer Name = LAMIE | Source = Userenv | ID = 1041
Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

Error - 16/09/2010 05:54:59 | Computer Name = LAMIE | Source = Userenv | ID = 1041
Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

Error - 16/09/2010 08:00:16 | Computer Name = LAMIE | Source = Userenv | ID = 1041
Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

Error - 16/09/2010 08:00:16 | Computer Name = LAMIE | Source = Userenv | ID = 1041
Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

Error - 16/09/2010 08:00:22 | Computer Name = LAMIE | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) DTV-DVB USB Hybrid Digital

Error - 16/09/2010 08:00:22 | Computer Name = LAMIE | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) M9205 TvTuner

Error - 16/09/2010 08:16:06 | Computer Name = LAMIE | Source = Userenv | ID = 1041
Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

Error - 16/09/2010 08:16:06 | Computer Name = LAMIE | Source = Userenv | ID = 1041
Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

[ System Events ]
Error - 16/09/2010 02:14:13 | Computer Name = LAMIE | Source = Service Control Manager | ID = 7023
Description = Le service HID Input Service s'est arrêté avec l'erreur : %%126

Error - 16/09/2010 02:14:13 | Computer Name = LAMIE | Source = Service Control Manager | ID = 7001
Description = Le service Pinnacle Systems Media Service dépend du service MSSQL$PINNACLESYS
qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 16/09/2010 02:14:13 | Computer Name = LAMIE | Source = Service Control Manager | ID = 7023
Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
%%126

Error - 16/09/2010 08:00:53 | Computer Name = LAMIE | Source = Service Control Manager | ID = 7023
Description = Le service HID Input Service s'est arrêté avec l'erreur : %%126

Error - 16/09/2010 08:00:53 | Computer Name = LAMIE | Source = Service Control Manager | ID = 7001
Description = Le service Pinnacle Systems Media Service dépend du service MSSQL$PINNACLESYS
qui n'a pas pu démarrer en raison de l'erreur : %%1058

Error - 16/09/2010 08:00:53 | Computer Name = LAMIE | Source = Service Control Manager | ID = 7023
Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
%%126

Error - 16/09/2010 08:54:24 | Computer Name = LAMIE | Source = Service Control Manager | ID = 7023
Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
%%126

Error - 16/09/2010 08:54:54 | Computer Name = LAMIE | Source = DCOM | ID = 10010
Description = Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 16/09/2010 08:55:33 | Computer Name = LAMIE | Source = Service Control Manager | ID = 7023
Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
%%126

Error - 16/09/2010 08:56:02 | Computer Name = LAMIE | Source = DCOM | ID = 10010
Description = Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

< End of report >

SkyTech · par **SkyTech** » 16 sept. 2010 22:44

Re,

Qu'est-ce qui t'a fait dire que tu es infecté ?

Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparaitra suite à l'opération que tu conserveras sur clé usb par exemple afin d'en coller le résultat:

:OTL
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll File not found
SRV - (SQLAgent$PINNACLESYS) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE File not found
SRV - (MSSQL$PINNACLESYS) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe File not found
DRV - (wanusb) D-Link DSL-200 USB ADSL Modem(WAN) -- E:\WINDOWS\System32\DRIVERS\gwausb.sys File not found
DRV - (DSDrv4) -- E:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys File not found
DRV - (catchme) -- E:\DOCUME~1\L'AMIE~1\LOCALS~1\Temp\catchme.sys File not found

* redemarre le pc sous windows et poste le rapport ici

---

Désinstalle via Ajout\Suppression de programmes :

EPSON Web-To-Page
getPlus(R) for Adobe
Ad-Aware SE Personal
Ad-Remover
DAEMON Tools Toolbar
LiveReg

Redémarre et poste un nouveau rapport OTL.

Sylvie67 · par **Sylvie67** » 16 sept. 2010 23:25

bonsoir,
voici le rapport :
:OTL
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll File not found
SRV - (SQLAgent$PINNACLESYS) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE File not found
SRV - (MSSQL$PINNACLESYS) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe File not found
DRV - (wanusb) D-Link DSL-200 USB ADSL Modem(WAN) -- E:\WINDOWS\System32\DRIVERS\gwausb.sys File not found
DRV - (DSDrv4) -- E:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys File not found
DRV - (catchme) -- E:\DOCUME~1\L'AMIE~1\LOCALS~1\Temp\catchme.sys File not found

Voici le dernier rapport otl

OTL logfile created on: 16/09/2010 23:13:28 - Run 2
OTL by OldTimer - Version 3.2.12.1 Folder = E:\Documents and Settings\Sylvie\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): E:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
Drive E: | 149,00 Gb Total Space | 34,79 Gb Free Space | 23,35% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 149,00 Gb Total Space | 34,79 Gb Free Space | 23,35% Space Free | Partition Type: *NT5CSC
Drive Y: | 149,00 Gb Total Space | 34,79 Gb Free Space | 23,35% Space Free | Partition Type: *NT5CSC

Computer Name: LAMIE
Current User Name: Sylvie
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - E:\Documents and Settings\Sylvie\Bureau\OTL.exe (OldTimer Tools)
PRC - E:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - E:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - E:\WINDOWS\system32\InstallVCOM.exe ()
PRC - E:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - E:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - E:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - E:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe (Acronis)
PRC - E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - E:\Program Files\DynDNS Updater\DynDNS.exe (Kana Solution)
PRC - E:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - E:\WINDOWS\system32\drivers\WtSrv.exe (Tablet Driver)
PRC - E:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - E:\WINDOWS\system32\E_S00RP2.EXE (SEIKO EPSON CORPORATION)

========== Modules (SafeList) ==========

MOD - E:\Documents and Settings\Sylvie\Bureau\OTL.exe (OldTimer Tools)
MOD - E:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (nosGetPlusHelper) getPlus(R) -- E:\Program Files\NOS\bin\getPlus_Helper_3004.dll File not found
SRV - (getPlusHelper) getPlus(R) -- E:\Program Files\NOS\bin\getPlus_Helper.dll File not found
SRV - (MatSvc) -- E:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
SRV - (NMSAccess) -- E:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (maconfservice) -- E:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (FsUsbExService) -- E:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (AntiVirService) -- E:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- E:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (ose) -- E:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ServiceLayer) -- E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (AcrSch2Svc) -- E:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe (Acronis)
SRV - (NMIndexingService) -- E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- E:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (Imapi Helper) -- E:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe (Alex Feinman)
SRV - (PinnacleSys.MediaServer) -- e:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe (Pinnacle Systems)
SRV - (WinTabService) -- E:\WINDOWS\System32\Drivers\WTSRV.EXE (Tablet Driver)
SRV - (EPSONStatusAgent2) -- E:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV2_02) EPSON V3 Service2(02) -- E:\WINDOWS\system32\E_S00RP2.EXE (SEIKO EPSON CORPORATION)

========== Driver Services (SafeList) ==========

DRV - (wanusb) D-Link DSL-200 USB ADSL Modem(WAN) -- E:\WINDOWS\System32\DRIVERS\gwausb.sys File not found
DRV - (nv) -- E:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (SSHDRV85) -- E:\WINDOWS\system32\drivers\SSHDRV85.sys ()
DRV - (portio) -- E:\WINDOWS\system32\drivers\throttle.sys (Windows (R) 2000 DDK provider)
DRV - (driverhardwarev2) -- E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (avgntflt) -- E:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (StarOpen) -- E:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (sptd) -- E:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (vmm) -- E:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation)
DRV - (ssmdrv) -- E:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- E:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- E:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (avgio) -- E:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (timounter) -- E:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- E:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- E:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (MPE) -- E:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (GcKernel) -- E:\WINDOWS\system32\drivers\gckernel.sys (Microsoft Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- E:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- E:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (pccsmcfd) -- E:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ssm_mdm) -- E:\WINDOWS\system32\drivers\ssm_mdm.sys (MCCI Corporation)
DRV - (ssm_mdfl) -- E:\WINDOWS\system32\drivers\ssm_mdfl.sys (MCCI Corporation)
DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- E:\WINDOWS\system32\drivers\ssm_bus.sys (MCCI Corporation)
DRV - (RTLWUSB) -- E:\WINDOWS\system32\drivers\RTL8187.sys (Realtek Semiconductor Corporation )
DRV - (RTL8187B) -- E:\WINDOWS\system32\drivers\wg111v3.sys (Realtek Semiconductor Corporation )
DRV - (speedfan) -- E:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (STHDA) -- E:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (bcm4sbxp) -- E:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (PCANDIS5) -- E:\WINDOWS\system32\pcandis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (DTV-DVBM9205) -- E:\WINDOWS\system32\drivers\M9205.sys ()
DRV - (M9207) -- E:\WINDOWS\system32\drivers\M9207BDA.sys ()
DRV - (TClass2k) -- E:\WINDOWS\system32\drivers\TClass2k.sys (Tablet Driver)
DRV - (Tablet2k) -- E:\WINDOWS\System32\Drivers\Tablet2k.sys (Windows (R) 2000 DDK provider)
DRV - (UCTblHid) -- E:\WINDOWS\system32\drivers\UCTblHid.sys (Tablet Driver)
DRV - (ser2pl) -- E:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (ASAPIW2k) -- E:\WINDOWS\system32\drivers\asapiW2k.sys (VOB Computersysteme GmbH)
DRV - (BANTExt) -- E:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (VPCNetS2) -- E:\WINDOWS\system32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (vnccom) -- E:\WINDOWS\system32\drivers\vnccom.SYS (RDV Soft)
DRV - (vncdrv) -- E:\WINDOWS\system32\drivers\vncdrv.sys (RDV Soft)
DRV - (PQNTDrv) -- E:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (HSFHWBS2) -- E:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- E:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- E:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (PCAMPR5) -- E:\WINDOWS\system32\pcampr5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (pctvvbi) -- E:\WINDOWS\system32\drivers\pctvvbi.sys (Pinnacle Systems)
DRV - (SWUSBFLT) -- E:\WINDOWS\system32\drivers\SWUSBFLT.SYS (Microsoft Corporation)
DRV - (HIDSwvd) -- E:\WINDOWS\system32\drivers\HIDSwvd.sys (Microsoft Corporation)
DRV - (MODEMCSA) -- E:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (giveio) -- E:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 56 89 7F 69 EA B8 C9 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2010/09/16 12:20:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2010/09/15 11:39:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: E:\Program Files\Mozilla Thunderbird\components [2010/09/08 13:15:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: E:\Program Files\Mozilla Thunderbird\plugins [2010/08/23 08:59:04 | 000,000,000 | ---D | M]

[2010/08/22 12:31:56 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Extensions
[2010/08/22 12:31:56 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/11/10 15:12:43 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Extensions\[email protected]
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] (Bandwidth Tester) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\{7C06F9C2-B0D0-47b4-93B8-116C919084BA}
[2008/10/29 05:29:54 | 000,000,000 | ---D | M] (Ma-config.com) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\[email protected]
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\[email protected]
[2007/11/25 18:30:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\0w9vht6i.default\extensions\fr-FR@dico_vazkor
[2009/12/07 19:11:53 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par dÃ©faut\extensions
[2009/12/07 19:11:53 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par dÃ©faut\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/09/16 23:11:02 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions
[2010/05/30 11:36:10 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/05/10 14:03:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/09 22:01:14 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}
[2009/06/09 13:06:08 | 000,000,000 | ---D | M] (IE Tab) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/02/15 09:58:10 | 000,000,000 | ---D | M] (Live HTTP Headers) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010/08/09 22:01:15 | 000,000,000 | ---D | M] (DownloadHelper) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/12/17 10:00:04 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
[2010/08/18 18:06:45 | 000,000,000 | ---D | M] (Adblock Plus) -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/25 12:28:09 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\[email protected]
[2010/02/07 14:52:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\[email protected]
[2010/09/10 09:16:05 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\ioff6tlv.Utilisateur par défaut\extensions\unplug@compunach
[2010/09/15 21:06:01 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions
[2010/05/17 10:04:09 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/12/07 19:27:24 | 000,072,960 | ---- | M] (Foxit Software Company) -- E:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/09/15 12:52:06 | 000,376,832 | ---- | M] ( ) -- E:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
[2010/08/25 02:40:16 | 000,001,516 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/08/25 02:40:16 | 000,001,822 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/25 02:40:16 | 000,000,757 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/08/25 02:40:16 | 000,001,426 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/08/25 02:40:16 | 000,000,956 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/09/15 00:22:38 | 000,000,791 | R--- | M]) - E:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (NTIECatcher Class) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll (Xi)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] E:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [InstallVCOM] E:\WINDOWS\system32\InstallVCOM.exe ()
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] E:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [DynDNS Updater] E:\Program Files\DynDNS Updater\DynDNS.exe (Kana Solution)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = E:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = E:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Télécharger avec NetTransport - E:\Program Files\Xi\NetTransport 2\NTAddLink.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - E:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - E:\Program Files\Xi\NetTransport 2\NTAddList.html ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.4.8.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 1360521921 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1356096968 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_9418.cab (FTMediaPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crl ... crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - E:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - E:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - E:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: E:\Documents and Settings\Sylvie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: E:\Documents and Settings\Sylvie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - E:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/16 23:09:33 | 000,000,000 | RH-D | C] -- E:\Documents and Settings\Sylvie\Recent
[2010/09/16 22:51:44 | 000,000,000 | ---D | C] -- E:\_OTL
[2010/09/16 15:35:37 | 000,575,488 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Sylvie\Bureau\OTL.exe
[2010/09/15 19:08:35 | 000,000,000 | -HSD | C] -- E:\RECYCLER
[2010/09/15 18:55:24 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Bureau\desinfection combo
[2010/09/15 18:54:55 | 000,000,000 | ---D | C] -- E:\WINDOWS\temp
[2010/09/15 08:31:31 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Bureau\backups
[2010/09/15 08:24:10 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- E:\Documents and Settings\Sylvie\Bureau\HiJacks.exe
[2010/09/13 18:05:18 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- E:\WINDOWS\System32\E_FLBCEE.DLL
[2010/09/13 18:05:18 | 000,078,848 | ---- | C] (SEIKO EPSON CORPORATION) -- E:\WINDOWS\System32\E_FD4BCEE.DLL
[2010/09/10 09:29:58 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Mes documents\Calendrier_V2.0.1
[2010/09/09 13:25:11 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Application Data\DVD Flick
[2010/09/09 13:24:50 | 000,036,864 | ---- | C] (Robdogg Inc.) -- E:\WINDOWS\System32\trayicon_handler.ocx
[2010/09/09 13:24:50 | 000,028,672 | ---- | C] (-) -- E:\WINDOWS\System32\mousewheel.ocx
[2010/09/09 13:24:49 | 000,212,240 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\richtx32.ocx
[2010/09/09 13:24:49 | 000,000,000 | ---D | C] -- E:\Program Files\DVD Flick
[2010/09/06 19:39:17 | 000,000,000 | ---D | C] -- E:\Program Files\Video mp3 Extractor
[2010/09/03 12:25:20 | 000,307,200 | ---- | C] (Koyote Soft - http://www.koyotesoft.com) -- E:\WINDOWS\System32\TubeFinder.exe
[2010/09/03 12:25:19 | 000,084,512 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\PICCLP32.OCX
[2010/09/03 12:25:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\PCCLPFR.DLL
[2010/09/03 12:25:18 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Application Data\FreeFLVConverter
[2010/09/03 12:25:18 | 000,000,000 | ---D | C] -- E:\Program Files\Free FLV Converter
[2010/09/03 12:20:27 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudDesign.dll
[2010/09/03 12:20:27 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudFile.dll
[2010/09/03 12:20:27 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudioInfos.dll
[2010/09/03 12:20:27 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudioVisu.dll
[2010/09/03 12:20:27 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudPlayer.dll
[2010/09/03 12:20:27 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudioRecord.dll
[2010/09/03 12:20:27 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\AudDisplay.dll
[2010/09/03 12:20:27 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- E:\WINDOWS\System32\WMAFile.dll
[2010/09/03 12:20:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\inetfr.DLL
[2010/09/03 12:20:24 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Application Data\FreeAudioPack
[2010/09/03 12:20:24 | 000,000,000 | ---D | C] -- E:\Program Files\Free Audio Pack
[2010/09/03 11:41:41 | 000,000,000 | ---D | C] -- E:\Program Files\HooTech WMA MP3 Converter
[2010/09/03 09:10:20 | 000,000,000 | ---D | C] -- E:\Program Files\ConvertHelper
[2010/09/02 11:04:05 | 000,000,000 | ---D | C] -- E:\Program Files\Photo Story 3 for Windows
[2010/09/02 09:48:41 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Mes documents\Exportations HTML Picasa
[2010/08/31 11:44:15 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Bureau\Rootkit
[2010/08/26 20:15:53 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Application Data\vlc
[2010/08/22 12:41:09 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Sylvie\Bureau\mélodie
[2009/05/12 19:27:31 | 000,061,440 | ---- | C] ( ) -- E:\WINDOWS\System32\vsnpstd3.dll
[2007/11/27 18:51:38 | 020,256,064 | ---- | C] (Apple Inc.) -- E:\Program Files\QuickTimeInstaller.exe
[2007/11/27 18:50:19 | 015,180,000 | ---- | C] ( ) -- E:\Program Files\gimp-2.4.2-i686-setup.exe
[2007/11/27 18:48:43 | 024,536,608 | ---- | C] ( ) -- E:\Program Files\AdbeRdr810_fr_FR.exe
[2007/11/25 19:28:28 | 002,725,528 | ---- | C] (Piriform Ltd) -- E:\Program Files\ccsetup202.exe
[2007/11/25 18:39:48 | 006,540,856 | ---- | C] (Mozilla) -- E:\Program Files\Thunderbird Setup 2.0.0.9.exe
[2007/11/25 18:19:31 | 005,837,392 | ---- | C] (Mozilla) -- E:\Program Files\Firefox Setup 2.0.0.9.exe
[1998/10/15 11:04:00 | 000,222,976 | ---- | C] (AXA) -- E:\Program Files\mssce.exe
[1998/10/15 11:04:00 | 000,037,136 | ---- | C] (Microsoft Corporation) -- E:\Program Files\regsvr32.exe
[1998/07/16 14:15:46 | 001,215,720 | ---- | C] (Microsoft Corporation) -- E:\Program Files\immc.exe
[3 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[2 E:\*.tmp files -> E:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/16 23:04:39 | 000,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT
[2010/09/16 23:04:30 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2010/09/16 23:03:47 | 016,252,928 | ---- | M] () -- E:\Documents and Settings\Sylvie\ntuser.dat
[2010/09/16 22:56:06 | 000,000,184 | -HS- | M] () -- E:\Documents and Settings\Sylvie\ntuser.ini
[2010/09/16 15:35:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Sylvie\Bureau\OTL.exe
[2010/09/16 09:00:00 | 000,000,464 | ---- | M] () -- E:\WINDOWS\tasks\SyncBack Mes documents.job
[2010/09/16 09:00:00 | 000,000,460 | ---- | M] () -- E:\WINDOWS\tasks\SyncBack thunderbird.job
[2010/09/16 09:00:00 | 000,000,452 | ---- | M] () -- E:\WINDOWS\tasks\SyncBack Pascale.job
[2010/09/16 09:00:00 | 000,000,450 | ---- | M] () -- E:\WINDOWS\tasks\SyncBack Bureau.job
[2010/09/15 18:51:19 | 000,000,227 | ---- | M] () -- E:\WINDOWS\system.ini
[2010/09/15 18:16:17 | 003,845,259 | R--- | M] () -- E:\Documents and Settings\Sylvie\Bureau\COIaF.exe
[2010/09/15 11:39:58 | 000,001,631 | ---- | M] () -- E:\Documents and Settings\Sylvie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/15 11:39:58 | 000,001,613 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/09/15 10:41:08 | 000,080,384 | ---- | M] () -- E:\Documents and Settings\Sylvie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/15 09:32:32 | 000,000,104 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Malekal's forum • VIRUS Aide Malwares (vers, trojans, spywares, hijack).URL
[2010/09/15 08:24:11 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- E:\Documents and Settings\Sylvie\Bureau\HiJacks.exe
[2010/09/14 16:53:54 | 000,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2010/09/14 16:44:47 | 000,000,116 | ---- | M] () -- E:\WINDOWS\NeroDigital.ini
[2010/09/13 18:06:08 | 000,000,676 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\EPSON Scan.lnk
[2010/09/10 09:29:44 | 000,033,280 | ---- | M] () -- E:\Documents and Settings\Sylvie\Mes documents\Calendrier_V2.0.1.zip
[2010/09/10 09:20:07 | 000,011,029 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\calendrier.odt
[2010/09/09 13:24:56 | 000,001,588 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\DVD Flick.lnk
[2010/09/09 10:41:40 | 026,626,605 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\jazz_manouche_le_poin_onneur_des_lillas.wmv
[2010/09/06 19:39:18 | 000,000,701 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Video mp3 Extractor.lnk
[2010/09/03 12:25:22 | 000,000,803 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Free FLV Converter.lnk
[2010/09/03 12:20:31 | 000,000,929 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Easy Audio Cutter.lnk
[2010/09/03 12:20:31 | 000,000,913 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Free CD Ripper.lnk
[2010/09/03 12:20:31 | 000,000,911 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Free Mp3 Wma Converter.lnk
[2010/09/03 11:42:33 | 001,597,022 | ---- | M] () -- E:\Documents and Settings\Sylvie\Mes documents\A_bicyclette.mp3
[2010/09/03 11:41:42 | 000,000,731 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\WMA MP3 Converter.lnk
[2010/08/30 09:29:48 | 000,001,489 | ---- | M] () -- E:\Documents and Settings\Sylvie\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2010/08/28 15:35:21 | 000,000,284 | ---- | M] () -- E:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/26 20:15:46 | 000,000,730 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/08/25 13:37:28 | 000,001,523 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Recuva.lnk
[2010/08/23 08:59:04 | 000,001,740 | ---- | M] () -- E:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/08/22 15:41:56 | 000,000,105 | ---- | M] () -- E:\Documents and Settings\Sylvie\Bureau\Comment analyser un rapport HijackThis.URL
[2010/08/19 08:45:07 | 000,248,696 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/18 22:48:41 | 001,136,990 | ---- | M] () -- E:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/18 22:48:41 | 000,531,488 | ---- | M] () -- E:\WINDOWS\System32\perfh00C.dat
[2010/08/18 22:48:41 | 000,461,124 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2010/08/18 22:48:41 | 000,093,836 | ---- | M] () -- E:\WINDOWS\System32\perfc00C.dat
[2010/08/18 22:48:41 | 000,080,176 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[3 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[2 E:\*.tmp files -> E:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/15 18:11:15 | 003,845,259 | R--- | C] () -- E:\Documents and Settings\Sylvie\Bureau\COIaF.exe
[2010/09/15 11:39:58 | 000,001,631 | ---- | C] () -- E:\Documents and Settings\Sylvie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/15 11:39:58 | 000,001,613 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/09/15 09:32:32 | 000,000,104 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Malekal's forum • VIRUS Aide Malwares (vers, trojans, spywares, hijack).URL
[2010/09/10 09:29:43 | 000,033,280 | ---- | C] () -- E:\Documents and Settings\Sylvie\Mes documents\Calendrier_V2.0.1.zip
[2010/09/10 09:20:07 | 000,011,029 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\calendrier.odt
[2010/09/09 13:24:56 | 000,001,588 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\DVD Flick.lnk
[2010/09/09 10:39:08 | 026,626,605 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\jazz_manouche_le_poin_onneur_des_lillas.wmv
[2010/09/06 19:39:18 | 000,000,701 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Video mp3 Extractor.lnk
[2010/09/03 12:25:22 | 000,000,803 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Free FLV Converter.lnk
[2010/09/03 12:25:19 | 000,364,544 | ---- | C] () -- E:\WINDOWS\System32\PropertyGrid.ocx
[2010/09/03 12:25:19 | 000,208,500 | ---- | C] () -- E:\WINDOWS\System32\ReyXpBasics.tlb
[2010/09/03 12:25:18 | 000,024,576 | ---- | C] () -- E:\WINDOWS\System32\ControlSubX.ocx
[2010/09/03 12:20:31 | 000,000,929 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Easy Audio Cutter.lnk
[2010/09/03 12:20:31 | 000,000,913 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Free CD Ripper.lnk
[2010/09/03 12:20:31 | 000,000,911 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Free Mp3 Wma Converter.lnk
[2010/09/03 12:20:27 | 000,116,296 | ---- | C] () -- E:\WINDOWS\System32\NCTWMAProfiles.prx
[2010/09/03 11:42:27 | 001,597,022 | ---- | C] () -- E:\Documents and Settings\Sylvie\Mes documents\A_bicyclette.mp3
[2010/09/03 11:41:42 | 000,000,731 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\WMA MP3 Converter.lnk
[2010/08/26 20:15:46 | 000,000,730 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/08/25 13:37:28 | 000,001,523 | ---- | C] () -- E:\Documents and Settings\All Users\Bureau\Recuva.lnk
[2010/08/22 15:41:56 | 000,000,105 | ---- | C] () -- E:\Documents and Settings\Sylvie\Bureau\Comment analyser un rapport HijackThis.URL
[2010/07/01 18:15:28 | 000,000,249 | ---- | C] () -- E:\WINDOWS\pdf2word.INI
[2010/06/22 18:11:15 | 000,001,297 | ---- | C] () -- E:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/06/15 15:13:33 | 000,000,016 | ---- | C] () -- E:\Documents and Settings\Sylvie\Application Data\qcopjv.dat
[2010/04/12 19:16:12 | 000,034,816 | ---- | C] () -- E:\WINDOWS\System32\ODMA32.DLL
[2010/03/25 18:22:07 | 000,078,848 | ---- | C] () -- E:\WINDOWS\System32\drivers\SSHDRV85.sys
[2010/02/28 23:14:18 | 000,000,000 | ---- | C] () -- E:\WINDOWS\darkstoneDemo.INI
[2010/01/13 10:50:49 | 000,178,176 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll
[2010/01/13 10:50:48 | 000,000,038 | ---- | C] () -- E:\WINDOWS\avisplitter.ini
[2010/01/13 10:50:46 | 000,881,664 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2010/01/13 10:50:46 | 000,205,824 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2010/01/13 10:50:45 | 003,596,288 | ---- | C] () -- E:\WINDOWS\System32\qt-dx331.dll
[2010/01/13 10:50:43 | 000,000,547 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/01/13 10:50:42 | 000,085,504 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll
[2010/01/08 15:47:27 | 000,138,752 | ---- | C] () -- E:\WINDOWS\System32\MASE32.DLL
[2010/01/08 15:47:27 | 000,057,856 | ---- | C] () -- E:\WINDOWS\System32\MASD32.DLL
[2010/01/08 15:47:26 | 000,196,096 | ---- | C] () -- E:\WINDOWS\System32\MACD32.DLL
[2010/01/08 15:47:26 | 000,136,192 | ---- | C] () -- E:\WINDOWS\System32\MAMC32.DLL
[2010/01/08 15:47:26 | 000,027,648 | ---- | C] () -- E:\WINDOWS\System32\MA32.DLL
[2010/01/08 15:47:06 | 000,484,352 | ---- | C] () -- E:\WINDOWS\System32\lame_enc.dll
[2009/12/22 19:17:09 | 000,110,592 | ---- | C] () -- E:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/12/22 19:17:09 | 000,036,608 | ---- | C] () -- E:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/12/22 19:17:00 | 000,002,528 | ---- | C] () -- E:\Documents and Settings\Sylvie\Application Data\$_hpcst$.hpc
[2009/09/14 16:52:56 | 000,000,754 | ---- | C] () -- E:\WINDOWS\WORDPAD.INI
[2009/07/09 14:07:46 | 000,000,862 | ---- | C] () -- E:\WINDOWS\posteriza.INI
[2009/05/12 19:29:20 | 000,031,831 | ---- | C] () -- E:\WINDOWS\unvpeye.ini
[2009/04/30 09:36:42 | 000,004,757 | ---- | C] () -- E:\WINDOWS\Irremote.ini
[2009/03/17 23:16:27 | 000,000,069 | ---- | C] () -- E:\WINDOWS\Listed.INI
[2009/01/31 11:54:58 | 000,000,029 | ---- | C] () -- E:\WINDOWS\DEBUGSM.INI
[2008/12/19 15:28:14 | 000,114,310 | ---- | C] () -- E:\Documents and Settings\Sylvie\Local Settings\Application Data\FASTWiz.log
[2008/08/01 16:26:08 | 000,000,097 | ---- | C] () -- E:\WINDOWS\System32\PICSDK.ini
[2008/08/01 16:22:22 | 000,000,025 | ---- | C] () -- E:\WINDOWS\CDE SX400DEFGIPS.ini
[2008/03/18 18:59:47 | 000,116,224 | ---- | C] () -- E:\WINDOWS\System32\pdfcmnnt.dll
[2008/03/18 17:09:51 | 000,000,043 | ---- | C] () -- E:\WINDOWS\gswin32.ini
[2008/02/01 11:59:45 | 000,000,532 | ---- | C] () -- E:\WINDOWS\MAXLINK.INI
[2008/01/31 14:46:03 | 000,000,109 | ---- | C] () -- E:\WINDOWS\cdplayer.ini
[2008/01/22 19:52:48 | 000,070,272 | ---- | C] () -- E:\WINDOWS\System32\drivers\M9205.sys
[2008/01/22 19:41:10 | 000,037,248 | R--- | C] () -- E:\WINDOWS\System32\drivers\M9207BDA.sys
[2008/01/21 22:21:51 | 000,069,632 | R--- | C] () -- E:\WINDOWS\System32\xmltok.dll
[2008/01/21 22:21:51 | 000,036,864 | R--- | C] () -- E:\WINDOWS\System32\xmlparse.dll
[2008/01/09 13:24:41 | 000,031,594 | ---- | C] () -- E:\Documents and Settings\Sylvie\Application Data\Valeurs séparées par une virgule (Windows).ADR
[2007/12/17 11:44:23 | 000,003,840 | ---- | C] () -- E:\WINDOWS\System32\drivers\BANTExt.sys
[2007/12/13 21:34:23 | 000,000,139 | ---- | C] () -- E:\WINDOWS\SIERRA.INI
[2007/12/01 22:29:03 | 000,001,755 | ---- | C] () -- E:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/12/01 21:57:54 | 000,000,116 | ---- | C] () -- E:\WINDOWS\NeroDigital.ini
[2007/11/29 15:16:19 | 000,001,208 | ---- | C] () -- E:\WINDOWS\Radio_Fr.ini
[2007/11/28 16:19:21 | 000,003,712 | ---- | C] () -- E:\WINDOWS\System32\fxsperf.ini
[2007/11/27 19:18:34 | 002,293,848 | ---- | C] () -- E:\Program Files\FLV PlayerFCSetup.exe
[2007/11/27 18:52:34 | 002,453,357 | ---- | C] () -- E:\Program Files\cartagogo_cartagogo_3.1.8_francais_11201.zip
[2007/11/27 12:44:23 | 000,000,616 | ---- | C] () -- E:\WINDOWS\ODBC.INI
[2007/11/27 12:44:23 | 000,000,011 | ---- | C] () -- E:\WINDOWS\exchng.ini
[2007/11/26 20:57:20 | 000,080,384 | ---- | C] () -- E:\Documents and Settings\Sylvie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/26 09:45:21 | 002,855,080 | ---- | C] () -- E:\Program Files\aawsepersonal.exe
[2007/11/25 18:11:03 | 017,521,856 | ---- | C] () -- E:\Program Files\setupfre.exe
[2007/11/25 17:57:46 | 000,286,720 | ---- | C] () -- E:\WINDOWS\System32\nvnt4cpl.dll
[2007/11/25 17:57:45 | 000,581,632 | ---- | C] () -- E:\WINDOWS\System32\nvhwvid.dll
[2007/11/25 17:21:34 | 000,000,142 | ---- | C] () -- E:\Documents and Settings\Sylvie\Local Settings\Application Data\fusioncache.dat
[2007/10/25 18:26:10 | 000,007,168 | ---- | C] () -- E:\WINDOWS\System32\drivers\StarOpen.sys
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelKorean.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelGerman.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelFrench.dll
[2005/12/20 15:41:15 | 000,020,480 | ---- | C] () -- E:\WINDOWS\System32\CPUINFO2.DLL
[2005/09/22 16:50:41 | 000,000,265 | ---- | C] () -- E:\WINDOWS\System32\oeminfo.ini
[2005/08/16 01:48:32 | 000,069,632 | ---- | C] () -- E:\WINDOWS\System32\PcHook.DLL
[2005/08/16 01:48:19 | 000,045,056 | ---- | C] () -- E:\WINDOWS\System32\ucinst32.dll
[2005/08/10 00:13:31 | 000,831,488 | ---- | C] () -- E:\WINDOWS\System32\libeay32.dll
[2005/08/10 00:13:31 | 000,159,744 | ---- | C] () -- E:\WINDOWS\System32\ssleay32.dll
[2004/08/10 09:30:16 | 000,185,856 | ---- | C] () -- E:\WINDOWS\System32\psisdecd.dll
[2001/06/24 11:32:44 | 000,172,032 | ---- | C] () -- E:\WINDOWS\japi2.dll
[2000/07/28 12:48:12 | 000,102,400 | ---- | C] () -- E:\WINDOWS\japi.dll
[1998/10/15 11:04:00 | 000,734,517 | ---- | C] () -- E:\Program Files\mssce.cab
[1998/10/15 11:04:00 | 000,011,830 | ---- | C] () -- E:\Program Files\readme.txt
[1998/10/15 11:04:00 | 000,008,219 | ---- | C] () -- E:\Program Files\setup.inf
[1998/10/15 11:04:00 | 000,001,462 | ---- | C] () -- E:\Program Files\scefiles.inf
[1998/10/15 11:04:00 | 000,000,267 | ---- | C] () -- E:\Program Files\scesetup.inf
[1997/08/29 01:00:00 | 000,022,016 | ---- | C] () -- E:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/29 01:00:00 | 000,012,288 | ---- | C] () -- E:\WINDOWS\System32\VAFR232.DLL
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- E:\WINDOWS\System32\giveio.sys
< End of report >

SkyTech · par **SkyTech** » 16 sept. 2010 23:37

Re,

SkyTech a écrit :Qu'est-ce qui t'a fait dire que tu es infecté ?

Sylvie67 a écrit :voici le rapport :
:OTL
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll File not found
SRV - (SQLAgent$PINNACLESYS) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE File not found
SRV - (MSSQL$PINNACLESYS) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe File not found
DRV - (wanusb) D-Link DSL-200 USB ADSL Modem(WAN) -- E:\WINDOWS\System32\DRIVERS\gwausb.sys File not found
DRV - (DSDrv4) -- E:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys File not found
DRV - (catchme) -- E:\DOCUME~1\L'AMIE~1\LOCALS~1\Temp\catchme.sys File not found

Euh non, ça c'est le script que je t'ai filé ;)

Poste le rapport.

---

Relance OTL -) Correction avec ce nouveau script :

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
DRV - (wanusb) D-Link DSL-200 USB ADSL Modem(WAN) -- E:\WINDOWS\System32\DRIVERS\gwausb.sys File not found
SRV - (nosGetPlusHelper) getPlus(R) -- E:\Program Files\NOS\bin\getPlus_Helper_3004.dll File not found
SRV - (getPlusHelper) getPlus(R) -- E:\Program Files\NOS\bin\getPlus_Helper.dll File not found

:commands
[purity]
[emptytemp]
[emptyflash]

Poste le rapport.

Malekal.com forum

[Résolu] pc infecté

[Résolu] pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté

Re: pc infecté