Se connecter / S'enregistrer
Votre question

Aidez moi svp, pub intempestives sur mon pc

Tags :
  • Fournisseurs d'accès
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Août 2011 21:01:55

Bonjour,
ca fait depuit pas mal de temps que j'ai du chopé un virus qui me fai aparaitre des pub et qui fai ramer mon pc. comment fair pour m'en debarrasser. aidez moi svp merci d'avance "resolu"

Autres pages sur : aidez svp pub intempestives

a c 549 8 Sécurité
5 Août 2011 22:38:26

Bonsoir,

(allez on pari sur Pctuto ? ... )


Pour voir :

Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche en haut la case devant "Tous les utilisateurs"
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    activex
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system64\*.dll /lockedfiles
    %systemroot%\syswow64\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system64\drivers\*.sys /lockedfiles
    %systemroot%\syswow64\drivers\*.sys /lockedfiles
    SAVEMBR:0
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    6 Août 2011 17:18:10

    merci de m'avoir repondu Hyunkel30. ben j'ai fais comme tu m'as di le scan ce termine bien mais malheureusement je n'ai pas de raport qui s'affiche a la fin, j'ai just ca dan "personnalisation" : %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system64\*.dll /lockedfiles
    %systemroot%\syswow64\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system64\drivers\*.sys /lockedfiles
    %systemroot%\syswow64\drivers\*.sys /lockedfiles
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    Contenus similaires
    6 Août 2011 17:22:45

    merci de m'avoir repondu Hyunkel30. ben j'ai fais comme tu m'as di le scan ce termine bien mais malheureusement je n'ai pas de raport qui s'affiche a la fin, j'ai just ca dan "personnalisation" : %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system64\*.dll /lockedfiles
    %systemroot%\syswow64\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system64\drivers\*.sys /lockedfiles
    %systemroot%\syswow64\drivers\*.sys /lockedfiles
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs

    a c 549 8 Sécurité
    6 Août 2011 18:57:08

    Re,

    Relis ma procédure calmement et attentivement s'il te plait, et évite de poster en double ;) 

    Tu dois coller le script puis cliquer sur "Analyse", est-ce que c'est vraiment ce que tu as fait ?
    6 Août 2011 19:01:56

    oui c bien ce que j'ai fait, sa scan tranquilement et quand ca me marque Scan terminé je recoi rien du tout
    a c 549 8 Sécurité
    6 Août 2011 19:08:22

    Re,

    Tu es sous Windows Vista ou 7 ? tu as bien pensé à le lancer en admin ? (clic droit -> exécuter en tant qu'admin)

    Regarde aussi s'il ne sont pas sur ton disque dur, généralement ici :

    C:\_OTL

    Doit y avoir un dossier log ou des fichiers nommé OTL.txt et extra.txt

    6 Août 2011 19:22:27

    je suis sous Windows xp, et la je susi entrain de chercher j'ai rien sur mon isque dur, qu'es ce que t'en pense chef
    6 Août 2011 20:01:38

    t'es là hyunkel ?
    a c 549 8 Sécurité
    6 Août 2011 21:56:19

    Re,

    on a tous une vie en dehors du forum, merci d'être patient.


    Relance OTL et ne colle aucun script, juste tu le lances et tu cliques sur "Analyse"

    Si pas mieux, tu supprimes puis tu télécharges une nouvelle version.


    Si toujours pas mieux, fais ceci :

    Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

  • Double-clique sur RSIT.exe pour l'exécuter.
  • Clique sur le bouton "Continue" sur la fenêtre d'avertissement.
  • Une fois le scan terminé, tu auras deux rapports qui seront ouverts : log.txt et info.txt (dans c:\rsit)
  • Poste les dans ta prochaine réponse s'il te plait

    Note : un rapport hijackthis est contenu dans le rapport log.txt

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    6 Août 2011 23:05:11

    ahhh super la ca a marché, donc le log c'est Logfile of random's system information tool 1.09 (written by random/random)
    Run by lotfi at 2011-08-06 22:57:37
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 14 GB (10%) free of 144 GB
    Total RAM: 511 MB (19% free)


    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\Maintenance en 1 clic.job
    C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1006.job
    C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1007.job
    C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1008.job
    C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2514637634-1640644918-1932016354-1006.job
    C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2514637634-1640644918-1932016354-1007.job
    C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2514637634-1640644918-1932016354-1008.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
    Objet d'aide à la navigation SFR - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll [2009-10-15 165184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-07-20 341600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{547395D9-934A-CED6-B851-F238C86079E5}]
    PremiereAdvertisingPlatform - C:\Program Files\PremiereAdvertisingPlatform\PremiereAdvertisingPlatform.dll [2009-07-16 156160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
    EoBho Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-27 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{918BC41A-9563-4522-B8CA-37AE5C51633A}]
    SiteActivationBHO Class - C:\PROGRA~1\LASUPE~1.3\SITEAC~1.DLL [2005-08-11 53248]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-15 814648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
    FDMIECookiesBHO Class - C:\Documents and Settings\All Users\Menu Démarrer\Free Download Manager\iefdm2.dll [2008-12-30 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-27 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-27 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} -
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe []
    "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe []
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-03-09 86016]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-09 7561216]
    "fenaffiche"=C:\Program Files\FenAffiche\FenPowernet.exe []
    "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
    "ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-03-04 88209]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-07-20 202256]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-06-23 39408]
    "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-10-15 959808]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adiras]
    C:\WINDOWS\adiras.exe [2004-01-28 1531904]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
    C:\DOCUME~1\lotfi\LOCALS~1\Temp\Rar$EX00.328\ares.exe -h []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\autoclk]
    C:\WINDOWS\autoclk.exe [2003-01-30 143360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bdnjktiao]
    c:\windows\system32\bdnjktiao.exe bdnjktiao []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    C:\Program Files\Ahead\InCD\InCD.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Instant Access]
    EGACCESS4_1058.dll,InstantAccess []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailSkinner]
    c:\program files\mailskinner\mailskinner.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MonsterEggs_FSetup.exe]
    C:\DOWNLO~1\MONSTE~1.EXE /r []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\MSN Messenger\msnmsgr.exe /background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
    C:\WINDOWS\system32\NeroCheck.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RestoreIT!]
    C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE VBStart []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-27 136600]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-06-23 39408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-07-20 202256]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Totocam]
    C:\PROGRA~1\ALLOCA~1\allocam.exe 1 []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe /VeohHide []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voipwise]
    C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe -nosplash -minimized []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
    C:\PROGRA~1\SYMANT~1\VPTray.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
    C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
    C:\PROGRA~1\Wanadoo\Watch.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wtpuedslfq]
    c:\windows\system32\wtpuedslfq.exe wtpuedslfq []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk]
    C:\PROGRA~1\SAGEM\SAGEMF~2\dslmon.exe [2004-02-26 962661]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "gusvc"=3
    "avast! Web Scanner"=3
    "avast! Mail Scanner"=3
    "avast! Antivirus"=2
    "aswUpdSv"=2

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=0x95000000

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Kazaa\kazaa.exe"="C:\Program Files\Kazaa\kazaa.exe:*:Enabled:Kazaa Media Desktop"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:D isabled:Internet Explorer"
    "C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
    "C:\Program Files\eMule2\emule.exe"="C:\Program Files\eMule2\emule.exe:*:Enabled:eMule"
    "C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:D ownload Accelerator Plus"
    "C:\Program Files\Paltalk Messenger\paltalk7.exe"="C:\Program Files\Paltalk Messenger\paltalk7.exe:*:D isabled:p altalk Messenger 7.0"
    "C:\WINDOWS\system32\P2P Networking\P2P Networking.exe"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe:*:Enabled:p 2P Networking"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe"="C:\Program Files\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe:*:Enabled:F-Secure Anti-Virus 2005"
    "C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\FlowService.exe"="C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\FlowService.exe:*:Enabled:SpyShooter 2006"
    "C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\Fp2006.exe"="C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\Fp2006.exe:*:Enabled:Spy Shooter 2006"
    "C:\Program Files\Allocam Multi Visio\allocam.exe"="C:\Program Files\Allocam Multi Visio\allocam.exe:*:D isabled:Multi Video"
    "C:\Program Files\Grisoft\AVG Free\avginet.exe"="C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
    "C:\Program Files\Grisoft\AVG Free\avgemc.exe"="C:\Program Files\Grisoft\AVG Free\avgemc.exe:*:Enabled:avgemc.exe"
    "C:\Documents and Settings\lotfi\Local Settings\Temp\Rar$EX00.328\ares.exe"="C:\Documents and Settings\lotfi\Local Settings\Temp\Rar$EX00.328\ares.exe:*:D isabled:Ares"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\efonica softphone\efonica.exe"="C:\Program Files\efonica softphone\efonica.exe:*:D isabled:efonica softphone"
    "C:\Program Files\Rockstar Games\Midnight Club II\mc2.exe"="C:\Program Files\Rockstar Games\Midnight Club II\mc2.exe:*:Enabled:mc2"
    "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe"="C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise"
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:D isabled:Veoh Client"
    "C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "midimapper"=midimap.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msadpcm"=msadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.trspch"=tssoft32.acm
    "VIDC.I420"=msh263.drv
    "VIDC.IYUV"=iyuv_32.dll
    "VIDC.UYVY"=msyuv.dll
    "VIDC.YUY2"=msyuv.dll
    "VIDC.YVYU"=msyuv.dll
    "wavemapper"=msacm32.drv
    "midi"=wdmaud.drv
    "msacm.msg723"=msg723.acm
    "vidc.M263"=msh263.drv
    "vidc.M261"=msh261.drv
    "msacm.msaudio1"=msaud32.acm
    "msacm.sl_anet"=sl_anet.acm
    "msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
    "msacm.iac2"=C:\WINDOWS\SYSTEM32\IAC25_32.AX
    "vidc.iv50"=ir50_32.dll
    "wave"=serwvdrv.dll
    "wave2"=serwvdrv.dll
    "wave3"=serwvdrv.dll
    "wave4"=serwvdrv.dll
    "wave5"=serwvdrv.dll
    "wave6"=serwvdrv.dll
    "wave7"=serwvdrv.dll
    "wave8"=serwvdrv.dll
    "wave9"=serwvdrv.dll
    "VIDC.YVU9"=tsbyuv.dll
    "MSVideo8"=VfWWDM32.dll
    "msacm.siren"=sirenacm.dll
    "midi1"=wdmaud.drv
    "mixer"=wdmaud.drv
    "vidc.DIVX"=DivX.dll
    "vidc.yv12"=DivX.dll
    "wave1"=wdmaud.drv
    "midi2"=wdmaud.drv
    "mixer1"=wdmaud.drv

    ======File associations======

    .exe - open - "C:\Documents and Settings\lotfi\Local Settings\Application Data\ave.exe" /START "%1" %*

    ======List of files/folders created in the last 1 month======

    2011-08-06 22:57:42 ----D---- C:\Program Files\trend micro
    2011-08-06 22:57:37 ----D---- C:\rsit
    2011-07-14 00:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
    2011-07-13 23:57:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$

    ======List of files/folders modified in the last 1 month======

    2011-08-06 22:57:42 ----RD---- C:\Program Files
    2011-08-06 22:56:54 ----D---- C:\WINDOWS\Prefetch
    2011-08-06 19:20:53 ----D---- C:\WINDOWS\Temp
    2011-08-06 16:25:29 ----SD---- C:\WINDOWS\Tasks
    2011-08-05 23:46:02 ----A---- C:\WINDOWS\SchedLgU.Txt
    2011-08-02 03:10:13 ----SHD---- C:\WINDOWS\Installer
    2011-07-29 12:53:54 ----SHD---- C:\Config.Msi
    2011-07-28 22:54:14 ----D---- C:\WINDOWS\Minidump
    2011-07-28 22:54:14 ----D---- C:\WINDOWS
    2011-07-17 16:04:28 ----D---- C:\WINDOWS\system32\CatRoot2
    2011-07-14 02:54:53 ----D---- C:\WINDOWS\system32
    2011-07-14 00:07:28 ----HD---- C:\WINDOWS\inf
    2011-07-14 00:07:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2011-07-13 23:59:26 ----A---- C:\WINDOWS\system32\MRT.exe
    2011-07-13 23:58:25 ----A---- C:\WINDOWS\imsins.BAK
    2011-07-13 11:34:49 ----HD---- C:\WINDOWS\$hf_mig$

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 ohci1394;Contrôleur hôte compatible IEE 1394 VIA OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
    R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
    R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
    R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-11-30 43528]
    R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
    R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-02 27904]
    R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 9728]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-06-02 75096]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16512]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
    R2 X4HSX32;X4HSX32; \??\C:\Program Files\Player Metaboli\X4HSX32.Sys []
    R2 X4HSX32Ex;X4HSX32Ex; \??\C:\Program Files\Player Metaboli\X4HSX32Ex.Sys []
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2005-03-04 1066278]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-26 1372992]
    R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-09 3650368]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2003-08-04 6912]
    R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-08-04 11392]
    S3 Aspi;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys []
    S3 AVWLP_USB;WLAN PRISM USB Driver; C:\WINDOWS\System32\DRIVERS\AVWLPUSB.sys []
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; C:\WINDOWS\System32\DRIVERS\usbiad.sys [2004-07-14 31547]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
    S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys []
    S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-27 152984]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-01-08 66872]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    S2 BackWeb Plug-in - 4476822;F-Secure Anti-Virus 2005; C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE []
    S2 fsbwsys;fsbwsys; C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe []
    S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-26 135664]
    S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-09 143436]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
    S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-26 135664]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2011-07-03 311416]
    S3 NipSvc;Norman API-hooking helper; C:\Norman\Nvc\BIN\nipsvc.exe []
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-23 182768]
    S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    6 Août 2011 23:10:52

    ET INFO C'EST info.txt logfile of random's system information tool 1.09 2011-08-06 22:58:08

    ======Uninstall list======

    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
    Adobe Reader 8.1.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Agere Systems PCI Soft Modem-->agrsmdel
    Aménophis-->C:\Remote Programs\Amenophis\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=262354;name=Aménophis;dir=C:\Remote Programs\Amenophis\;prvid=200;cmdid=1;prvdir=Default
    Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
    Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]-->C:\WINDOWS\$NtUninstallKB885492$\spuninst\spuninst.exe
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
    Creative Modem Blaster V.92 DI5733-1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1C0717C-546A-11D7-9963-00A0C92C4EC3}\Setup.exe" -l0x40c /remove
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"
    Empty Temp Folders 2.8.3-->C:\Program Files\Empty Temp Folders 2.8.3\uninstall.exe
    eMule-->"C:\Program Files\eMule2\Uninstall.exe"
    EVEREST Ultimate Edition v4.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
    Free Audio CD Burner version 1.2-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
    Free Download Manager 3.0-->"C:\Documents and Settings\All Users\Menu Démarrer\Free Download Manager\unins000.exe"
    Free YouTube to MP3 Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
    FreebieSMS-->MsiExec.exe /I{7E70ED5B-DA34-428E-8D51-9BF79D197B81}
    Galerie de photos Windows Live-->MsiExec.exe /X{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    IC Card Reader Driver v1.9e-->C:\WINDOWS\iun6002.exe "C:\Program Files\IC\Card Reader Driver v1.9e\irunin.ini"
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
    La Super Barre V.3.3-->regsvr32 /u /s "C:\Program Files\La Super Barre V.3.3\super-barre3.3.dll"
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LimeWire 5.1.2-->"C:\Program Files\LimeWire\uninstall.exe"
    livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
    Ma-Config.com-->MsiExec.exe /X{9E63B65D-B380-4471-9B2A-5A9588345903}
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
    Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
    Nero Media Player-->C:\WINDOWS\UNNMP.exe /UNINSTALL
    Nuclear Coffee - VideoGet-->"C:\VideoGet\unins000.exe"
    NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    Player Metaboli-->"C:\Program Files\Player Metaboli\Uninstall.exe"
    PlayMP3z-->C:\Program Files\PlayMP3z\uninstall.exe uninstall=playmp3z
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    PremiereAdvertisingPlatform-->C:\Program Files\PremiereAdvertisingPlatform\uninstall.exe uninstall=premiereadvertisingplatform
    Prince of Persia T2T-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D6782F44-58DB-4DE5-A65C-890320CF3F99}\setup.exe" -l0x40c
    QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
    RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
    SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Serious Sam: The First Encounter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll<UNINSTALL_CMD>
    SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
    Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    Software Informer 1.0 BETA-->"C:\Program Files\Software Informer\unins000.exe"
    Sony Ericsson Image Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05E9F134-07C9-4249-9B80-EE5D975F201B}\setup.exe" -l0x40c -l040c --remove=y
    Sony Ericsson MMS Home Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9462C4AD-D6C4-4365-B4AD-BFE0B1E216C3}\setup.exe" -l0x40c -l040c --remove=y
    Uninstall 1.0.0.1-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    USB MODEM Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{042E2C9D-6647-4C5F-9CEF-387D72023128}\setup.exe" -l0x9 UNINSTALL
    VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
    VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
    Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504}
    Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
    Windows Live Contrôle parental-->MsiExec.exe /X{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
    Windows Live FolderShare-->MsiExec.exe /X{76810709-A7D3-468D-9167-A1780C1E766C}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B}
    Windows Live Toolbar-->MsiExec.exe /X{9D6524E6-15CF-4852-BF70-04FE973A3DE1}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    ======Security center information======

    AV: Avira AntiVir PersonalEdition Classic (disabled)

    ======System event log======

    Computer Name: HASSOUNE_LOTFI
    Event Code: 7000
    Message: Le service fsbwsys n'a pas pu démarrer en raison de l'erreur :
    Le chemin d'accès spécifié est introuvable.


    Record Number: 8868
    Source Name: Service Control Manager
    Time Written: 20110623091028.000000+120
    Event Type: erreur
    User:

    Computer Name: HASSOUNE_LOTFI
    Event Code: 7000
    Message: Le service F-Secure Anti-Virus 2005 n'a pas pu démarrer en raison de l'erreur :
    Le chemin d'accès spécifié est introuvable.


    Record Number: 8867
    Source Name: Service Control Manager
    Time Written: 20110623091028.000000+120
    Event Type: erreur
    User:

    Computer Name: HASSOUNE_LOTFI
    Event Code: 17
    Message: AVGNTFLT successfully loaded

    Record Number: 8866
    Source Name: avgntflt
    Time Written: 20110623091015.000000+120
    Event Type: Informations
    User:

    Computer Name: HASSOUNE_LOTFI
    Event Code: 6005
    Message: Le service d'Enregistrement d'événement a démarré.

    Record Number: 8865
    Source Name: EventLog
    Time Written: 20110623090956.000000+120
    Event Type: Informations
    User:

    Computer Name: HASSOUNE_LOTFI
    Event Code: 6009
    Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

    Record Number: 8864
    Source Name: EventLog
    Time Written: 20110623090956.000000+120
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: HASSOUNE_LOTFI
    Event Code: 4099
    Message: Échec de l'ouverture de services.

    Record Number: 5
    Source Name: WmiAdapter
    Time Written: 20110720111508.000000+120
    Event Type: erreur
    User: BUILTIN\Administrateurs

    Computer Name: HASSOUNE_LOTFI
    Event Code: 4096
    Message: Le service AntiVir a bien démarré!

    Record Number: 4
    Source Name: Avira AntiVir
    Time Written: 20110720111435.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: HASSOUNE_LOTFI
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 3
    Source Name: SecurityCenter
    Time Written: 20110720111421.000000+120
    Event Type: Informations
    User:

    Computer Name: HASSOUNE_LOTFI
    Event Code: 0
    Message: Service started

    Record Number: 2
    Source Name: SeaPort
    Time Written: 20110720111408.000000+120
    Event Type: Informations
    User:

    Computer Name: HASSOUNE_LOTFI
    Event Code: 0
    Message:
    Record Number: 1
    Source Name: gupdate
    Time Written: 20110720111401.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Sonic\MyDVD;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
    "PROCESSOR_REVISION"=0304
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    a c 549 8 Sécurité
    7 Août 2011 10:51:21

    Re,

    Mama, navipromo t'es allé nous le chercher loin lui on le voit presque plus ... et quelques autres adware ... plus d'autres infections ...

    Tu es chez Orange ou Neuf/SFR ? tu as les deux logiciel d'installé, faudrait viré celui qui te sert plus ...


    1) Désinstalle ces programmes (via "ajout/suppression des programmes", si présent) :

    - Adobe Acrobat 5.0 (extrêmement vulnérable, trop vieux)
    - Empty Temp Folders 2.8.3 (inutile, Ccleaner le fait)
    - Java(TM) 6 Update 7 (version obsolète, vulnérable)
    - Java(TM) SE Runtime Environment 6 Update 1 (idem)
    - La Super Barre V.3.3 (sauf réelle utilité, contient des fonctions de tracabilité)
    - PlayMP3z (c'est lui qui a installé une partie des logiciel publicitaire en sponsor)
    - PremiereAdvertisingPlatform (adware : logiciel publicitaire)
    - Uninstall 1.0.0.1 (lié à un adware)


    2) Télécharge Navilog1 (de Il Mafioso) sur le bureau.

  • Double clique sur Navilog1.exe pour lancer l'installation.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le Bureau).

    Ferme tous les autres programmes et fenêtres actives.

    /!\ Désactive tes protections résidentes : antivirus, anti-spyware /!\

    Une fois au menu principal, choisi l'option 2 et valide.

  • Lorsque cela te sera demandé, appuie sur une touche.
  • Le pc va redémarrer, laisse-le faire (s'il ne le fait pas automatiquement, redémarre manuellement)
  • Au démarrage lance ta session habituelle.
  • Le bureau restera vide, c'est normal, patiente jusqu'à avoir le message "nettoyage terminée le ..."
  • Le bloc-note va s'ouvrir, sauvegarde le rapport sur le bureau et ferme-le.

    note : Si le bureau ne réapparait pas, relance le processus explorer via le gestionnaire des tâches : Fichier -> nouvelle tâche -> explorer

    /!\ N'oublie pas de réactiver tes protections résidentes /!\

    Copie-colle moi le rapport sauvé dans ta prochaine réponse.


    3) Télécharge OTM (de OldTimer) sur le bureau.

  • Double-clique sur OTM pour le lancer.
  • Copie/colle le contenu du cadre ci dessous dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved.


    :Reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{547395D9-934A-CED6-B851-F238C86079E5}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{918BC41A-9563-4522-B8CA-37AE5C51633A}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {CC8C8F4F-F2E8-404B-A43D-5CC57876A008}=-
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "fenaffiche"=-
    "ccApp"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bdnjktiao]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Instant Access]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailSkinner]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wtpuedslfq]
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\FlowService.exe"=-
    "C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\Fp2006.exe"=-
    "C:\Program Files\Grisoft\AVG Free\avginet.exe"=-
    "C:\Program Files\Grisoft\AVG Free\avgemc.exe"=-
    "C:\Documents and Settings\lotfi\Local Settings\Temp\Rar$EX00.328\ares.exe"=-

    :Files
    C:\Program Files\PremiereAdvertisingPlatform
    C:\Program Files\EoRezo
    C:\Program Files\La Super Barre V.3.3
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\FenAffiche
    c:\windows\system32\bdnjktiao.exe
    c:\program files\mailskinner
    C:\program Files\Wanadoo
    c:\windows\system32\wtpuedslfq.exe
    C:\Program Files\CheckFlow
    C:\Program Files\Grisoft
    C:\Documents and Settings\lotfi\Local Settings\Application Data\ave.exe

    :Commands
    [purity]
    [emptytemp]
    [emptyflash]


  • Clique sur MoveIt! pour lancer la suppression.
  • Copie le contenu de la fenêtre de résultat et poste le sur le forum.
  • Quitte OTM

    Note : Si un fichier ou dossier ne peut être supprimé immédiatement, le pc demandera à redémarrer, accepte en cliquant sur OK. Dans ce cas, après redémarrage, ouvre le fichier .log le plus récent dans le dossier C:\_OTM\MovedFiles et poste son contenu.


    4) Télécharge MalwareByte's Anti-Malware :

  • Installe le programme (aide ici)
  • Lance-le et met à jour la base de définition.

  • Choisi ensuite "Exécuter un examen complet" puis "Rechercher"
  • Sélectionne les disques dur et clique sur "Lancer l'examen"
  • Laisse l'analyse se faire (cela peut durer longtemps).
  • A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).
  • Puis clique sur "Supprimer la sélection" en bas.
  • Un redémarrage peut être nécessaire.

  • Un rapport va s'afficher, enregistre-le sur ton bureau.
  • ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"



    Il me faudra donc dans ta prochaine réponse :
    - Le rapport Navilog
    - Le rapport OTM
    - Le rapport Malwrebyte's
    7 Août 2011 16:17:59

    salut chef,

    voila j'ai fait comme tu ma demandé il me reste plu que le dernier rapport que je t'envoi dan 5 min. pour le rapport NAVILOG1:


    Fix Navipromo version 4.1.0 commencé le 07/08/2011 15:33:03,06

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\navilog1

    Mise à jour le 20.04.2011 à 09h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : lotfi ( Administrator )
    BOOT : Normal boot

    Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)


    C:\ (Local Disk) - NTFS - Total:140 Go (Free:14 Go)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    C:\WINDOWS\msskinner supprimé !
    C:\Program Files\Mailskinner supprimé !
    C:\WINDOWS\Downloaded Program Files\egaccess4.inf supprimé !
    C:\WINDOWS\Downloaded Program Files\EGDACCESS.inf supprimé !
    C:\WINDOWS\Downloaded Program Files\EGDACCESS_ASPIV4.inf supprimé !
    C:\WINDOWS\tmlpcert2007 supprimé !
    C:\WINDOWS\system32\backgrd.jpg supprimé !
    C:\WINDOWS\system32\bdnjktiao.dat supprimé !
    C:\WINDOWS\system32\bdnjktiao_nav.dat supprimé !
    C:\WINDOWS\system32\wtpuedslfq.dat supprimé !
    C:\WINDOWS\system32\wtpuedslfq_nav.dat supprimé !


    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\lotfi\locals~1\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok
    7 Août 2011 16:22:12

    pour le rapport OTM :




    All processes killed
    ========== REGISTRY ==========
    Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{547395D9-934A-CED6-B851-F238C86079E5}\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{547395D9-934A-CED6-B851-F238C86079E5}\ not found.
    Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ not found.
    Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{918BC41A-9563-4522-B8CA-37AE5C51633A}\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{918BC41A-9563-4522-B8CA-37AE5C51633A}\ not found.
    Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC8C8F4F-F2E8-404B-A43D-5CC57876A008} scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC8C8F4F-F2E8-404B-A43D-5CC57876A008}\ not found.
    Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fenaffiche scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ccApp scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bdnjktiao\ not found.
    Registry delete failed. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Instant Access\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailSkinner\ not found.
    Registry delete failed. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH\ scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wtpuedslfq\ not found.
    Registry delete failed. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\FlowService.exe scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\Fp2006.exe scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\Grisoft\AVG Free\avginet.exe scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\Grisoft\AVG Free\avgemc.exe scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Registry delete failed. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\lotfi\Local Settings\Temp\Rar$EX00.328\ares.exe scheduled to be deleted on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    ========== FILES ==========
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Folder move failed. C:\Program Files\PremiereAdvertisingPlatform scheduled to be moved on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Folder move failed. C:\Program Files\EoRezo\EoAdv scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\EoRezo scheduled to be moved on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Folder move failed. C:\Program Files\La Super Barre V.3.3\Cache scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\La Super Barre V.3.3 scheduled to be moved on reboot.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\tmp5e68.tmp scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\tmp5a47.tmp scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\TextHub scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\incoming scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\BinHub scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20090124.006 scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared scheduled to be moved on reboot.
    File/Folder C:\Program Files\FenAffiche not found.
    File/Folder c:\windows\system32\bdnjktiao.exe not found.
    File/Folder c:\program files\mailskinner not found.
    File/Folder C:\program Files\Wanadoo not found.
    File/Folder c:\windows\system32\wtpuedslfq.exe not found.
    File/Folder C:\Program Files\CheckFlow not found.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Folder move failed. C:\Program Files\Grisoft\AVG7 scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Grisoft\AVG Free scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Grisoft scheduled to be moved on reboot.
    File/Folder C:\Documents and Settings\lotfi\Local Settings\Application Data\ave.exe not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur

    User: Administrateur.HASSOUNE_LOTFI

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    ->Temporary Internet Files folder emptied: 32902 bytes

    User: LocalService

    User: lotfi

    User: NetworkService

    User: Propriétaire

    User: RACHID

    User: YASSINE

    %systemdrive% .tmp files removed: 0 bytes
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    %systemroot% .tmp files removed: 109681 bytes
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    Unable to create HKLM\Software\OldTimer Tools\OTM key.
    %systemroot%\System32 .tmp files removed: 26547418 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 25,00 mb


    OTM by OldTimer - Version 3.1.18.0 log created on 08072011_160522
    a c 549 8 Sécurité
    7 Août 2011 17:43:36

    Re,

    Il manque le rapport Malwarebyte's.


    Ensuite, quelque chose à empêché un des outils de travailler, on va essayer autrement :


    Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche en haut la case devant "Tous les utilisateurs"
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    activex
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    SAVEMBR:0
    hklm\software\clients\startmenuinternet|command /rs
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    7 Août 2011 19:23:00

    ok chef, mai il y'a toujours le scan de Malwarebytes qui es en cours donc j'attend qu'il finise ( ca fait deja 3h qu'il scan waw c long). juste un truk, qund je veut rentré dan ajout/suppression des programmes ca me met un mesage d'erreur "application introuvable", d'ailleur ca me le met pour tout les logiciel quand je veut y entrer sauf quand j'y entre part "executer en tant que..." je sais pas si c'est un virus ou quelque chose qui c'est déreglé
    a c 549 8 Sécurité
    7 Août 2011 19:25:59

    Re,

    Oui c’est possible qu'en plus de tous cela une des infections est déréglée les associations de fichiers ... il est pourris ton pc !
    Non sans blague, vous faite un peu attention ou quoi ?

    Malwarebyte's devrait réparer ça, sinon je le verrais sur le rapport OTL et on réparera.
    7 Août 2011 19:32:10

    OTL c'été pas le logiciel qui me sorté pas de raport a la fin ?
    a c 549 8 Sécurité
    7 Août 2011 19:43:37

    Re,

    Si mais on a nettoyé des trucs depuis, alors il peut fonctionner maintenant.
    7 Août 2011 19:47:47

    t'es vraiment un bon toi, juste une petite question comment t'a fait pour connaitre tout ca ?
    a c 549 8 Sécurité
    7 Août 2011 21:38:14

    Re,

    Une passion comme une autre ... ;) 

    J'attends toujours les rapports.

    [:_tom_:7]
    8 Août 2011 15:46:53

    salut chef,

    Voila enfin le rapport Malwarebytes:







    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Version de la base de données: 7401

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.11

    08/08/2011 05:08:00
    mbam-log-2011-08-08 (05-08-00).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 265124
    Temps écoulé: 7 heure(s), 43 minute(s), 25 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 22
    Valeur(s) du Registre infectée(s): 4
    Elément(s) de données du Registre infecté(s): 5
    Dossier(s) infecté(s): 14
    Fichier(s) infecté(s): 108

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    c:\program files\premiereadvertisingplatform\premiereadvertisingplatform.dll (Adware.Adrotator) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{547395D9-934A-CED6-B851-F238C86079E5} (Adware.Adrotator) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{338BFB9A-EA66-7554-FB44-DF75BA3936AC} (Adware.Adrotator) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1CAC32C4-1D91-9430-9EFD-947861EB3B39} (Adware.Adrotator) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\PremiereAdvertisingPlatform.PremiereAdvertisingPlatform.1 (Adware.Adrotator) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{547395D9-934A-CED6-B851-F238C86079E5} (Adware.Adrotator) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{547395D9-934A-CED6-B851-F238C86079E5} (Adware.Adrotator) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{418D86BE-7386-4F1A-83E0-53604ADBDA74} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2481ED1-9896-4D49-AE90-69858DFDE446} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} (Adware.MywaySearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Adware.ISTBar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C559105-9ECF-42B8-B3F7-832E75EDD959} (Adware.ISTBar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\PremiereAdvertisingPlatform.DLL (Adware.PlayMP3z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\PremiereAdvertisingPlatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PremiereAdvertisingPlatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} (Adware.MywaySearch) -> Value: {0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} (Adware.MywaySearch) -> Value: {0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Value: (default) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Value: (default) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\lotfi\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    c:\program files\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    c:\program files\EoRezo\EoAdv (Rogue.Eorezo) -> Quarantined and deleted successfully.
    c:\program files\MyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    c:\program files\premiereadvertisingplatform (Adware.PlayMP3z) -> Delete on reboot.
    c:\documents and settings\lotfi\menu démarrer\programmes\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\menu démarrer\programmes\kit de connexion hot (Trojan.PornDialer) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\db (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eodesktop (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo (Adware.EoRezo) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    c:\program files\premiereadvertisingplatform\premiereadvertisingplatform.dll (Adware.Adrotator) -> Delete on reboot.
    c:\documents and settings\RACHID\local settings\Temp\{1bb22d38-a411-4b13-a746-c2a4f4ec7344}\searchguardplus.exe (PUP.Fbsearch) -> Not selected for removal.
    c:\documents and settings\RACHID\local settings\Temp\{1bb22d38-a411-4b13-a746-c2a4f4ec7344}\update.exe (PUP.Fbsearch) -> Not selected for removal.
    c:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\program files\EoRezo\EoAdv\eoAdv.url (Rogue.Eorezo) -> Quarantined and deleted successfully.
    c:\program files\EoRezo\EoAdv\eorezobho.old (Rogue.Eorezo) -> Quarantined and deleted successfully.
    c:\program files\PlayMP3z\PlayMP3.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    c:\program files\PlayMP3z\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    c:\program files\premiereadvertisingplatform\uninstall.exe (Adware.PlayMP3z) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\menu démarrer\programmes\PlayMP3z\run playmp3z.pif (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\cmhost.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather.cfg (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\host.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\db\cat.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eodesktop\config.xml (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eodesktop\eodesktop.html (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eodesktop\userconfig.xml (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\eoweatherval_02ec282.cfg (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\background_1.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\earth.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\67_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\67_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\69_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\69_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\70_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\70_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\78_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\78_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\82_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\82_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\83_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\83_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\84_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\84_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\85_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\85_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\89_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\89_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\back.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\background.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\fonds_écran.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\help.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\helppressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\minimise.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\minimisepressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\next.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\nextpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\option.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\optionpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\reflet_ecran.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\small_background.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\Thumbs.db (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\background_1days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\background_2days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\background_7days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\backpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\band.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\band_small.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\close.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\closepressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\dayprevisionbackground.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_classic\dayprevisionclose.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\67_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\67_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\69_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\69_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\70_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\70_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\78_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\78_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\82_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\82_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\83_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\83_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\84_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\84_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\85_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\85_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\89_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\89_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\about.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\back.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\background.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\background_1.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\background_1days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\background_2days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\background_7days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\backpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\close.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\closepressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\dayprevisionbackground.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\dayprevisionclose.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\earth.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\fonds_écran.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\help.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\helppressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\minimise.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\minimisepressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\next.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\nextpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\option.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\optionpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\reflet_ecran.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\Thumbs.db (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\lotfi\application data\EoRezo\eoweather\images_station_meteo\txt_14x13.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    8 Août 2011 16:30:42

    Yes j'ai reussi a avoir les rapports de OTL voila pour OTL.Txt:



    OTL logfile created on: 08/08/2011 15:17:32 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\lotfi\Bureau
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.11)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    511,48 Mb Total Physical Memory | 242,40 Mb Available Physical Memory | 47,39% Memory free
    1,22 Gb Paging File | 0,74 Gb Available in Paging File | 60,39% Paging File free
    Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 140,77 Gb Total Space | 21,48 Gb Free Space | 15,26% Space Free | Partition Type: NTFS

    Computer Name: HASSOUNE_LOTFI | User Name: lotfi | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/08/06 16:40:35 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lotfi\Bureau\OTL.exe
    PRC - [2010/07/20 18:07:55 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    PRC - [2009/10/15 10:53:54 | 000,959,808 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe
    PRC - [2008/10/15 14:31:25 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    PRC - [2008/10/15 14:29:28 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    PRC - [2008/06/12 14:28:40 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007/09/25 19:27:50 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/08/06 16:40:35 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lotfi\Bureau\OTL.exe
    MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- -- (NipSvc)
    SRV - File not found [On_Demand | Stopped] -- -- (IDriverT)
    SRV - File not found [Disabled | Stopped] -- -- (HidServ)
    SRV - File not found [Auto | Stopped] -- -- (fsbwsys)
    SRV - File not found [Auto | Stopped] -- -- (BackWeb Plug-in - 4476822)
    SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
    SRV - [2011/07/03 13:59:54 | 000,311,416 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
    SRV - [2008/10/15 14:31:25 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
    SRV - [2008/10/15 14:29:28 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
    SRV - [2007/09/25 19:27:50 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)


    ========== Driver Services (SafeList) ==========

    DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2011/07/02 14:33:46 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
    DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
    DRV - [2009/06/02 17:40:13 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
    DRV - [2009/06/02 17:40:10 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
    DRV - [2009/06/02 17:40:08 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
    DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
    DRV - [2007/11/14 12:30:16 | 000,029,856 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\Player Metaboli\X4HSX32Ex.sys -- (X4HSX32Ex)
    DRV - [2007/11/08 19:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2006/12/13 09:34:06 | 000,031,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\Player Metaboli\X4HSX32.sys -- (X4HSX32)
    DRV - [2006/03/01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
    DRV - [2006/02/23 11:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
    DRV - [2005/03/04 12:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2004/08/09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
    DRV - [2004/08/09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
    DRV - [2004/07/19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
    DRV - [2004/07/14 19:52:06 | 000,031,547 | ---- | M] (Centillium Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbiad.sys -- (PALLADIA)
    DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
    DRV - [2003/09/23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
    DRV - [2003/09/19 09:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
    DRV - [2003/07/02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
    DRV - [2002/07/17 10:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
    DRV - [2002/07/17 10:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (Aspi)
    DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.01net.com/http://www.01men.com/ [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.01net.com/http://www.01men.com/ [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - File not found
    IE - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Google"
    FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
    FF - prefs.js..browser.startup.homepage: "http://www.neuf.fr/"

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
    FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@neuf/vlc,version=0.8.6.1: C:\Program Files\Neuf\TV_PC\VLC\npvlc.dll File not found
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/20 18:11:49 | 000,000,000 | ---D | M]

    [2009/03/28 20:03:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Extensions
    [2009/03/28 20:03:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2007/12/12 20:25:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Firefox\Profiles\esuslpsj.default\extensions
    [2007/02/04 23:16:08 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Firefox\Profiles\esuslpsj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2007/12/12 20:25:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Firefox\Profiles\esuslpsj.default\extensions\staged-xpis
    [2007/02/04 05:11:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Firefox\Profiles\f91kwca5.default\extensions
    [2007/02/04 05:10:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Firefox\Profiles\f91kwca5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
    [2008/07/22 19:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Firefox\Profiles\suite.User0\extensions
    [2008/07/22 19:55:35 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\lotfi\Application Data\Mozilla\Firefox\Profiles\suite.User0\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2009/06/22 20:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2007/02/04 05:10:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2009/02/27 21:35:45 | 000,000,000 | ---D | M] (Eazel-FR Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\TALKBACK@MOZILLA.ORG
    [2006/09/21 19:29:00 | 000,135,227 | ---- | M] (Exent Technologies Ltd.) -- C:\Program Files\mozilla firefox\plugins\npExentCtl.dll

    O1 HOSTS File: ([2003/04/24 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
    O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (EoBho Class) - {64F56FC1-1272-44CD-BA6E-39723696E350} - File not found
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (SiteActivationBHO Class) - {918BC41A-9563-4522-B8CA-37AE5C51633A} - C:\Program Files\La Super Barre V.3.3\siteActiv_plugin.dll ()
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
    O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Documents and Settings\All Users\Menu Démarrer\Free Download Manager\iefdm2.dll ()
    O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\ShellBrowser: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\WebBrowser: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\WebBrowser: (no name) - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [ccApp] File not found
    O4 - HKLM..\Run: [Cmaudio] C:\WINDOWS\CMICNFG.CPL (C-Media Corporation)
    O4 - HKLM..\Run: [fenaffiche] File not found
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [ORAHSSSessionManager] File not found
    O4 - HKLM..\Run: [SystrayORAHSS] File not found
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - File not found
    O9 - Extra 'Tools' menuitem : Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - File not found
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - File not found
    O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - File not found
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
    O15 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..Trusted Domains: ([]msn in My Computer)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin... (Symantec AntiVirus scanner)
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.... (Solitaire Showdown Class)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sourc... (BDSCANONLINE Control)
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common... (Symantec RuFSI Utility Class)
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_... ("Ma-Config.com control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... (Java Plug-in 1.6.0_11)
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca... (MSN Games - Installer)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-wind... (Java Plug-in 1.6.0_01)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... (Java Plug-in 1.6.0_11)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... (Java Plug-in 1.6.0_11)
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/Obe... (Oberon Flash Game Host)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} file://C:\Documents and Settings\lotfi\Local Settings\Application Data\Oberon Media\Oberon Games Host\popcaploader_v6.cab (PopCapLoader Object)
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab (Driver Agent ActiveX Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
    O24 - Desktop Components:0 () - http://www.skyblog.com/pics/tpl_left14.gif
    O24 - Desktop Components:1 () - http://www.yabiladi.com/photos_maroc/gal_2/8_casbah_oud...
    O24 - Desktop Components:2 () - http://212.95.67.167/media_pa/th/th_9916000348_0.jpg
    O24 - Desktop Components:3 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\lotfi\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\lotfi\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\...exe [@ = exefile] -- Reg Error: Key error. File not found

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - File not found
    NetSvcs: HidServ - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: Ip6FwHlp - File not found

    MsConfig - Services: "gusvc"
    MsConfig - Services: "avast! Web Scanner"
    MsConfig - Services: "avast! Mail Scanner"
    MsConfig - Services: "avast! Antivirus"
    MsConfig - Services: "aswUpdSv"
    MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe - ()
    MsConfig - StartUpReg: adiras - hkey= - key= - C:\WINDOWS\adiras.exe ()
    MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    MsConfig - StartUpReg: ares - hkey= - key= - File not found
    MsConfig - StartUpReg: autoclk - hkey= - key= - C:\WINDOWS\autoclk.exe ()
    MsConfig - StartUpReg: EoEngine - hkey= - key= - File not found
    MsConfig - StartUpReg: EoWeather - hkey= - key= - File not found
    MsConfig - StartUpReg: InCD - hkey= - key= - File not found
    MsConfig - StartUpReg: Instant Access - hkey= - key= - File not found
    MsConfig - StartUpReg: MonsterEggs_FSetup.exe - hkey= - key= - File not found
    MsConfig - StartUpReg: msnmsgr - hkey= - key= - File not found
    MsConfig - StartUpReg: NeroCheck - hkey= - key= - File not found
    MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
    MsConfig - StartUpReg: RestoreIT! - hkey= - key= - File not found
    MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
    MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    MsConfig - StartUpReg: Totocam - hkey= - key= - File not found
    MsConfig - StartUpReg: Veoh - hkey= - key= - File not found
    MsConfig - StartUpReg: Voipwise - hkey= - key= - File not found
    MsConfig - StartUpReg: vptray - hkey= - key= - File not found
    MsConfig - StartUpReg: WOOTASKBARICON - hkey= - key= - File not found
    MsConfig - StartUpReg: WOOWATCH - hkey= - key= - File not found
    MsConfig - StartUpReg: Yahoo! Pager - hkey= - key= - File not found
    MsConfig - State: "system.ini" - 0
    MsConfig - State: "win.ini" - 0
    MsConfig - State: "bootini" - 2
    MsConfig - State: "services" - 2
    MsConfig - State: "startup" - 2

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
    Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
    Drivers32: wave2 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
    Drivers32: wave3 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
    Drivers32: wave4 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
    Drivers32: wave5 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
    Drivers32: wave6 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
    Drivers32: wave7 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
    Drivers32: wave8 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
    Drivers32: wave9 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

    ActiveX: {02f78298-8af6-495c-9ecb-b6ae68678186} - KB867282
    ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.1.3
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1.3
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
    ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
    ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:o E /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
    ActiveX: {839117ee-2132-4bae-a56a-42b50204c9b9} - KB889293
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
    ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
    ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
    ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
    ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
    ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
    ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: >{ED3DF1A7-E9AD-41C7-A62A-1CDA6E33F517} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: Microsoft Base Smart Card Crypto Provider Package -
    PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/08/08 05:13:09 | 000,000,000 | ---D | C] -- C:\Avenger
    [2011/08/07 16:31:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lotfi\Application Data\Malwarebytes
    [2011/08/07 16:30:33 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/08/07 16:30:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
    [2011/08/07 16:30:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/08/07 16:30:22 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011/08/07 16:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/08/07 16:28:32 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\lotfi\Bureau\mbam-setup-1.51.1.1800.exe
    [2011/08/07 16:04:30 | 000,000,000 | ---D | C] -- C:\_OTM
    [2011/08/07 16:02:57 | 000,522,752 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\lotfi\Bureau\OTM.exe
    [2011/08/07 15:32:47 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
    [2011/08/07 15:21:36 | 000,000,000 | ---D | C] -- C:\Navilog1
    [2011/08/06 22:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
    [2011/08/06 22:57:37 | 000,000,000 | ---D | C] -- C:\rsit
    [2011/08/06 16:40:27 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\lotfi\Bureau\OTL.exe
    [2005/11/29 20:54:05 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
    [43 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [19 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/06/22 17:21:34 | 000,027,727 | ---- | M] () -- C:\Documents and Settings\lotfi\Mes documents\Les evadé d alkatraz.png
    [2011/08/08 15:21:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
    [2011/08/08 15:14:04 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011/08/08 15:08:40 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1006.job
    [2011/08/08 15:08:39 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2514637634-1640644918-1932016354-1006.job
    [2011/08/08 15:05:38 | 000,050,257 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2011/08/08 15:04:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/08/08 15:04:42 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2011/08/08 15:04:27 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1007.job
    [2011/08/08 15:04:27 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1008.job
    [2011/08/08 14:39:25 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2514637634-1640644918-1932016354-1007.job
    [2011/08/08 14:35:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/08/08 14:35:37 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
    [2011/08/07 16:30:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2011/08/07 16:28:32 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\lotfi\Bureau\mbam-setup-1.51.1.1800.exe
    [2011/08/07 16:02:59 | 000,522,752 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lotfi\Bureau\OTM.exe
    [2011/08/07 15:27:23 | 000,231,562 | ---- | M] () -- C:\Documents and Settings\lotfi\Bureau\Navilog11.exe
    [2011/08/07 15:17:56 | 000,231,562 | ---- | M] () -- C:\Documents and Settings\lotfi\Bureau\Navilog1.exe
    [2011/08/06 22:55:34 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\lotfi\Bureau\RSIT.exe
    [2011/08/06 16:40:35 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lotfi\Bureau\OTL.exe
    [2011/07/29 17:15:01 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [2011/07/29 12:55:51 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
    [2011/07/28 12:41:01 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2514637634-1640644918-1932016354-1008.job
    [2011/07/23 16:17:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011/07/14 02:55:04 | 000,125,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/07/13 23:58:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [43 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [19 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/08/08 15:21:32 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
    [2011/08/08 14:40:06 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1007.job
    [2011/08/07 16:30:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2011/08/07 15:27:23 | 000,231,562 | ---- | C] () -- C:\Documents and Settings\lotfi\Bureau\Navilog11.exe
    [2011/08/07 15:17:53 | 000,231,562 | ---- | C] () -- C:\Documents and Settings\lotfi\Bureau\Navilog1.exe
    [2011/08/06 22:55:23 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\lotfi\Bureau\RSIT.exe
    [2011/08/05 11:12:35 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1006.job
    [2011/07/14 14:13:52 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2514637634-1640644918-1932016354-1008.job
    [2011/07/04 18:28:16 | 000,000,736 | ---- | C] () -- C:\WINDOWS\setup.ini
    [2011/07/04 18:27:35 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
    [2011/07/04 18:27:35 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
    [2011/07/04 18:27:35 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
    [2010/03/22 02:31:35 | 000,013,964 | -HS- | C] () -- C:\Documents and Settings\lotfi\Local Settings\Application Data\VH56DJI7u87yo
    [2010/03/22 02:31:35 | 000,013,964 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\VH56DJI7u87yo
    [2009/10/28 15:29:40 | 000,000,940 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
    [2009/08/10 18:27:42 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
    [2009/01/25 08:27:52 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
    [2009/01/25 08:27:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
    [2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
    [2008/09/25 04:47:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
    [2008/09/25 03:33:16 | 000,000,077 | ---- | C] () -- C:\WINDOWS\adidsl.ini
    [2008/09/25 03:33:16 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
    [2008/09/24 17:25:52 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\adinst32.dll
    [2008/09/24 16:29:27 | 001,531,904 | ---- | C] () -- C:\WINDOWS\adiras.exe
    [2008/09/24 16:29:27 | 000,000,893 | ---- | C] () -- C:\WINDOWS\adiras.ini
    [2008/09/24 16:29:25 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe
    [2008/09/24 16:29:22 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
    [2008/09/24 16:29:21 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll
    [2008/09/24 16:29:15 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin
    [2008/09/24 16:29:14 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe
    [2008/01/08 21:40:33 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
    [2008/01/08 21:40:28 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
    [2008/01/08 21:40:00 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
    [2007/12/12 10:35:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
    [2007/10/27 01:27:30 | 000,000,068 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
    [2007/03/21 21:22:49 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
    [2007/02/04 04:54:49 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\lotfi\Application Data\Launch Internet Explorer Browser.lnk
    [2007/02/01 21:40:14 | 000,001,168 | ---- | C] () -- C:\WINDOWS\mozver.dat
    [2007/02/01 21:09:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2006/08/22 14:01:20 | 000,000,669 | ---- | C] () -- C:\WINDOWS\iplayer.INI
    [2006/06/22 10:06:29 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
    [2006/06/22 10:06:28 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
    [2006/06/22 10:02:46 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
    [2006/03/09 15:29:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2006/03/09 15:29:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
    [2006/03/09 15:29:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2006/03/09 15:29:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
    [2006/03/09 15:29:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2006/03/09 15:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
    [2006/03/09 15:29:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2006/03/09 15:29:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
    [2006/03/09 15:29:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
    [2006/03/09 15:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
    [2006/03/09 15:29:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
    [2006/02/06 12:53:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2006/01/22 00:41:46 | 000,000,021 | ---- | C] () -- C:\WINDOWS\System32\p.dat
    [2006/01/22 00:41:42 | 000,139,731 | ---- | C] () -- C:\WINDOWS\System32\system.dat
    [2006/01/06 21:26:34 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
    [2005/11/30 21:56:43 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\lotfi\Local Settings\Application Data\fusioncache.dat
    [2005/10/19 04:06:04 | 000,039,739 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2005/10/05 04:28:19 | 000,106,586 | ---- | C] () -- C:\WINDOWS\System32\fsas.dll
    [2005/10/05 03:13:45 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-6.3.2.62-4476822L.exe
    [2005/06/12 00:46:34 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
    [2005/05/21 03:00:43 | 000,094,208 | ---- | C] () -- C:\WINDOWS\WMCRRSAPI.DLL
    [2005/02/25 03:00:51 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\cabinets.dll
    [2005/02/17 22:56:26 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2005/02/08 02:07:10 | 000,000,266 | ---- | C] () -- C:\WINDOWS\phedit.ini
    [2005/01/25 16:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
    [2004/11/19 14:17:54 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
    [2004/11/19 13:54:13 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
    [2004/11/04 03:52:45 | 000,000,417 | ---- | C] () -- C:\WINDOWS\vbface.INI
    [2004/10/18 18:15:01 | 000,427,140 | ---- | C] () -- C:\WINDOWS\System32\perfh040.dat
    [2004/10/18 18:15:01 | 000,054,926 | ---- | C] () -- C:\WINDOWS\System32\perfc040.dat
    [2004/10/18 18:11:50 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
    [2004/10/18 18:11:50 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
    [2004/10/18 18:11:50 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
    [2004/10/11 21:38:48 | 000,000,058 | ---- | C] () -- C:\WINDOWS\IWDATA.INI
    [2004/10/11 18:27:06 | 000,000,493 | ---- | C] () -- C:\WINDOWS\Stars.ini
    [2004/10/10 13:14:41 | 000,002,620 | ---- | C] () -- C:\WINDOWS\COLORSTA.INI
    [2004/10/03 12:43:44 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
    [2004/09/30 18:23:08 | 000,145,408 | ---- | C] () -- C:\Documents and Settings\lotfi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2004/08/06 22:52:17 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
    [2004/07/27 15:36:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2004/07/27 09:10:13 | 000,000,002 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2004/07/26 18:37:59 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
    [2004/07/26 18:37:59 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
    [2004/07/26 18:37:55 | 000,000,698 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
    [2004/07/26 18:37:48 | 001,285,610 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
    [2004/07/26 18:37:48 | 000,390,630 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
    [2004/07/26 18:37:48 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
    [2004/07/26 18:37:48 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
    [2004/07/26 18:37:33 | 001,123,150 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2004/07/26 18:37:33 | 000,321,626 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2004/07/26 18:37:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2004/07/26 18:37:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2004/07/26 18:37:32 | 000,004,512 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2004/07/26 18:37:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2004/07/26 18:37:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2004/07/26 18:37:26 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2004/07/26 18:37:26 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2004/07/26 18:37:21 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2004/07/26 18:37:13 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2004/07/26 17:42:05 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2004/07/26 17:41:28 | 000,125,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2004/07/26 17:05:26 | 000,233,472 | ---- | C] () -- C:\WINDOWS\CMIRMDRV.EXE
    [2004/07/26 17:05:26 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRMDRV.DLL
    [2004/07/26 17:05:25 | 000,003,424 | ---- | C] () -- C:\WINDOWS\CMIAINFO.SYS
    [2004/07/26 17:05:25 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
    [2004/07/26 17:05:25 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
    [2004/07/26 16:57:18 | 000,000,845 | ---- | C] () -- C:\WINDOWS\orun32.ini
    [2004/07/26 16:57:12 | 000,083,534 | ---- | C] () -- C:\WINDOWS\System32\RitCPT.exe
    [2004/07/26 16:57:07 | 000,005,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\FBAPI.sys
    [2004/07/26 16:53:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2004/07/26 16:47:54 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
    [2004/07/26 16:44:48 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
    [1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll

    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >

    < %ALLUSERSPROFILE%\Application Data\*. >
    [2009/08/06 22:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
    [2009/11/10 20:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2009/11/10 20:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2009/07/29 16:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
    [2010/02/10 16:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
    [2010/06/23 14:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
    [2011/07/04 17:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
    [2011/08/07 16:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2009/09/27 21:12:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
    [2010/04/19 20:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
    [2009/10/31 21:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    [2010/06/23 20:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
    [2009/08/09 21:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
    [2009/07/29 16:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2011/08/08 15:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Adobe
    [2004/08/09 17:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Ahead
    [2006/09/11 00:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Apple Computer
    [2004/08/06 22:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\ArcSoft
    [2006/06/24 02:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\AVG7
    [2005/10/06 03:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Camfrog
    [2005/12/08 04:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Checkflow
    [2004/10/01 01:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\CyberLink
    [2007/12/09 22:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\DivX
    [2005/10/05 04:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\F-Secure
    [2009/11/03 03:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Google
    [2008/12/02 06:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Graboid Inc
    [2005/12/14 03:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Help
    [2009/01/27 12:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Icone
    [2004/07/26 16:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Identities
    [2010/03/26 16:18:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\igraal
    [2008/07/22 19:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\InstallShield
    [2004/07/26 17:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\InterTrust
    [2008/09/25 02:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Lavasoft
    [2005/02/02 22:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Macromedia
    [2011/08/07 16:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Malwarebytes
    [2009/11/03 03:22:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\lotfi\Application Data\Microsoft
    [2009/03/28 20:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Mozilla
    [2008/11/28 05:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\MozillaControl
    [2005/02/02 23:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\MSN6
    [2004/10/01 01:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\NeroVision
    [2005/10/05 04:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\PEX
    [2010/06/14 17:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\PriceGong
    [2010/06/23 18:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Real
    [2009/08/13 20:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Skype
    [2009/08/13 20:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\skypePM
    [2004/07/27 09:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Sonic
    [2005/04/08 23:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Sun
    [2005/11/16 15:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Symantec
    [2007/02/04 02:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Talkback
    [2006/06/21 19:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\TuneUp Software
    [2008/11/28 06:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\vlc
    [2007/12/30 22:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Voipwise
    [2011/06/18 16:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Windows Live Writer
    [2005/04/21 04:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Yahoo! Messenger

    < %APPDATA%\*.exe /s >
    [2008/02/06 19:43:30 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\lotfi\Application Data\Microsoft\Installer\{7E70ED5B-DA34-428E-8D51-9BF79D197B81}\_6afe4422.exe
    [2008/12/31 05:08:25 | 000,312,864 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\lotfi\Application Data\Real\RealPlayer\setup\AU_setup.exe
    [2008/09/28 18:57:37 | 000,054,816 | ---- | M] () -- C:\Documents and Settings\lotfi\Application Data\Real\Update\setup\schedule.exe
    [2008/09/28 18:57:36 | 000,312,864 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\lotfi\Application Data\Real\Update\setup\setup.exe
    [2008/09/28 19:00:33 | 006,349,240 | ---- | M] () -- C:\Documents and Settings\lotfi\Application Data\Real\Update\setup\data\ff\firefoxgoogletoolbarsetup.exe
    [2008/09/28 19:00:43 | 000,756,328 | ---- | M] () -- C:\Documents and Settings\lotfi\Application Data\Real\Update\setup\data\gds\GOOGLE_DESKTOP\gdssetup.exe
    [2008/09/28 19:00:58 | 001,203,296 | ---- | M] (Google) -- C:\Documents and Settings\lotfi\Application Data\Real\Update\setup\data\gtb\GOOGLE_TOOLBAR\googletoolbarinstaller.exe
    [2008/09/28 19:01:16 | 001,203,296 | ---- | M] (Google) -- C:\Documents and Settings\lotfi\Application Data\Real\Update\setup\data\gtb_gds\GOOGLE_TOOLBAR\googletoolbarinstaller.exe
    [2008/09/28 19:03:10 | 013,669,872 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\lotfi\Application Data\Real\Update\setup\data\rp\RealPlayer11GOLD_fr.exe
    [2010/05/07 22:02:54 | 000,443,912 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\lotfi\Application Data\Real\Update\setup3.10\setup.exe
    [2008/09/28 18:56:28 | 000,312,864 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\lotfi\Application Data\Real\Update\temp\~Upg0\setup.exe
    [2011/08/08 15:12:05 | 000,310,400 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\lotfi\Application Data\Real\Update\UpgradeHelper\RealPlayer\8.00\rnupgagent.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [43 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < hklm\software\clients\startmenuinternet|command /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 14:00:32 | 000,070,656 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 14:00:32 | 000,070,656 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 14:00:32 | 000,070,656 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2003/04/24 14:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\WOOBrowser.exe\shell\open\command\\: C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Show Desktop.scf:KAVICHS

    < End of report >
    8 Août 2011 16:32:37

    ET voici pour Extras.Txt :






    OTL Extras logfile created on: 08/08/2011 15:17:33 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\lotfi\Bureau
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.11)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    511,48 Mb Total Physical Memory | 242,40 Mb Available Physical Memory | 47,39% Memory free
    1,22 Gb Paging File | 0,74 Gb Available in Paging File | 60,39% Paging File free
    Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 140,77 Gb Total Space | 21,48 Gb Free Space | 15,26% Space Free | Partition Type: NTFS

    Computer Name: HASSOUNE_LOTFI | User Name: lotfi | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_USERS\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Classes\<extension>]
    .exe [@ = exefile] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 1
    "FirewallOverride" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Kazaa\kazaa.exe" = C:\Program Files\Kazaa\kazaa.exe:*:Enabled:Kazaa Media Desktop
    "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
    "C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger
    "C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
    "C:\Program Files\eMule2\emule.exe" = C:\Program Files\eMule2\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
    "C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:D ownload Accelerator Plus
    "C:\Program Files\Paltalk Messenger\paltalk7.exe" = C:\Program Files\Paltalk Messenger\paltalk7.exe:*:D isabled:p altalk Messenger 7.0
    "C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" = C:\WINDOWS\system32\P2P Networking\P2P Networking.exe:*:Enabled:p 2P Networking
    "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
    "C:\Program Files\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe" = C:\Program Files\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe:*:Enabled:F-Secure Anti-Virus 2005
    "C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\FlowService.exe" = C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\FlowService.exe:*:Enabled:SpyShooter 2006
    "C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\Fp2006.exe" = C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\Fp2006.exe:*:Enabled:Spy Shooter 2006
    "C:\Program Files\Allocam Multi Visio\allocam.exe" = C:\Program Files\Allocam Multi Visio\allocam.exe:*:D isabled:Multi Video
    "C:\Program Files\Grisoft\AVG Free\avginet.exe" = C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe
    "C:\Program Files\Grisoft\AVG Free\avgemc.exe" = C:\Program Files\Grisoft\AVG Free\avgemc.exe:*:Enabled:avgemc.exe
    "C:\Documents and Settings\lotfi\Local Settings\Temp\Rar$EX00.328\ares.exe" = C:\Documents and Settings\lotfi\Local Settings\Temp\Rar$EX00.328\ares.exe:*:D isabled:Ares
    "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
    "C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer
    "C:\Program Files\efonica softphone\efonica.exe" = C:\Program Files\efonica softphone\efonica.exe:*:D isabled:efonica softphone
    "C:\Program Files\Rockstar Games\Midnight Club II\mc2.exe" = C:\Program Files\Rockstar Games\Midnight Club II\mc2.exe:*:Enabled:mc2
    "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" = C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:D isabled:Veoh Client
    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{042E2C9D-6647-4C5F-9CEF-387D72023128}" = USB MODEM Driver
    "{05E9F134-07C9-4249-9B80-EE5D975F201B}" = Sony Ericsson Image Editor
    "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
    "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
    "{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
    "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
    "{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Player Metaboli
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
    "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
    "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA)
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
    "{7E70ED5B-DA34-428E-8D51-9BF79D197B81}" = FreebieSMS
    "{815050E5-F545-11D4-9569-004095812ACC}" = Serious Sam: The First Encounter
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
    "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
    "{9462C4AD-D6C4-4365-B4AD-BFE0B1E216C3}" = Sony Ericsson MMS Home Studio
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar
    "{9E63B65D-B380-4471-9B2A-5A9588345903}" = Ma-Config.com
    "{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
    "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
    "{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.4 - Français
    "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
    "{B168C59D-5FCF-4EEC-B464-BFA7A8266150}" = Windows Communication Foundation Language Pack - FRA
    "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{B84C141C-9A13-44BE-9A69-301D7B11D836}" = Windows Workflow Foundation FR Language Pack
    "{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
    "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C1C0717C-546A-11D7-9963-00A0C92C4EC3}" = Creative Modem Blaster V.92 DI5733-1
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
    "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
    "{D6782F44-58DB-4DE5-A65C-890320CF3F99}" = Prince of Persia T2T
    "{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}" = Microsoft .NET Framework 3.0 French Language Pack
    "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
    "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Shockwave Player" = Adobe Shockwave Player
    "Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
    "AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
    "CCleaner" = CCleaner (remove only)
    "C-Media Audio" = C-Media 3D Audio
    "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
    "Empty Temp Folders 2.8.3" = Empty Temp Folders 2.8.3
    "eMule" = eMule
    "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.00
    "exent_262354" = Aménophis
    "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
    "Free Download Manager_is1" = Free Download Manager 3.0
    "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
    "IC Card Reader Driver" = IC Card Reader Driver v1.9e
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
    "LimeWire" = LimeWire 5.1.2
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    "Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "NMPUninstallKey" = Nero Media Player
    "NVIDIA Drivers" = NVIDIA Drivers
    "PhotoFiltre" = PhotoFiltre
    "RealPlayer 12.0" = RealPlayer
    "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
    "SFR_Kit" = SFR - Kit de connexion
    "Software Informer_is1" = Software Informer 1.0 BETA
    "Uninstall_is1" = Uninstall 1.0.0.1
    "VideoGet_is1" = Nuclear Coffee - VideoGet
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "Windows XP Service" = Windows XP Service Pack 3
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Archiveur WinRAR
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XBTB00001.XBTB00001Toolbar" = La Super Barre V.3.3
    "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
    "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2514637634-1640644918-1932016354-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 31/07/2011 10:49:42 | Computer Name = HASSOUNE_LOTFI | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 01/08/2011 05:22:10 | Computer Name = HASSOUNE_LOTFI | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 03/08/2011 11:06:08 | Computer Name = HASSOUNE_LOTFI | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 04/08/2011 07:36:52 | Computer Name = HASSOUNE_LOTFI | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 04/08/2011 08:29:58 | Computer Name = HASSOUNE_LOTFI | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 05/08/2011 13:03:47 | Computer Name = HASSOUNE_LOTFI | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 06/08/2011 11:26:12 | Computer Name = HASSOUNE_LOTFI | Source = EventSystem | ID = 4609
    Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
    lors de son traitement interne. Le HRESULT est 80070005 à partir de la ligne 44
    de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
    du Support Technique Microsoft pour signaler cette erreu

    Error - 06/08/2011 13:42:13 | Computer Name = HASSOUNE_LOTFI | Source = EventSystem | ID = 4609
    Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
    lors de son traitement interne. Le HRESULT est 80070005 à partir de la ligne 44
    de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
    du Support Technique Microsoft pour signaler cette erreu

    Error - 07/08/2011 23:16:55 | Computer Name = HASSOUNE_LOTFI | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 08/08/2011 08:37:33 | Computer Name = HASSOUNE_LOTFI | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    [ System Events ]
    Error - 08/08/2011 09:30:03 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:40:25 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:40:29 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:40:33 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:40:37 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:40:41 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:40:49 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:40:53 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:40:57 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    Error - 08/08/2011 09:41:02 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.


    < End of report >
    a c 549 8 Sécurité
    8 Août 2011 18:19:13

    Re,

    Ton PC est une poubelle !!!
    Faudrait penser à revoir sérieusement ton comportement sur un pc et sur le net ...

    En passant ta partition ou ton support amovible D: à un souci :
    Error - 08/08/2011 09:30:03 | Computer Name = HASSOUNE_LOTFI | Source = Disk | ID = 262151
    Description = Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

    On verra à la fin.


    Pour suivre :

    1) Tu n'as pas désinstallé tous les programmes que j'avais demandé !!! Fais-le (si présent, sinon dis-le moi) :

    Citation :
    1) Désinstalle ces programmes (via "ajout/suppression des programmes", si présent) :

    - Empty Temp Folders 2.8.3 (inutile, Ccleaner le fait)
    - Java(TM) 6 Update 7 (version obsolète, vulnérable)
    - Java(TM) SE Runtime Environment 6 Update 1 (idem)
    - La Super Barre V.3.3 (sauf réelle utilité, contient des fonctions de tracabilité)
    - Uninstall 1.0.0.1 (lié à un adware)



    2) Relance OTL.exe

  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.
    :OTL

    PRC - [2007/09/25 19:27:50 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    SRV - [2007/09/25 19:27:50 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
    [2009/02/27 21:35:45 | 000,000,000 | ---D | M] (Eazel-FR Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (EoBho Class) - {64F56FC1-1272-44CD-BA6E-39723696E350} - File not found
    O2 - BHO: (SiteActivationBHO Class) - {918BC41A-9563-4522-B8CA-37AE5C51633A} - C:\Program Files\La Super Barre V.3.3\siteActiv_plugin.dll ()
    O3 - HKLM\..\Toolbar: (no name) - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\ShellBrowser: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\WebBrowser: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\WebBrowser: (no name) - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - No CLSID value found.
    O3 - HKU\S-1-5-21-2514637634-1640644918-1932016354-1006\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
    O4 - HKLM..\Run: [ccApp] File not found
    O4 - HKLM..\Run: [fenaffiche] File not found
    O4 - HKLM..\Run: [ORAHSSSessionManager] File not found
    O4 - HKLM..\Run: [SystrayORAHSS] File not found
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - File not found
    O9 - Extra 'Tools' menuitem : Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - File not found
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6 [...] /cabsa.cab (Symantec RuFSI Utility Class)
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/j [...] s-i586.cab (Java Plug-in 1.6.0_01)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/j [...] s-i586.cab (Java Plug-in 1.6.0_07)
    MsConfig - StartUpReg: EoEngine - hkey= - key= - File not found
    MsConfig - StartUpReg: EoWeather - hkey= - key= - File not found
    MsConfig - StartUpReg: Instant Access - hkey= - key= - File not found
    MsConfig - StartUpReg: MonsterEggs_FSetup.exe - hkey= - key= - File not found
    MsConfig - StartUpReg: WOOTASKBARICON - hkey= - key= - File not found
    MsConfig - StartUpReg: WOOWATCH - hkey= - key= - File not found
    [2010/03/22 02:31:35 | 000,013,964 | -HS- | C] () -- C:\Documents and Settings\lotfi\Local Settings\Application Data\VH56DJI7u87yo
    [2010/03/22 02:31:35 | 000,013,964 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\VH56DJI7u87yo
    [2010/03/26 16:18:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\igraal
    [2008/09/25 02:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Lavasoft
    [2010/06/14 17:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\PriceGong
    [2005/11/16 15:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lotfi\Application Data\Symantec
    [43 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [19 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\FlowService.exe"=-
    "C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\Fp2006.exe"=-
    "C:\Program Files\Grisoft\AVG Free\avginet.exe"=-
    "C:\Program Files\Grisoft\AVG Free\avgemc.exe"=-
    "C:\Documents and Settings\lotfi\Local Settings\Temp\Rar$EX00.328\ares.exe"=-
    [-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\WOOBrowser.exe]

    :Files
    C:\Program Files\Fichiers communs\France Telecom

    :Commands
    [emptytemp]
    [emptyflash]


  • Puis clique sur le bouton Correction en haut à gauche
  • Si le pc demande à redémarrer accepte.
  • Poste le rapport de suppression.

    Note : le rapport est enregistré sous format ".log", il convient de changer cette extension en ".txt" si tu veux le déposer sur des sites en ligne.


    Télécharge TDSSKiller de Kaspersky sur ton bureau.

  • Décompresse-le en faisant clic-droit dessus -> extraire tout... (clique sur "suivant", "suivant" et "Terminer".)
  • Double clique sur "TDSSKiller.exe" pour lancer l'outil.
    (Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)

  • Clique alors sur le bouton "Start Scan".
  • Laisse le scan s'effectuer.

  • Dans la fenêtre de résultat :
  • Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.
  • Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
  • Pour la partie "Suspicious object" laisse sur "Skip"
  • Si TDSS.tdl4 (mbr) est détecté assure toi que Cure est bien coché.
  • Clique enfin sur "Continue"

  • Il te sera surement demandé de redémarrer ton pc, fait-le en cliquant sur "Reboot now"

  • Au redémarrage va chercher le rapport de suppression, il se trouve ici :
    C:\ TDSSKiller.x.x.x.x_date_heure_log.txt

    Poste son contenu dans ta prochaine réponse.
    8 Août 2011 18:39:32

    Re,
    si si je les ai supprimé apré avoir recus les rapport il y'a la super barre v.3.3 qui ne veut pa se supprimer et PremiereAdvertisingPlatform et PLaymp3z que je trouve pas dans "ajout/suppression des programmes"
    8 Août 2011 22:06:12

    bonsoir chef,
    voila le rapport de correction de OTL ( dsl pour le retard a chaque fois mais mon pc rame grave tu doit bien t'en douter)





    All processes killed
    ========== OTL ==========
    No active process named FTRTSVC.exe was found!
    Service FTRTSVC stopped successfully!
    Service FTRTSVC deleted successfully!
    C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\searchplugin folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\META-INF folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\lib folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\defaults folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\components folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\chrome folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} folder moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{918BC41A-9563-4522-B8CA-37AE5C51633A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{918BC41A-9563-4522-B8CA-37AE5C51633A}\ deleted successfully.
    C:\Program Files\La Super Barre V.3.3\siteActiv_plugin.dll moved successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CC8C8F4F-F2E8-404B-A43D-5CC57876A008} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC8C8F4F-F2E8-404B-A43D-5CC57876A008}\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-2514637634-1640644918-1932016354-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{A20A76AD-7A29-4756-87FE-70C334CB40C0} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A20A76AD-7A29-4756-87FE-70C334CB40C0}\ not found.
    Registry value HKEY_USERS\S-1-5-21-2514637634-1640644918-1932016354-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
    Registry value HKEY_USERS\S-1-5-21-2514637634-1640644918-1932016354-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A20A76AD-7A29-4756-87FE-70C334CB40C0} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A20A76AD-7A29-4756-87FE-70C334CB40C0}\ not found.
    Registry value HKEY_USERS\S-1-5-21-2514637634-1640644918-1932016354-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC8C8F4F-F2E8-404B-A43D-5CC57876A008} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC8C8F4F-F2E8-404B-A43D-5CC57876A008}\ not found.
    Registry value HKEY_USERS\S-1-5-21-2514637634-1640644918-1932016354-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ccApp deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fenaffiche deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ORAHSSSessionManager deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SystrayORAHSS deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
    File C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
    Starting removal of ActiveX control {644E432F-49D3-41A1-8DD5-E099162EEEC5}
    C:\WINDOWS\Downloaded Program Files\CabSA.inf moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{644E432F-49D3-41A1-8DD5-E099162EEEC5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{644E432F-49D3-41A1-8DD5-E099162EEEC5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{644E432F-49D3-41A1-8DD5-E099162EEEC5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{644E432F-49D3-41A1-8DD5-E099162EEEC5}\ not found.
    Starting removal of ActiveX control {6A344D34-5231-452A-8A57-D064AC9B7862}
    C:\WINDOWS\Downloaded Program Files\symdlmgr.inf moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6A344D34-5231-452A-8A57-D064AC9B7862}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A344D34-5231-452A-8A57-D064AC9B7862}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6A344D34-5231-452A-8A57-D064AC9B7862}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A344D34-5231-452A-8A57-D064AC9B7862}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\EoEngine\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\EoWeather\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Instant Access\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\MonsterEggs_FSetup.exe\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\WOOTASKBARICON\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\WOOWATCH\ deleted successfully.
    C:\Documents and Settings\lotfi\Local Settings\Application Data\VH56DJI7u87yo moved successfully.
    C:\Documents and Settings\All Users\Application Data\VH56DJI7u87yo moved successfully.
    C:\Documents and Settings\lotfi\Application Data\igraal folder moved successfully.
    C:\Documents and Settings\lotfi\Application Data\Lavasoft folder moved successfully.
    C:\Documents and Settings\lotfi\Application Data\PriceGong\Data folder moved successfully.
    C:\Documents and Settings\lotfi\Application Data\PriceGong folder moved successfully.
    C:\Documents and Settings\lotfi\Application Data\Symantec folder moved successfully.
    C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
    C:\WINDOWS\system32\SET10.tmp deleted successfully.
    C:\WINDOWS\system32\SET178.tmp deleted successfully.
    C:\WINDOWS\system32\SET179.tmp deleted successfully.
    C:\WINDOWS\system32\SET17A.tmp deleted successfully.
    C:\WINDOWS\system32\SET17B.tmp deleted successfully.
    C:\WINDOWS\system32\SET17C.tmp deleted successfully.
    C:\WINDOWS\system32\SET17D.tmp deleted successfully.
    C:\WINDOWS\system32\SET17E.tmp deleted successfully.
    C:\WINDOWS\system32\SET17F.tmp deleted successfully.
    C:\WINDOWS\system32\SET180.tmp deleted successfully.
    C:\WINDOWS\system32\SET181.tmp deleted successfully.
    C:\WINDOWS\system32\SET182.tmp deleted successfully.
    C:\WINDOWS\system32\SET183.tmp deleted successfully.
    C:\WINDOWS\system32\SET184.tmp deleted successfully.
    C:\WINDOWS\system32\SET185.tmp deleted successfully.
    C:\WINDOWS\system32\SET186.tmp deleted successfully.
    C:\WINDOWS\system32\SET187.tmp deleted successfully.
    C:\WINDOWS\system32\SET188.tmp deleted successfully.
    C:\WINDOWS\system32\SET189.tmp deleted successfully.
    C:\WINDOWS\system32\SET18A.tmp deleted successfully.
    C:\WINDOWS\system32\SET18B.tmp deleted successfully.
    C:\WINDOWS\system32\SET18C.tmp deleted successfully.
    C:\WINDOWS\system32\SET18D.tmp deleted successfully.
    C:\WINDOWS\system32\SET18E.tmp deleted successfully.
    C:\WINDOWS\system32\SET18F.tmp deleted successfully.
    C:\WINDOWS\system32\SET190.tmp deleted successfully.
    C:\WINDOWS\system32\SET191.tmp deleted successfully.
    C:\WINDOWS\system32\SET192.tmp deleted successfully.
    C:\WINDOWS\system32\SET193.tmp deleted successfully.
    C:\WINDOWS\system32\SET194.tmp deleted successfully.
    C:\WINDOWS\system32\SET195.tmp deleted successfully.
    C:\WINDOWS\system32\SET196.tmp deleted successfully.
    C:\WINDOWS\system32\SET197.tmp deleted successfully.
    C:\WINDOWS\system32\SET198.tmp deleted successfully.
    C:\WINDOWS\system32\SET199.tmp deleted successfully.
    C:\WINDOWS\system32\SET19A.tmp deleted successfully.
    C:\WINDOWS\system32\SET19B.tmp deleted successfully.
    C:\WINDOWS\system32\SET19C.tmp deleted successfully.
    C:\WINDOWS\system32\SET19D.tmp deleted successfully.
    C:\WINDOWS\system32\SET43.tmp deleted successfully.
    C:\WINDOWS\system32\setb6.tmp deleted successfully.
    C:\WINDOWS\system32\SETF.tmp deleted successfully.
    C:\WINDOWS\005952_.tmp deleted successfully.
    C:\WINDOWS\DUMPd418.tmp deleted successfully.
    C:\WINDOWS\msdownld.tmp folder deleted successfully.
    C:\WINDOWS\System32\dllcache\SET19E.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET19F.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A0.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A1.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A2.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A3.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A4.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A6.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A7.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A8.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1A9.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1AA.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1AB.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1AC.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1AD.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1AE.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1AF.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\SET1B0.tmp deleted successfully.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\FlowService.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\CheckFlow\SpyShooter\5.0.0.3\Fp2006.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG Free\avginet.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG Free\avgemc.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\lotfi\Local Settings\Temp\Rar$EX00.328\ares.exe deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\WOOBrowser.exe\ deleted successfully.
    ========== FILES ==========
    C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\Uninstall folder moved successfully.
    C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0 folder moved successfully.
    C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC folder moved successfully.
    C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTCOMModule\0 folder moved successfully.
    C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTCOMModule folder moved successfully.
    C:\Program Files\Fichiers communs\France Telecom\Shared Modules folder moved successfully.
    C:\Program Files\Fichiers communs\France Telecom folder moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes

    User: Administrateur.HASSOUNE_LOTFI
    ->Temp folder emptied: 124070 bytes
    ->Temporary Internet Files folder emptied: 119297630 bytes
    ->Flash cache emptied: 836 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 6279050 bytes

    User: lotfi
    ->Temp folder emptied: 29355992 bytes
    ->Temporary Internet Files folder emptied: 30627616 bytes
    ->Java cache emptied: 57654523 bytes
    ->FireFox cache emptied: 61049341 bytes
    ->Flash cache emptied: 93106 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 2614725 bytes

    User: Propriétaire

    User: RACHID
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 952820765 bytes

    User: YASSINE

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 5388448 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 130133538 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33726 bytes
    RecycleBin emptied: 424087747 bytes

    Total Files Cleaned = 1 735,00 mb


    [EMPTYFLASH]

    User: Administrateur

    User: Administrateur.HASSOUNE_LOTFI
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User

    User: LocalService

    User: lotfi
    ->Flash cache emptied: 1102 bytes

    User: NetworkService

    User: Propriétaire

    User: RACHID

    User: YASSINE

    Total Flash Files Cleaned = 0,00 mb


    OTL by OldTimer - Version 3.2.26.1 log created on 08082011_212515

    Files\Folders moved on Reboot...
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\YL1UBRMO\20110407_fr_wellnessvariety_160x600[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\YL1UBRMO\aff_frame[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\YL1UBRMO\AjaxHistoryFrame[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\YL1UBRMO\like[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\YL1UBRMO\resourcespreload[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\YL1UBRMO\tt[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\SDE39PXB\aff_frame[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\SDE39PXB\EditMessageLight[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\SDE39PXB\xmlProxy[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\J3CA70PI\RteFrame_16.0.1702.0709[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\J3CA70PI\rt[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\J3CA70PI\signin[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\299843-11-aidez-intempestives[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\adloader[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\AdServeMsg[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\default[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\InboxLight[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\LocalStorage[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\Messenger[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\resourcespreload[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\tt[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\Content.IE5\2PXPKQLI\xmlProxy[1].htm moved successfully.
    C:\Documents and Settings\lotfi\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.

    Registry entries deleted on Reboot...
    a c 549 8 Sécurité
    8 Août 2011 23:10:20

    Re,

    Il manque le rapport TDSSKiller ;) 

    Il va mieux le pc après la suppression des fichiers ?
    8 Août 2011 23:49:42

    je vien de fair le scan de TDSSKiller mai apparament il n'a rien trouvé voila un rapport


    2011/08/08 23:41:57.0859 1672 TDSS rootkit removing tool 2.5.14.0 Aug 5 2011 16:09:29
    2011/08/08 23:41:59.0281 1672 ================================================================================
    2011/08/08 23:41:59.0281 1672 SystemInfo:
    2011/08/08 23:41:59.0281 1672
    2011/08/08 23:41:59.0281 1672 OS Version: 5.1.2600 ServicePack: 3.0
    2011/08/08 23:41:59.0281 1672 Product type: Workstation
    2011/08/08 23:41:59.0312 1672 ComputerName: HASSOUNE_LOTFI
    2011/08/08 23:41:59.0312 1672 UserName: lotfi
    2011/08/08 23:41:59.0312 1672 Windows directory: C:\WINDOWS
    2011/08/08 23:41:59.0312 1672 System windows directory: C:\WINDOWS
    2011/08/08 23:41:59.0312 1672 Processor architecture: Intel x86
    2011/08/08 23:41:59.0312 1672 Number of processors: 2
    2011/08/08 23:41:59.0312 1672 Page size: 0x1000
    2011/08/08 23:41:59.0312 1672 Boot type: Normal boot
    2011/08/08 23:41:59.0312 1672 ================================================================================
    2011/08/08 23:42:05.0875 1672 Initialize success
    2011/08/08 23:42:21.0640 4224 ================================================================================
    2011/08/08 23:42:21.0640 4224 Scan started
    2011/08/08 23:42:21.0640 4224 Mode: Manual;
    2011/08/08 23:42:21.0640 4224 ================================================================================
    2011/08/08 23:42:32.0484 4224 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2011/08/08 23:42:33.0921 4224 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
    2011/08/08 23:42:36.0140 4224 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2011/08/08 23:42:37.0562 4224 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
    2011/08/08 23:42:40.0515 4224 AgereSoftModem (029e01cb2938bec5af31bf47b6af0159) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    2011/08/08 23:42:45.0203 4224 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    2011/08/08 23:42:47.0296 4224 Aspi (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\System32\DRIVERS\ASPI32.sys
    2011/08/08 23:42:47.0937 4224 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\Aspi32.sys
    2011/08/08 23:42:48.0453 4224 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2011/08/08 23:42:49.0109 4224 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2011/08/08 23:42:50.0531 4224 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2011/08/08 23:42:51.0187 4224 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2011/08/08 23:42:51.0453 4224 avgio (11169e93ffa195a5063750c55530da55) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
    2011/08/08 23:42:51.0625 4224 avgntflt (591068bd9d1d36b5b569eb7ce831e71b) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
    2011/08/08 23:42:52.0265 4224 avipbb (7334e72f94c59f7699936e182b278dc3) C:\WINDOWS\system32\DRIVERS\avipbb.sys
    2011/08/08 23:42:53.0656 4224 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2011/08/08 23:42:54.0312 4224 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2011/08/08 23:42:55.0359 4224 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2011/08/08 23:42:56.0140 4224 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2011/08/08 23:42:56.0781 4224 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2011/08/08 23:42:59.0328 4224 cmuda (883f93de120956cb25fd69d1636b5530) C:\WINDOWS\system32\drivers\cmuda.sys
    2011/08/08 23:43:02.0484 4224 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2011/08/08 23:43:03.0531 4224 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
    2011/08/08 23:43:04.0593 4224 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
    2011/08/08 23:43:05.0484 4224 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2011/08/08 23:43:06.0250 4224 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2011/08/08 23:43:06.0953 4224 driverhardwarev2 (0f1189883690949ba7a9f68339587e51) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
    2011/08/08 23:43:07.0609 4224 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    2011/08/08 23:43:08.0312 4224 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2011/08/08 23:43:08.0984 4224 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    2011/08/08 23:43:09.0703 4224 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
    2011/08/08 23:43:10.0406 4224 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
    2011/08/08 23:43:10.0812 4224 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    2011/08/08 23:43:11.0500 4224 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2011/08/08 23:43:12.0187 4224 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
    2011/08/08 23:43:12.0953 4224 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2011/08/08 23:43:14.0484 4224 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2011/08/08 23:43:16.0375 4224 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
    2011/08/08 23:43:17.0515 4224 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2011/08/08 23:43:18.0796 4224 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2011/08/08 23:43:21.0828 4224 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    2011/08/08 23:43:26.0984 4224 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2011/08/08 23:43:27.0984 4224 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2011/08/08 23:43:29.0406 4224 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    2011/08/08 23:43:29.0875 4224 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2011/08/08 23:43:30.0437 4224 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2011/08/08 23:43:30.0859 4224 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2011/08/08 23:43:31.0484 4224 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2011/08/08 23:43:32.0031 4224 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2011/08/08 23:43:32.0718 4224 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2011/08/08 23:43:33.0265 4224 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2011/08/08 23:43:33.0906 4224 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2011/08/08 23:43:34.0531 4224 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    2011/08/08 23:43:35.0125 4224 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    2011/08/08 23:43:36.0437 4224 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2011/08/08 23:43:36.0937 4224 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2011/08/08 23:43:37.0671 4224 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
    2011/08/08 23:43:38.0171 4224 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
    2011/08/08 23:43:38.0765 4224 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2011/08/08 23:43:39.0250 4224 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2011/08/08 23:43:39.0890 4224 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2011/08/08 23:43:40.0890 4224 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2011/08/08 23:43:41.0687 4224 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2011/08/08 23:43:42.0593 4224 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2011/08/08 23:43:43.0093 4224 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2011/08/08 23:43:43.0671 4224 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2011/08/08 23:43:44.0156 4224 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2011/08/08 23:43:44.0812 4224 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2011/08/08 23:43:45.0625 4224 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
    2011/08/08 23:43:46.0687 4224 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    2011/08/08 23:43:47.0250 4224 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2011/08/08 23:43:47.0921 4224 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2011/08/08 23:43:48.0375 4224 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2011/08/08 23:43:49.0015 4224 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2011/08/08 23:43:49.0718 4224 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    2011/08/08 23:43:50.0375 4224 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2011/08/08 23:43:51.0062 4224 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2011/08/08 23:43:51.0921 4224 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    2011/08/08 23:43:52.0734 4224 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2011/08/08 23:43:53.0937 4224 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2011/08/08 23:43:55.0000 4224 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2011/08/08 23:43:57.0500 4224 nv (29b9163a6d9c486dcaefed190130acb0) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    2011/08/08 23:44:04.0078 4224 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2011/08/08 23:44:05.0468 4224 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2011/08/08 23:44:07.0406 4224 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    2011/08/08 23:44:09.0671 4224 PALLADIA (f500b04deb1e266d21c501d229e63845) C:\WINDOWS\system32\DRIVERS\usbiad.sys
    2011/08/08 23:44:11.0968 4224 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
    2011/08/08 23:44:13.0156 4224 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2011/08/08 23:44:14.0203 4224 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
    2011/08/08 23:44:15.0156 4224 PCAMPR5 (b670c5d89f0726b7a2a7dfb4e968cdf8) C:\WINDOWS\system32\PCAMPR5.SYS
    2011/08/08 23:44:16.0359 4224 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS
    2011/08/08 23:44:17.0328 4224 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
    2011/08/08 23:44:19.0484 4224 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
    2011/08/08 23:44:26.0203 4224 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
    2011/08/08 23:44:27.0875 4224 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2011/08/08 23:44:29.0125 4224 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
    2011/08/08 23:44:30.0203 4224 prodrv06 (18d9789a4664bf417eea944d2776091a) C:\WINDOWS\System32\drivers\prodrv06.sys
    2011/08/08 23:44:31.0390 4224 prohlp02 (8cc9671a7ed2902e747ee0892e1c8575) C:\WINDOWS\system32\drivers\prohlp02.sys
    2011/08/08 23:44:32.0484 4224 prosync1 (960bce3ed38761b446aabac06c76badf) C:\WINDOWS\system32\drivers\prosync1.sys
    2011/08/08 23:44:33.0421 4224 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2011/08/08 23:44:34.0500 4224 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2011/08/08 23:44:35.0812 4224 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    2011/08/08 23:44:42.0609 4224 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2011/08/08 23:44:44.0375 4224 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2011/08/08 23:44:46.0984 4224 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2011/08/08 23:44:49.0343 4224 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2011/08/08 23:44:52.0500 4224 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2011/08/08 23:44:55.0109 4224 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2011/08/08 23:44:57.0781 4224 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    2011/08/08 23:45:01.0453 4224 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2011/08/08 23:45:04.0859 4224 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2011/08/08 23:45:06.0671 4224 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    2011/08/08 23:45:07.0875 4224 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
    2011/08/08 23:45:09.0359 4224 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
    2011/08/08 23:45:10.0593 4224 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    2011/08/08 23:45:14.0062 4224 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2011/08/08 23:45:15.0562 4224 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
    2011/08/08 23:45:17.0484 4224 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    2011/08/08 23:45:19.0671 4224 ssmdrv (71d609c5dff067906d930bde031c4cfe) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    2011/08/08 23:45:21.0187 4224 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2011/08/08 23:45:22.0484 4224 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2011/08/08 23:45:27.0437 4224 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2011/08/08 23:45:29.0406 4224 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2011/08/08 23:45:31.0000 4224 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2011/08/08 23:45:32.0015 4224 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2011/08/08 23:45:33.0156 4224 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2011/08/08 23:45:37.0015 4224 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
    2011/08/08 23:45:39.0312 4224 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2011/08/08 23:45:43.0750 4224 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    2011/08/08 23:45:46.0281 4224 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2011/08/08 23:45:48.0015 4224 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2011/08/08 23:45:49.0750 4224 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2011/08/08 23:45:51.0640 4224 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    2011/08/08 23:45:53.0390 4224 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2011/08/08 23:45:54.0875 4224 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
    2011/08/08 23:45:55.0937 4224 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
    2011/08/08 23:45:57.0062 4224 videX32 (c8ee49fa76eb7c41a9cddfe58151a74e) C:\WINDOWS\system32\DRIVERS\videX32.sys
    2011/08/08 23:45:58.0031 4224 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
    2011/08/08 23:45:58.0921 4224 vulfnths (c9a8ba443f809b70bccccd60cc73fa5c) C:\WINDOWS\System32\Drivers\vulfnth.sys
    2011/08/08 23:46:00.0218 4224 vulfntrs (2d8c55889616f7767e9fb8adee37a02a) C:\WINDOWS\System32\Drivers\vulfntr.sys
    2011/08/08 23:46:01.0765 4224 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2011/08/08 23:46:04.0046 4224 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2011/08/08 23:46:04.0953 4224 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    2011/08/08 23:46:05.0640 4224 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    2011/08/08 23:46:06.0078 4224 X4HSX32 (aa8e4a8e7247900387309d562d392569) C:\Program Files\Player Metaboli\X4HSX32.Sys
    2011/08/08 23:46:06.0281 4224 X4HSX32Ex (9c37e802e5e0534304619583d008b36b) C:\Program Files\Player Metaboli\X4HSX32Ex.Sys
    2011/08/08 23:46:06.0453 4224 MBR (0x1B8) (11b942a40e02b08a05b50d097714d0e7) \Device\Harddisk0\DR0
    2011/08/08 23:46:06.0734 4224 Boot (0x1200) (624e7a24b8d8b279872f6af706215daf) \Device\Harddisk0\DR0\Partition0
    2011/08/08 23:46:06.0843 4224 ================================================================================
    2011/08/08 23:46:06.0843 4224 Scan finished
    2011/08/08 23:46:06.0843 4224 ================================================================================
    2011/08/08 23:46:06.0890 4180 Detected object count: 0
    2011/08/08 23:46:06.0890 4180 Actual detected object count: 0
    a c 549 8 Sécurité
    9 Août 2011 10:27:14

    Re,

    C'était une précaution vis à vis de certaines infections présente.

    Tu peux répondre à ma question maintenant ?
    Citation :
    Il va mieux le pc après la suppression des fichiers ?
    9 Août 2011 15:39:47

    salu,

    deja j'ai plus les pub qui s'affiche voila une bonne chose, maintenant le pc il rame de trop surtout au demarrage avant de pouvoir ouvrire une page internet ben tu peut attendre
    9 Août 2011 19:01:32

    maintenant les manip sont fini ? il est plus infecté c'est terminé ?
    a c 549 8 Sécurité
    9 Août 2011 23:03:46

    Re,

    Niveau infection, c'est fini oui, mais il manquera le nettoyage final des outils et du système.

    Je te met ce qu'il y a à faire, fais-le maintenant si tu veux, avant de faire le nettoyage préconisé dans mon post précédent :


    1) Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Clique sur "Purge d'outils"
  • Valide l'avertissement par "ok" et laisse le pc redémarrer.


    2) Purge de la restauration système :

    Elle contient des restes de l'infection, suis ce tuto pour la purger :

    XP :
    http://www.inforumatique.fr/la-restauration-du-systeme-...

    (Fin du tuto)



    3) Mise à jour du système et des logiciels :

    Met à jour ton système notamment Internet Explorer 8 :
    http://update.microsoft.com/microsoftupdate/v6/default....

    Met à jour les programmes suivants :
    - Java vers la version 6 update 26 (pense à supprimer les anciennes version dans ajout/suppression des programmes )
    - Adobe reader vers X (vérifie que les anciennes versions sont supprimée)



    Pour aller plus loin dans ta protection et éviter de te faire réinfecter voici quelques conseils supplémentaires :

  • Installer un parefeu en remplacement de celui de Windows XP :
    Le parefeu intégré de Windows XP n'est pas assez performant, il est intéressant de le remplacer par un parefeu plus complet, tel Zone Alarm ou Kerio par exemple ... /!\ comme les antivirus, un seul parefeu sur ton pc, pense donc à désactiver celui de Windows si tu en installes un autre !!!

  • Attention lors de l'installation de logiciel :
    Veiller à toujours lire les conditions d'utilisation (CLUF), afin de déceler la gestion des données personnelles, l'installation de sponsors publicitaires ou tout autre atteintes à la vie privée. Refuser les toolbars et autres addons proposés.

  • Utiliser un navigateur alternatif pour surfer de manière plus sécurisée :
    Firefox offre une meilleure sécurité par rapport à Internet Explorer, surtout si on le complète de quelques plugins très intéressant : Noscript et WOT par exemple.

  • Surfer sans les droits d'administration : En session limitée ou avec DropMyRight
    Cela diminue considérablement les risques d'infections, car certaines infection ne peuvent alors plus s'installer.

  • Maintenir ses logiciels et son système à jour :
    De nombreuses infections sont dû à des failles de windows, mais aussi de logiciel tiers, comme Sun Java, Adobe Acrobat Reader, etc
    Tu peux faire un scan de vulnérabilité pour connaitre tes logiciels présentant des failles non corrigées ou à mettre à jour.

    Enfin, le plus important reste ton comportement sur ton PC, tu restes la plus importante protection : Évites les comportement à risque : P2P, cracks, téléchargements et installations douteux via des pubs, les messageries instantanées, ou des sites inconnu, sites pornographiques.
    A lire !

    [:_tom_:7]
    10 Août 2011 16:21:22

    bonjour chef,

    ok je vais suivre ce que tu m'as dit, aprés tu c'est coment regler le pb du support defectueu que j'ai ? et a quoi il sert ?
    10 Août 2011 17:08:03

    y'a un pti souci mon colonel, le lien que tu m'as donné pour la purge de la restauration système mène nul part apparament il a été déplacé
    11 Août 2011 19:06:32

    re, je voulé te demandé, maintenant j'ai toujours navilog, malawarebytes et ccleaner es ce que je les efface ou il me servent encor a quelque chose chef ?
    a c 549 8 Sécurité
    11 Août 2011 19:12:47

    Re,

    Tu peux supprimer Navilog

    Tu peux conserver Malwarebyte's si tu le souhaites pour des scans occasionnels, pense à le mettre à jour avant à ce moment là.

    Ccleaner c'est pas moi qui l'ai installé je te signale :ange: 
    Donc si tu ne sais pas à quoi il te sert, tu peux virer :D 
    Sinon tu peux le garder pour faire des nettoyage du pc.

    11 Août 2011 19:16:45

    ah oui c vrai c'été dans le lien que tu m'a donné il disé de le telecharger, autant pour moi. mai sinon rien a fair avec ce p... de pc il rame toujours le mort il m'enerve a un point
    a c 549 8 Sécurité
    11 Août 2011 22:14:41

    Re,

    Seulement 10% d'espace disque libre ...

    512Mo de mémoire vive ...

    Nombreux logiciel installé/désinstallé ...

    Un peu normal qu'il rame ...


    Vois à faire un peu de place sur le DD, puis défragmente-le si tu ne l'a pas fait depuis longtemps.
    12 Août 2011 14:53:52

    le support defectueu que j'ai il y'es pour rien dans cet histoire ?
    a c 549 8 Sécurité
    12 Août 2011 18:33:33

    Re,

    ça m'étonnerais, c'est quoi ton le périphérique D: ?
    Je le vois pas sur les rapport, c'est donc un disque amovible, un DD externe, une clé usb ? Tu branches quoi d'habitude ?

    T'as vidé un peu ton DD principal ? viré les programmes inutiles, défragmenté le disque dur ?

    Y'avait beaucoup de conseil sur le tuto que je t'ai fourni.
    12 Août 2011 20:39:33

    non j'ai pas de disque dur externe j'en ai jamais branché, par contre g les entré usb qui n'ont jamais marché depuis que j'ai ce con de pc, c'est peut étre ca. tu m'étonne c'est un pc acheté chez carrefour en 2004
    a c 549 8 Sécurité
    12 Août 2011 22:19:53

    Re,

    Ben c'est un truc qui a été branché le 08 aout à 9h30 en tout cas :D  à toi de voir ... mais comme je dis, étant donné que ce n'est pas la partition principale ou système, non c'est pas ça qui ralentit.

    Fait le tuto d'optimisation, surtout nettoyage, et défragmentation.
    13 Août 2011 17:09:15

    en tout k merci bcp bcp pour ce que tu fait
    a c 549 8 Sécurité
    13 Août 2011 22:06:38

    Re,

    Tu peux indiquer ton sujet "réglé" en cliquant sur le bouton "éditer" dans ton tout premier message.
    -> Ajoute ensuite "résolu" à coté de ton titre et valide.

    Tu peux aussi, si tu le souhaites, valider une "meilleure réponse", ton sujet sera alors automatiquement marqué comme "résolu"

    A bientôt sur les forums Tom's Guide
    14 Août 2011 20:01:37

    bonjour chef,

    j'auré besoin d'une petite aide si possible, es ce que je t'écris ici ou bien j'ouvre un nouveau sujet ?
    a c 549 8 Sécurité
    14 Août 2011 21:56:46

    Bonsoir,

    c'est lié à cette désinfection ou non ?

    Si oui, continu ici, si non, ouvre un autre sujet.

    [:_tom_:7]
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS