Se connecter / S'enregistrer
Votre question

[RESOLU] Fenêtre de pub mozilla qui s'ouvre toute seule...

Tags :
  • mozilla
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Mars 2011 11:07:24

Bonjour,

J'aimerais savoir comment résoudre ce problème et savoir si je suis infecté ou non, j'ai visiter des sujets qui disait qu'il faut poster dans cette section alors voila.

Autres pages sur : resolu fenetre pub mozilla ouvre seule

8 Mars 2011 13:59:10

Bonjour

Bienvenue sur le forum

Quel genre de pub as tu ?
8 Mars 2011 17:32:34

Bonjour

Merci de ta réponse il y a certaine pub qui concerne des mmos, mais surtout... Des pubs "jouer pour gagner de l'argent", j'aime pas du tout ce genre de pub et je ne comprend pas l'ouverture de celle ci.
Contenus similaires
8 Mars 2011 18:48:40

:hello: 

On va regarder çà ensemble si tu veux fais ce qui suit

Télécharge OTL sur ton Bureau.

  • Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.
  • Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • L'écran principal de OTL s'affiche:



    (1) Si ce n'est déjà fait, dans le paragraphe Registre: Approfondi, cocher le bouton-radio Avec liste blanche

    (2) Coche (en haut) la case située devant Tous les utilisateurs

    (3) Coche également les cases à côté de Recherche Lop et Recherche purity.

    (4) Sélectionne très précisément tout ce qui est en gras avec la souris et copie/colle le contenu dans la zone Personnalisation de la fenêtre OTL


    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.dll /lockedfiles
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    iexplore.exe
    /md5stop



    (5) Puis cliquer sur le bouton Analyse

    - Laisser l'outil travailler sans l'interrompre.

  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)

    Utilise le site http://pjjoint.malekal.com/ pour envoyer tes rapports, et poste le lien dans ta prochaine réponse.
    8 Mars 2011 22:22:49

    Relance OTL.exe.

    Fais un double clic sur l'icône pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

    Sélectionne très précisément tout ce qui est dans le cadre ci dessous , avec la souris et copie le contenu dans la zone "Personnalisation" de la fenêtre OTL

    :Files
    C:\Users\yooyooss95\AppData\Roaming\Mozilla\Firefox\Profiles\avtiubf9.default\searchplugins\sweetim.xml
    C:\Users\yooyooss95\AppData\Roaming\chrtmp
    C:\Windows\SysWow64\secushr.dat
    ipconfig /flushdns /c
    :OTL
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    IE - HKU\S-1-5-21-3251966570-1238465049-2753311339-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Reg Error: Key error. File not found
    IE - HKU\S-1-5-21-3251966570-1238465049-2753311339-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Reg Error: Key error. File not found
    FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
    FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
    O2:[b]64bit:[/b] - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
    O2:[b]64bit:[/b] - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
    O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
    O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
    O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-3251966570-1238465049-2753311339-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
    O3 - HKU\S-1-5-21-3251966570-1238465049-2753311339-1000\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
    O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
    O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
    O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
    O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
    O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    :Commands
    [EmptyTemp]
    [EmptyFlash]
    [CreateRestorePoint]



    Ferme toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...).
    Déconnecte toi physiquement d'internet (le plus simple est de débrancher la prise téléphonique de ta box)
    Branche toute tes clefs USB, disques dures externes et tout autre support de stockage externe que tu as en ta possession au pc et sans les ouvrir

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler sans te servir du PC!!!!!
  • Copie et colle le rapport dans ta réponse stp
    9 Mars 2011 00:35:40

    Bonsoir

    Voici le rapport que tu m'a demandé (bien qu'un peu tardif), je vous prie de m'excusez de cela.

    Citation :
    All processes killed
    ========== FILES ==========
    C:\Users\yooyooss95\AppData\Roaming\Mozilla\Firefox\Profiles\avtiubf9.default\searchplugins\sweetim.xml moved successfully.
    C:\Users\yooyooss95\AppData\Roaming\chrtmp moved successfully.
    C:\Windows\SysWow64\secushr.dat moved successfully.
    < ipconfig /flushdns /c >
    Configuration IP de Windows
    Cache de r‚solution DNS vid‚.
    C:\Users\yooyooss95\Documents\Downloads\Programs\cmd.bat deleted successfully.
    C:\Users\yooyooss95\Documents\Downloads\Programs\cmd.txt deleted successfully.
    ========== OTL ==========
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    Registry value HKEY_USERS\S-1-5-21-3251966570-1238465049-2753311339-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ not found.
    Registry value HKEY_USERS\S-1-5-21-3251966570-1238465049-2753311339-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
    Prefs.js: "SweetIM Search" removed from browser.search.defaultenginename
    Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from browser.search.defaulturl
    Prefs.js: "SweetIM Search" removed from browser.search.selectedEngine
    Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.browser.search.defaultenginename
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-3251966570-1238465049-2753311339-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
    Registry value HKEY_USERS\S-1-5-21-3251966570-1238465049-2753311339-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
    Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\ not found.
    File {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\ not found.
    File {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    C:\Windows\msdownld.tmp folder deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: AppData

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 41620 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    User: yooyooss95
    ->Temp folder emptied: 103315561 bytes
    ->Temporary Internet Files folder emptied: 238028412 bytes
    ->Java cache emptied: 184270 bytes
    ->FireFox cache emptied: 113769424 bytes
    ->Flash cache emptied: 1148601 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 143369820 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes
    RecycleBin emptied: 437816447 bytes

    Total Files Cleaned = 990,00 mb


    [EMPTYFLASH]

    User: All Users

    User: AppData

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Public

    User: yooyooss95
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb

    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.22.3 log created on 03092011_002712

    Files\Folders moved on Reboot...
    C:\Users\yooyooss95\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File\Folder C:\Windows\temp\kls914D.tmp not found!

    Registry entries deleted on Reboot...

    9 Mars 2011 06:39:30

    Bonjour BloodBlack

    Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.



  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :



  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".
  • Afin de lancer la recherche, clic sur " Rechercher ".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
  • Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
  • Si des infections sont présentes, clic sur "Afficher les résultats"
    puis sur "Supprimer la sélection".

    Enregistre le rapport sur ton Bureau.
  • Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.


    Télécharge Security Check by screen317 ICI ou ICI sur le bureau.
    Double-clique sur SecurityCheck.exe et suis les instructions à l'écran à l'intérieur de la boîte noire.
    Un document du Bloc-notes doit s'ouvrir checkup.txt
    Poste moi le contenu de ce document.
    Ferme Security Check
    9 Mars 2011 13:41:26

    Bonjour hackinginter, j'espère que vous allez bien

    Alors voici les 2 rapports que vous m'avez demandé :

    MalwareByte's :

    Citation :
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 5997

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    09/03/2011 13:33:24
    mbam-log-2011-03-09 (13-33-24).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 156801
    Temps écoulé: 6 minute(s), 12 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\yooyooss95\AppData\Roaming\Windows 7 Loader.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.


    Le rapport SecurityCheck :

    Citation :
    Results of screen317's Security Check version 0.99.9
    Windows 7 (UAC is enabled)
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:

    Kaspersky Internet Security 2011
    WMI entry may not exist for antivirus; attempting automatic update.
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    Malwarebytes' Anti-Malware
    Java(TM) 6 Update 21
    Out of date Java installed!
    Adobe Flash Player 10.2.152.32
    Adobe Reader 9.4.0 - Français
    Out of date Adobe Reader installed!
    Mozilla Firefox (3.6.15)
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
    Kaspersky Lab Kaspersky Internet Security 2011 x64 klwtblfs.exe
    ``````````End of Log````````````
    9 Mars 2011 13:57:53

    [:_sebastien_:5]

    Citation :
    Bonjour hackinginter, j'espère que vous allez bien

    Oui merci et toit , tu peux me tutoyer tu sais il n'y a aucun problème!

    Maintenant comment se comporte ton PC ? Toujours des pubs ?

    9 Mars 2011 14:19:33

    Je doit avouer que c'est surprenant, je n'est reçu aucune pub depuis et je dirait même que mon pc et 2x plus rapide.

    Je te dit un gros merci pour ton aide et ta patiente, elle a été précieuse et rapide, continue comme sa.

    J'en profite aussi pour remercier toute l'équipe du forum qui aide toutes les personnes qui sont dans le besoin et avec une rapidité plus que satisfaisante.

    Cordialement Bloodblack.
    9 Mars 2011 15:33:15

    :hello:  BloodBlack

    Ton PC n'est plus plus infecté après avoir fais ce qui suit:


  • Double clique sur OTL.exe et clique sur le bouton purge outils
    Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • OTL va supprimer tous les logiciels qu'on a utilisés et faire redémarrer ton ordinateur.

    Rends toi sur cette page : http://www.java.com/fr/download/installed.jsp

    Clique sur le bouton "Vérifier l'installation" . Un message va t'avertir que ta version est dépassée et te proposer de télécharger la dernière.Installe la : c'est la version J2SE Runtime Environnement 6 Update 23puis désinstalle ton ancienne version (passe par Ajouter/Supprimer des programmes du Panneau de configuration).


    Télécharge Acrobat Reader sur ton bureau!!!!!

    Avant de l'installer décoche la case Inclure dans votre téléchargement


    Ensuite Tu vas dans Démarrer/Paramètres/Panneau de configuration/Ajout Suppression des programmes
    Et tu vas Supprimer toutes les autres versions

    Il faut toujours mettre à jour Internet Explorer. : IE 8 Même si tu utilises Firefox

    Il faut modifier tous les mots de passe importants.
    De nos jours, la plupart des nuisibles sont créés dans le seul but de voler des informations personnelles et/ou des mots de passe.
    Je te conseille de modifier tous les mots de passe importants comme ceux concernant la banque, les sites marchands, les réseaux sociaux, etc...
    Il est très important de créer des mots de passe solides et d'utiliser un mot de passe différent pour chaque site.

    Il faut sécuriser Firefox: Certaines extensions me semblent presque indispensables:

    Adblock Plus https://addons.mozilla.org/fr/firefox/addon/1865
    NoScript https://addons.mozilla.org/fr/firefox/addon/722
    WOT https://addons.mozilla.org/fr/firefox/addon/3456

    Proscrire l'utilisation de cracks, keygens et autres warez!
    Proscrire l'utilisation de P2P illicite!
    Azureus, BitTorrent, uTorrent:

    BloodBlack Peux tu Ajouter [Résolu] au titre. Pour cela :
    Clique, sur ton premier message, sur le bouton "Editer"
    Rajoute la mention [RESOLU] à ton titre
    Clique ensuite sur "Valider votre message"

    Ce fut un plaisir de bosser avec toi Il ne me reste plus qu'à te souhaiter une bonne fin de journée et un bon surf!!!!




    9 Mars 2011 16:44:58

    J'ai éditer mon message du début et installer tout ce que tu m'a dit Hackinginterdit, encore une fois merci.

    Je te souhaite bon courage et bonne continuation ainsi qu'une bonne journée et sans doute a bientôt en cas de nouveau problème. ^^

    En attendant .
    4 Août 2011 09:45:04

    Bonjour hackinginter,
    Mon mozilla firefox s'ouvre aussi tout seul en m'imposant une page de put... de pub, voici mes rapports : si tu peux m'aider, merci.

    OTL logfile created on: 04/08/2011 09:21:38 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\richard\Bureau
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    958,48 Mb Total Physical Memory | 375,16 Mb Available Physical Memory | 39,14% Memory free
    1,51 Gb Paging File | 1,06 Gb Available in Paging File | 70,00% Paging File free
    Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 186,30 Gb Total Space | 128,95 Gb Free Space | 69,22% Space Free | Partition Type: NTFS

    Computer Name: ATHENA | User Name: richard | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/08/04 09:09:56 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\richard\Bureau\OTL.exe
    PRC - [2011/07/11 15:36:20 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2011/04/14 13:40:06 | 000,663,168 | ---- | M] (PCTuto) -- C:\Documents and Settings\richard\Application Data\PCtuto\UpdatePCTuto\autoupdater.exe
    PRC - [2011/04/14 13:40:04 | 000,982,656 | ---- | M] (PCTUTO) -- C:\Program Files\PCTuto\pctuto.exe
    PRC - [2010/11/21 14:22:55 | 000,036,864 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2008/09/19 07:30:34 | 003,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
    PRC - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
    PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe
    PRC - [2006/06/26 11:33:32 | 000,243,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
    PRC - [2006/06/26 10:46:04 | 000,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/08/04 09:09:56 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\richard\Bureau\OTL.exe
    MOD - [2010/11/21 14:22:27 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\richard\Local Settings\Temp\IadHide5.dll
    MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
    MOD - [2006/06/26 11:33:42 | 000,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
    SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
    SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
    SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
    SRV - [2006/06/26 11:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
    SRV - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)


    ========== Driver Services (SafeList) ==========

    DRV - [2010/09/07 19:20:56 | 006,141,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
    DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
    DRV - [2006/06/26 11:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
    DRV - [2006/06/26 11:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
    DRV - [2006/06/26 11:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
    DRV - [2006/06/23 00:29:46 | 000,038,960 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
    DRV - [2006/06/23 00:29:30 | 000,293,808 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
    DRV - [2006/06/16 22:09:48 | 001,611,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-1177238915-1078145449-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?hl=fr
    IE - HKU\S-1-5-21-1177238915-1078145449-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: "SearchElf 1.2 Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT276972...{searchTerms}"
    FF - prefs.js..browser.search.selectedEngine: "SearchElf 1.2 Customized Web Search"
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: {f4e6547e-325b-403c-a3bb-ad29ed37a92f}:3.3.3.2
    FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
    FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT276972..."
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\neteller.desktop@klipfolio: C:\Program Files\NETELLER app\plugins\Firefox\neteller\ [2010/12/28 12:21:51 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/11 15:36:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/03 09:17:41 | 000,000,000 | ---D | M]

    [2010/12/21 12:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\richard\Application Data\Mozilla\Extensions
    [2011/08/01 10:04:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions
    [2010/12/23 11:21:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/07/11 15:39:52 | 000,000,000 | ---D | M] (SearchElf 1.2 Community Toolbar) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f}
    [2011/03/25 11:28:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions\engine@conduit.com
    [2011/08/01 10:04:20 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions\plugin@yontoo.com
    [2010/11/23 13:14:58 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\searchplugins\conduit.xml
    [2010/12/21 12:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    File not found (No name found) --
    [2010/10/03 20:04:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2011/07/11 15:36:20 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2011/05/06 13:17:03 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2011/05/06 13:17:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2011/05/06 13:17:03 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/05/06 13:17:03 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2011/05/06 13:17:03 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2011/05/06 13:17:03 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2011/08/02 22:46:37 | 000,436,274 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 15016 more lines...
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Internet Explorer Form-Fill Plug-In) - {5425B4B8-87F9-4E9C-8B51-8AABA82EBA64} - C:\Program Files\NETELLER app\plugins\IE\Neteller.dll (NEOVIA Financial® Plc.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
    O3 - HKU\S-1-5-21-1177238915-1078145449-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [autoupdater] C:\Documents and Settings\richard\Application Data\PCtuto\UpdatePCTuto\autoupdater.exe (PCTuto)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
    O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
    O4 - HKLM..\Run: [PCTuto] C:\Program Files\PCTuto\pctuto.exe (PCTUTO)
    O4 - HKU\S-1-5-21-1177238915-1078145449-682003330-1004..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
    O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1177238915-1078145449-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1177238915-1078145449-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra Button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - File not found
    O9 - Extra 'Tools' menuitem : PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - File not found
    O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe (PokerStars)
    O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
    O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/direc... (Shockwave ActiveX Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} https://plugins.valueactive.eu/flashax/iefax.cab (Flash Casino Helper Control)
    O18 - Protocol\Handler\bw+0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw+0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw-0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw00 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw00s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw-0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw10 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw10s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw20 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw20s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw30 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw30s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw40 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw40s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw50 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw50s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw60 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw60s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw70 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw70s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw80 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw80s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw90 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bw90s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwa0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwa0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwb0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwb0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwc0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwc0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwd0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwd0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwe0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwe0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwf0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwf0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwg0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwg0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwh0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwh0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwi0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwi0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwj0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwj0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwk0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwk0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwl0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwl0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwm0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwm0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwn0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwn0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwo0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwo0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwp0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwp0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwq0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwq0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwr0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwr0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bws0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bws0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwt0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwt0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwu0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwu0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwv0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwv0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bww0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bww0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwx0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwx0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwy0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwy0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwz0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\bwz0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\offline-8876480 {9759971F-D5C9-4649-97F0-D0CCD3FB1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/10/03 17:51:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - File not found
    NetSvcs: HidServ - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/08/04 09:09:49 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\richard\Bureau\OTL.exe
    [2011/08/04 08:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\richard\Application Data\Systweak
    [2011/08/04 08:56:31 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
    [2011/08/03 09:17:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2011/08/02 12:13:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\richard\Recent
    [2011/08/02 08:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
    [2011/08/02 08:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [2011/08/01 10:04:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Pool Sharks Game
    [2011/08/01 10:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Runtime
    [2011/08/01 10:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
    [2011/08/01 10:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PCTuto
    [2011/08/01 10:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\richard\Application Data\PCtuto
    [2011/08/01 10:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\PCTuto
    [2011/08/01 10:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\richard\Local Settings\Application Data\PCTuto
    [2011/07/30 08:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\richard\Application Data\Malwarebytes
    [2011/07/30 08:45:41 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/07/30 08:45:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
    [2011/07/30 08:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/07/30 08:45:36 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011/07/30 08:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/07/22 09:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Full Tilt Poker.Fr
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/08/04 09:09:56 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\richard\Bureau\OTL.exe
    [2011/08/04 08:35:17 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2011/08/04 08:34:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/08/04 01:31:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011/08/02 22:46:37 | 000,436,274 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2011/08/02 21:46:41 | 000,000,250 | -HS- | M] () -- C:\boot.ini
    [2011/08/02 09:26:04 | 000,436,274 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110802-224637.backup
    [2011/08/02 09:18:32 | 000,000,675 | ---- | M] () -- C:\WINDOWS\wininit.ini
    [2011/08/02 08:33:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/08/01 10:04:26 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Pool Sharks.lnk
    [2011/08/01 10:04:18 | 005,587,112 | ---- | M] () -- C:\Documents and Settings\richard\Mes documents\PoolSharksInstaller.exe
    [2011/07/30 10:15:26 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\richard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/07/30 10:00:25 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\richard\Bureau\partage.lnk
    [2011/07/28 11:14:42 | 000,000,473 | ---- | M] () -- C:\Documents and Settings\richard\Bureau\Metronome.lnk
    [2011/07/25 23:27:50 | 000,000,624 | ---- | M] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\adsl TV.lnk
    [2011/07/22 09:18:24 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Full Tilt Poker.Fr.lnk
    [2011/07/15 03:19:16 | 000,135,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/07/07 13:26:14 | 000,017,280 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
    [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/08/02 09:18:30 | 000,000,675 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2011/08/01 10:04:26 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Pool Sharks.lnk
    [2011/08/01 10:03:58 | 005,587,112 | ---- | C] () -- C:\Documents and Settings\richard\Mes documents\PoolSharksInstaller.exe
    [2011/07/28 11:14:42 | 000,000,473 | ---- | C] () -- C:\Documents and Settings\richard\Bureau\Metronome.lnk
    [2011/07/22 09:18:24 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Full Tilt Poker.Fr.lnk
    [2010/12/21 12:58:50 | 000,000,065 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
    [2010/12/21 12:18:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2010/12/16 01:11:19 | 000,000,268 | ---- | C] () -- C:\WINDOWS\_delis32.ini
    [2010/12/16 01:11:18 | 000,001,039 | ---- | C] () -- C:\WINDOWS\_isenv31.ini
    [2010/12/16 01:11:18 | 000,000,521 | ---- | C] () -- C:\WINDOWS\_iserr31.ini
    [2010/12/15 13:19:32 | 000,000,026 | ---- | C] () -- C:\WINDOWS\neosetup.INI
    [2010/11/21 18:28:50 | 000,022,334 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2010/11/21 14:22:44 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
    [2010/11/06 18:07:34 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\UnCasinoV5_FRA.exe
    [2010/11/01 19:07:46 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\richard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/10/28 22:48:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2010/10/28 22:48:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
    [2010/10/28 22:48:49 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2010/10/28 22:48:49 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2010/10/28 22:48:48 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2010/10/03 20:05:06 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/10/03 19:35:47 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2010/10/03 19:34:30 | 000,135,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/10/03 17:54:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2010/10/03 17:47:57 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
    [2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
    [2006/06/26 11:33:40 | 000,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
    [2006/04/28 16:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
    [2006/03/02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2006/03/02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2006/03/02 14:00:00 | 000,500,900 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
    [2006/03/02 14:00:00 | 000,432,492 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2006/03/02 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
    [2006/03/02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2006/03/02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2006/03/02 14:00:00 | 000,080,748 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
    [2006/03/02 14:00:00 | 000,067,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2006/03/02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2006/03/02 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
    [2006/03/02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2006/03/02 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2006/03/02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2006/03/02 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2006/03/02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

    ========== LOP Check ==========

    [2010/10/03 18:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2010/11/17 14:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
    [2010/11/20 11:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
    [2010/11/20 11:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
    [2011/08/01 10:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
    [2011/04/15 14:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2011/02/02 14:06:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TeamViewer
    [2011/01/12 01:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\Camfrog
    [2011/04/04 18:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\gtk-2.0
    [2010/11/11 18:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\MSNInstaller
    [2011/02/02 13:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\NETELLER app
    [2010/10/28 23:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\OpenOffice.org
    [2011/08/01 10:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\PCtuto
    [2011/08/04 09:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\Systweak
    [2011/02/02 13:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\TeamViewer
    [2011/03/31 06:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2010/10/03 17:51:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2011/08/02 21:46:41 | 000,000,250 | -HS- | M] () -- C:\boot.ini
    [2006/03/02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
    [2010/10/03 17:51:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2010/11/06 18:07:50 | 000,000,132 | ---- | M] () -- C:\ICSYSINF.log
    [2010/10/03 17:51:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/11/21 18:29:03 | 000,001,590 | ---- | M] () -- C:\lvcoinst.log
    [2010/10/03 17:51:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2006/03/02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2010/11/02 17:31:51 | 000,252,240 | RHS- | M] () -- C:\ntldr
    [2011/08/04 08:34:35 | 704,643,072 | -HS- | M] () -- C:\pagefile.sys

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >
    [2010/10/03 19:33:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
    [2010/10/03 19:33:38 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
    [2010/10/03 19:33:38 | 000,421,888 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >
    [1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

    < %systemroot%\system32\*.dll /lockedfiles >
    [3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-15 01:03:19


    < MD5 for: EXPLORER.EXE >
    [2006/03/02 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
    [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

    < MD5 for: IEXPLORE.EXE >
    [2006/03/02 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=385D1644E676C96EB07848ADA63E37FA -- C:\WINDOWS\ie8\iexplore.exe
    [2008/04/14 04:34:06 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=3D3C316BD1E112F3B9C532D8B9939BDC -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
    [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
    [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe

    < MD5 for: SVCHOST.EXE >
    [2006/03/02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=2979B03D5382A602623C0535B16AB9C0 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
    [2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
    [2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe

    < MD5 for: USERINIT.EXE >
    [2006/03/02 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
    [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
    [2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

    < MD5 for: WINLOGON.EXE >
    [2006/03/02 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
    [2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C946DB94
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CEFE51A

    < End of report >


    OTL Extras logfile created on: 04/08/2011 09:21:38 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\richard\Bureau
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    958,48 Mb Total Physical Memory | 375,16 Mb Available Physical Memory | 39,14% Memory free
    1,51 Gb Paging File | 1,06 Gb Available in Paging File | 70,00% Paging File free
    Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 186,30 Gb Total Space | 128,95 Gb Free Space | 69,22% Space Free | Partition Type: NTFS

    Computer Name: ATHENA | User Name: richard | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_USERS\S-1-5-21-1177238915-1078145449-682003330-1004\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\adslTV\adsltv.exe" = C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsl TV (EXE) -- (adsl TV / FM)
    "C:\Program Files\adslTV\VLC\vlc.exe" = C:\Program Files\adslTV\VLC\vlc.exe:*:Enabled:adsl TV (VLC) -- ()
    "C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
    "C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
    "C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:p innacle VideoSpin -- (Pinnacle Systems)
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2
    "{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
    "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 23
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{34785AD0-6276-11DF-A08A-0800200C9A66}" = Full Tilt Poker.Fr
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV
    "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}" = UMVPLStandalone
    "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
    "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français
    "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
    "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
    "{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
    "{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}" = Logitech QuickCam
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "ATI Display Driver" = ATI Display Driver
    "avast5" = avast! Free Antivirus
    "BillardGL 1.75" = BillardGL 1.75
    "bwin Poker_is1" = bwin Poker
    "CCleaner" = CCleaner
    "Eurosport Poker_is1" = Eurosport Poker
    "Everest Poker.fr" = Everest Poker.fr (Remove Only)
    "Guitar Pro 5_is1" = Guitar Pro 5.0
    "ie8" = Windows Internet Explorer 8
    "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NETELLER app" = NETELLER app (remove only)
    "PartyPokerFr" = PartyPoker.fr
    "PCTuto Avast_is1" = PCTuto Avast 2.0
    "PCTuto_is1" = PCTuto 2.0
    "PokerStars.fr" = PokerStars.fr
    "Pool Sharks" = Pool Sharks 2.1
    "QcDrv" = Programme de gestion Camera de Logitech®
    "UpdatePCTuto_is1" = UpdatePCTuto 2.0
    "VLC media player" = VLC media player 1.1.9
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "Windows XP Service" = Windows XP Service Pack 3
    "WinGimp-2.0_is1" = GIMP 2.6.11
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 02/01/2011 07:58:59 | Computer Name = ATHENA | Source = Windows Live Messenger | ID = 1000
    Description =

    Error - 07/01/2011 13:54:09 | Computer Name = ATHENA | Source = MsiInstaller | ID = 11606
    Description = Produit : Win Palace Euro Casino French -- Erreur 1606. Impossible
    d'accéder à l'emplacement réseau http://download.realtimegaming.com/cdn/winpalaceeurofr/....

    Error - 26/01/2011 09:01:05 | Computer Name = ATHENA | Source = Application Error | ID = 1000
    Description = Application défaillante pprekop.exe, version 4.2.0.172, module défaillant
    ole32.dll, version 5.1.2600.2182, adresse de défaillance 0x10017bed.

    Error - 27/02/2011 07:53:28 | Computer Name = ATHENA | Source = EventSystem | ID = 4614
    Description = Le système d'événements de COM+ a détecté une incohérence dans son
    état interne. Échec de l'assertion "GetLastError() == 122L" à la ligne 162 de d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
    Contactez les services du Support Technique Microsoft pour signaler cette erreu

    Error - 27/02/2011 07:53:33 | Computer Name = ATHENA | Source = EventSystem | ID = 4614
    Description = Le système d'événements de COM+ a détecté une incohérence dans son
    état interne. Échec de l'assertion "GetLastError() == 122L" à la ligne 162 de d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
    Contactez les services du Support Technique Microsoft pour signaler cette erreu

    Error - 03/04/2011 05:10:26 | Computer Name = ATHENA | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 25/04/2011 14:32:25 | Computer Name = ATHENA | Source = Application Hang | ID = 1002
    Description = Application bloquée casino.exe, version 1.0.0.1, module bloqué hungapp,
    version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 25/04/2011 14:32:25 | Computer Name = ATHENA | Source = Application Hang | ID = 1002
    Description = Application bloquée casino.exe, version 1.0.0.1, module bloqué hungapp,
    version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 18/05/2011 22:40:56 | Computer Name = ATHENA | Source = Application Hang | ID = 1002
    Description = Application bloquée casino.exe, version 1.0.0.1, module bloqué hungapp,
    version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 18/05/2011 22:40:57 | Computer Name = ATHENA | Source = Application Hang | ID = 1002
    Description = Application bloquée casino.exe, version 1.0.0.1, module bloqué hungapp,
    version 0.0.0.0, adresse de blocage 0x00000000.

    [ System Events ]
    Error - 02/08/2011 02:37:08 | Computer Name = ATHENA | Source = DCOM | ID = 10000
    Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}
    n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :
    "C:\Program Files\Messenger\msmsgs.exe" -Embedding

    Error - 02/08/2011 10:27:32 | Computer Name = ATHENA | Source = DCOM | ID = 10000
    Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}
    n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :
    "C:\Program Files\Messenger\msmsgs.exe" -Embedding

    Error - 02/08/2011 11:52:33 | Computer Name = ATHENA | Source = DCOM | ID = 10000
    Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}
    n'est pas possible. L'erreur : "%2" s'est produ
    a c 548 8 Sécurité
    4 Août 2011 10:30:02

    Bonjour,

    @rory53 : merci d'ouvrir ton propre sujet, en désinfection, un seul sujet par souci.

    [:_tom_:7]
    4 Août 2011 15:09:46

    Ok
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS