Se connecter / S'enregistrer
Votre question

PC ralenti

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Mai 2011 19:57:15

Bonjour,

Depuis quelques semaines mon ordinateur me semble plus lent, avec quelquefois des moment ou il reste figé.
De plus dans le gestionnaire de tâches, dans l'onglet performances l'utilisation de l'UC est souvent avec des pics rouges.
Ne s'agirait-il pas d'un virus ou cheval de troie ( bien que j'ai effectué une analyse avec Avira et Malware's bytes) ou bien d'un problème de conflit matériel ou logiciel?

Ma config : Windws XP Pack 3,
AMD Phenom 9950 Quad core
Processor
2.61GHz 3.25Go de Ram

Merci d'avance pour votre aide.

Je joins le rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:47:21, on 21/05/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\devolo\dlan\devolonetsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Serveur Media\TwonkyMediaServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\ERIC\Mes documents\Downloads\Programs\OTL.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\Host\Hoster.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\Host\Hoster.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\addfavorites_html\addfavorites.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html
O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html
O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html
O8 - Extra context menu item: orange.fr - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\orange_html\orange.html
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html
O8 - Extra context menu item: traduire la page - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\translate_html\translate.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://logicielsgratuits.orange.fr
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx...
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: devolo Network Service (DevoloNetworkService) - Unknown owner - C:\Program Files\devolo\dlan\devolonetsvc.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Serveur Média - PacketVideo - C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10463 bytes



Et le rapport OTL logfiles :

OTL Extras logfile created on: 21/05/2011 19:46:21 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\ERIC\Mes documents\Downloads\Programs
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 70,00 Gb Free Space | 23,48% Space Free | Partition Type: NTFS
Drive H: | 37,26 Gb Total Space | 17,31 Gb Free Space | 46,46% Space Free | Partition Type: NTFS
Drive K: | 232,83 Gb Total Space | 161,85 Gb Free Space | 69,52% Space Free | Partition Type: FAT32

Computer Name: MAISON | User Name: ERIC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:p ro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"C:\Program Files\SEGA\Vancouver 2010\Vancouver.exe" = C:\Program Files\SEGA\Vancouver 2010\Vancouver.exe:*:Enabled:Vancouver 2010™ -- (SEGA)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application
"C:\Program Files\Call of Duty - World at War\CoDWaW.exe" = C:\Program Files\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop
"C:\Program Files (x86)\Ubisoft\Assassin's Creed II\server.exe" = C:\Program Files (x86)\Ubisoft\Assassin's Creed II\server.exe:*:Enabled:server -- ()
"C:\Documents and Settings\ERIC\Local Settings\Temp\ServerTemp\server.exe" = C:\Documents and Settings\ERIC\Local Settings\Temp\ServerTemp\server.exe:*:Enabled:server
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II -- ()
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update -- (Ubisoft)
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay -- (Ubisoft Entertainment)
"C:\Program Files\Ubisoft\Assassin's Creed II\server.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\server.exe:*:Enabled:ServerEmuUbi -- ()
"C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe" = C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum -- (Rocksteady Studios Ltd)
"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe" = C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11 -- (Electronic Arts)
"C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:p ro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe" = C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter -- (Cyanide)
"H:\Program Files\Cyanide\Pro Cycling Manager - Saison 2010\PCM.exe" = H:\Program Files\Cyanide\Pro Cycling Manager - Saison 2010\PCM.exe:*:Enabled:p ro Cycling Manager - Saison 2010
"H:\Program Files\Cyanide\Pro Cycling Manager - Saison 2010\Autorun\Exe\Autorun.exe" = H:\Program Files\Cyanide\Pro Cycling Manager - Saison 2010\Autorun\Exe\Autorun.exe:*:Enabled:p ro Cycling Manager - Saison 2010 - Autorun
"F:\fscommand\CKSocketServer.exe" = F:\fscommand\CKSocketServer.exe:*:Enabled:Socket Server
"C:\Program Files\Serveur Media\bgtrans.exe" = C:\Program Files\Serveur Media\bgtrans.exe:*:Enabled:${BGTRANS_NAME} -- ()
"C:\Program Files\Gigabyte\EasySaver\UpdExe.exe" = C:\Program Files\Gigabyte\EasySaver\UpdExe.exe:*:Enabled:Exe File -- (GIGABYTE)
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe" = C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe:*:Enabled:Assassin's Creed Brotherhood -- ()
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe" = C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer -- ()
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe" = C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe:*:Enabled:Assassin's Creed Brotherhood Update -- ()
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe" = C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe:*:Enabled:Assassin's Creed Brotherhood Uplay -- (Ubisoft Entertainment)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe" = C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe:*:Enabled:Serveur Média -- (PacketVideo)
"C:\Program Files\Serveur Media\TwonkyMediaServer.exe" = C:\Program Files\Serveur Media\TwonkyMediaServer.exe:*:Enabled:TwonkyMediaServer -- ()
"C:\Program Files\devolo\dlan\devolonetsvc.exe" = C:\Program Files\devolo\dlan\devolonetsvc.exe:*:Enabled:D evolo dLAN Cockpit -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0205.1
"{0810B8B7-7539-41D3-983E-6127FCF1CC9E}" = Ma-Config.com
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B82C69D-4B84-475A-9428-8B67BE355EAC}_is1" = Runaway A Twist of Fate
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0CB3C2C3-B85A-54BD-7505-E23F9B4990DA}" = Catalyst Control Center Graphics Previews Common
"{0ED98038-0885-F902-C419-669ADE471A46}" = ATI Stream SDK v2 Developer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{174EFB0F-7B99-BBAA-A088-BC4299C27F29}" = ccc-utility
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF7993C-23B1-4C91-B1F6-09D13C57A06A}_is1" = VirtualDub 1.9.6 Fr
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2FB2169F-04D8-FFC0-6A66-80EE652B93A5}" = Catalyst Control Center InstallProxy
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6B54EF-65E4-4624-8709-03A3BBE2C240}" = e-Carte Bleue LCL
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer
"{6291FC10-FDF0-4022-A1A5-710C728D49C2}" = Vancouver 2010
"{636E72A3-14A0-2E69-83A7-7E7355D8DEB4}" = Catalyst Control Center
"{675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1" = AC2 server emulator 0.44 by Dormine
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A69D94E-C569-4154-9643-72E94D1DDFDA}" = XPS Essentials Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7172F1-66F1-603F-7E54-35EBB9F6E2EC}" = dLAN Cockpit
"{9B700657-676B-4A98-8B25-40A1BAC81036}" = Nero 8 Essentials
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9F5DF7FC-3AF2-4502-9084-F62FC00A5A3F}" = Microsoft Xbox 360 Accessories 1.1
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A808BAF0-FC27-A3FB-82AB-A34155EF4E1E}" = ATI Catalyst Install Manager
"{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Français
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{BA3A1639-A2BA-4DEE-C492-1DA0835D5CC1}" = Catalyst Control Center InstallProxy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEA7AB47-1FDF-4348-BDBB-758D05FF74AA}" = Oxemis Video Library
"{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}" = LauncherMA
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5A31DDC-157A-4DD7-9B5C-C692A06F61FD}" = Prison Break
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.1.0" = Orange Installeur version 1.2.1.0
"{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.2.0" = OrangeInstaller version 1.2.2.0
"{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1" = VirtualDub Plugin Pack 1.0.0.6 Fr
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF085502-798E-A616-24A3-776CF6DEFB0F}" = CCC Help English
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
"DJ Mix Lite" = DJ Mix Lite
"dlancockpit" = devolo dLAN Cockpit
"DVD Decrypter 3.5.4.0 Fr" = DVD Decrypter 3.5.4.0 Fr
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8_is1" = DVDFab 8.0.0.5 (25/08/2010)
"DVDFab HD Decrypter 4_is1" = DVDFab HD Decrypter 4.1.2.0
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Enregistrement utilisateur de Canon MG5200 series" = Enregistrement utilisateur de Canon MG5200 series
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Free Video Converter_is1" = Free Video Converter V 2.91
"GameCenter_is1" = GameCenter 1.3.0.5
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"LameACM" = Lame ACM MP3 Codec
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Media Player" = Media Player
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mise à jour 1.05 1.05" = Mise à jour 1.05 1.05
"MKVtoolnix" = MKVtoolnix 4.1.1
"Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neffy" = Neffy 1,3,29,0
"Orange WebTV Player_is1" = Orange WebTV Player 1.29418
"Pochette Express 2" = Pochette Express 2
"PROPLUS" = Microsoft Office Professional Plus 2007
"PunkBusterSvc" = PunkBuster Services
"Ri4m v5.0.1d" = Ri4m v5.0.1d
"Satsuki Decoder Pack" = Satsuki Decoder Pack
"TwonkyMediaServeur Média" = Serveur Média
"Vidéo Futur" = Désinstallation du Vidéo Futur Video Manager
"VLC media player" = VideoLAN VLC media player 0.8.6b
"Wdf01001" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.1
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = Logiciel d'archivage WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEP" = XPS Essentials Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Orange Inside" = Orange Inside
"PhotoFiltre" = PhotoFiltre

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24/01/2011 11:25:25 | Computer Name = MAISON | Source = Application Error | ID = 1000
Description = Application défaillante TwonkyMediaServer.exe, version 0.0.0.0, module
défaillant TwonkyMediaServer.exe, version 0.0.0.0, adresse de défaillance 0x000d53ec.

Error - 30/01/2011 13:09:33 | Computer Name = MAISON | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3989, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 06/02/2011 13:16:12 | Computer Name = MAISON | Source = Application Error | ID = 1000
Description = Application défaillante vlc.exe, version 0.8.6.0, module défaillant
libmkv_plugin.dll, version 0.0.0.0, adresse de défaillance 0x00009817.

Error - 12/02/2011 13:04:29 | Computer Name = MAISON | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update...;
avec l'erreur : Une erreur interne de chaînage des certificats s'est produite.

Error - 13/02/2011 06:30:22 | Computer Name = MAISON | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update...;
avec l'erreur : Une erreur interne de chaînage des certificats s'est produite.

Error - 13/02/2011 13:15:17 | Computer Name = MAISON | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3989, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 13/02/2011 13:15:18 | Computer Name = MAISON | Source = Application Error | ID = 1000
Description = Application défaillante plugin-container.exe, version 1.9.2.3989,
module défaillant ntdll.dll, version 5.1.2600.6055, adresse de défaillance 0x0000100b.

Error - 25/02/2011 09:59:05 | Computer Name = MAISON | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3989, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 08/03/2011 14:15:33 | Computer Name = MAISON | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update...;
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 13/03/2011 11:42:30 | Computer Name = MAISON | Source = Application Error | ID = 1000
Description = Application défaillante ati2evxx.exe, version 6.14.10.4228, module
défaillant ntdll.dll, version 5.1.2600.6055, adresse de défaillance 0x00010717.

[ System Events ]
Error - 16/05/2011 02:43:12 | Computer Name = MAISON | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Carte de performance WMI.

Error - 16/05/2011 02:43:13 | Computer Name = MAISON | Source = Service Control Manager | ID = 7000
Description = Le service Carte de performance WMI n'a pas pu démarrer en raison
de l'erreur : %%1053

Error - 17/05/2011 16:54:46 | Computer Name = MAISON | Source = SideBySide | ID = 16842810
Description = Erreur de syntaxe dans le fichier manifeste ou le fichier de stratégie
"C:\Program Files\Fichiers communs\Nero\AudioPlugins\msa.dll" à la ligne 9.

Error - 17/05/2011 16:54:46 | Computer Name = MAISON | Source = SideBySide | ID = 16842811
Description = Generate Activation Context a échoué pour C:\Program Files\Fichiers
communs\Nero\AudioPlugins\msa.dll. Message d'erreur de référence : Opération réussie.
.

Error - 17/05/2011 16:54:46 | Computer Name = MAISON | Source = SideBySide | ID = 16842810
Description = Erreur de syntaxe dans le fichier manifeste ou le fichier de stratégie
"C:\Program Files\Fichiers communs\Nero\AudioPlugins\MSAxp.dll" à la ligne 9.

Error - 17/05/2011 16:54:46 | Computer Name = MAISON | Source = SideBySide | ID = 16842811
Description = Generate Activation Context a échoué pour C:\Program Files\Fichiers
communs\Nero\AudioPlugins\MSAxp.dll. Message d'erreur de référence : Opération réussie.
.


< End of report >


Autres pages sur : ralenti

a c 267 8 Sécurité
21 Mai 2011 20:29:20

Bonjour,

Malwarebytes' Anti-Malware est installé, l'as-tu utilisé récemment ?
21 Mai 2011 20:32:55

Bonjour,

oui il est installé et la dernière analyse doit dater de 15 jours environ.
Contenus similaires
a c 267 8 Sécurité
21 Mai 2011 20:45:06

Ok, mets-le à jour et fais un examen rapide.
21 Mai 2011 20:59:10

Résultat de l'examen :
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6634

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21/05/2011 20:55:02
mbam-log-2011-05-21 (20-55-02).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 176436
Temps écoulé: 7 minute(s), 33 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
a c 267 8 Sécurité
21 Mai 2011 21:16:47

Peux-tu me donner le rapport OTL ?
21 Mai 2011 21:18:56

Avec quels paramètres, STP ?
Analyse rapide ?
21 Mai 2011 22:02:08

Voilà le rapport :


OTL logfile created on: 21/05/2011 21:51:19 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\ERIC\Mes documents\Downloads\Programs
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 71,75 Gb Free Space | 24,07% Space Free | Partition Type: NTFS
Drive H: | 37,26 Gb Total Space | 17,31 Gb Free Space | 46,46% Space Free | Partition Type: NTFS
Drive K: | 232,83 Gb Total Space | 161,85 Gb Free Space | 69,52% Space Free | Partition Type: FAT32

Computer Name: MAISON | User Name: ERIC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/21 19:46:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ERIC\Mes documents\Downloads\Programs\OTL.exe
PRC - [2011/04/27 19:12:01 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/14 18:47:17 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/02 21:28:44 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/12/14 23:47:22 | 000,501,336 | ---- | M] (PacketVideo) -- C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe
PRC - [2010/12/14 23:47:20 | 001,451,608 | ---- | M] () -- C:\Program Files\Serveur Media\twonkymediaserver.exe
PRC - [2010/11/27 01:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/09/29 00:00:00 | 040,973,312 | ---- | M] (Konami Digital Entertainment Co., Ltd.) -- C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe
PRC - [2010/08/17 14:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/05/25 16:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/01/14 23:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/12/23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/02/05 14:43:26 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/21 19:46:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ERIC\Mes documents\Downloads\Programs\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/27 19:12:01 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/04/02 21:28:44 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/03/10 14:42:22 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/12/14 23:47:22 | 000,501,336 | ---- | M] (PacketVideo) [Auto | Running] -- C:\Program Files\Serveur Media\twonkymediaserverwatchdog.exe -- (Serveur Média)
SRV - [2010/11/27 01:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/12/23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/12/16 19:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/02/05 14:43:26 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2011/05/21 19:23:09 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2011/04/02 21:28:45 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/03/28 19:46:40 | 000,098,160 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2011/03/09 11:13:30 | 006,553,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/12/29 09:37:40 | 000,276,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/12/13 19:32:13 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/30 11:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/06/17 16:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 16:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/03/15 21:23:56 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/01/20 12:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/12/25 11:32:32 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2007/06/29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/04/16 17:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 54 49 31 AA DA BB CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.orange.fr"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.1.1
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}:1.2.2.0
FF - prefs.js..extensions.enabledItems: menu_contextuel_orange@orange.fr:1.0
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.8
FF - prefs.js..keyword.URL: "http://rws.search.ke.voila.fr/RW/S/opensearch_orange?rd..."

FF - user.js..browser.startup.homepage: "www.orange.fr"
FF - user.js..keyword.URL: "http://rws.search.ke.voila.fr/RW/S/opensearch_orange?rd..."

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/03 19:07:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/03 19:07:49 | 000,000,000 | ---D | M]

[2010/03/10 00:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Extensions
[2011/05/02 10:02:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions
[2010/05/01 15:09:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/19 21:46:59 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2011/01/29 19:36:49 | 000,000,000 | ---D | M] ("Plugin Orange Installeur") -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}
[2010/04/18 10:59:32 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2011/03/24 19:51:06 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/04/02 17:09:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/06/21 20:59:38 | 000,000,000 | ---D | M] (Illimitux) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\illimitux@illimitux.net
[2011/02/21 18:09:49 | 000,000,000 | ---D | M] (Menu Contextuel Orange) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\menu_contextuel_orange@orange.fr
[2011/03/29 20:39:46 | 000,000,000 | ---D | M] (IDM CC) -- C:\Documents and Settings\ERIC\Application Data\Mozilla\Firefox\Profiles\hk0p8tme.default\extensions\mozilla_cc@internetdownloadmanager.com
[2011/05/03 19:07:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/18 10:08:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) --
[2010/04/18 10:08:31 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 18:47:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/04/18 10:08:30 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/09/12 20:43:17 | 000,001,050 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Host\Hoster.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Host\Hoster.exe
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\AddFavorites_html\AddFavorites.html ()
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()
O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html ()
O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html ()
O8 - Extra context menu item: orange.fr - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\orange_html\orange.html ()
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: traduire la page - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\translate_html\translate.html ()
O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\ERIC\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()
O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
O15 - HKCU\..Trusted Domains: video-futur.com ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: video-futur.com ([]https in Trusted sites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Co... (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_9418.cab (FTMediaPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx... (CRLDownloadWrapper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ERIC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ERIC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/09 23:11:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/05/18 16:02:53 | 000,000,095 | ---- | M] () - H:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/11/09 00:10:29 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/02/25 10:30:42 | 000,000,054 | RHS- | M] () - K:\autorun.in_2.org -- [ FAT32 ]
O32 - AutoRun File - [2009/11/08 23:10:30 | 000,000,000 | RHSD | M] - K:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/12/16 17:54:26 | 000,000,000 | ---D | M] - K:\autorun -- [ FAT32 ]
O33 - MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\Shell\AutoRun\command - "" = DINO\\\\nastavishh.exe
O33 - MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\Shell\explore\command - "" = DINO\\\\\nastavishh.exe
O33 - MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\Shell\open\command - "" = DINO\\\\\nastavishh.exe
O33 - MountPoints2\{2fb445d7-2bbc-11df-9a4e-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{2fb445d7-2bbc-11df-9a4e-806d6172696f}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\Shell\AutoRun\command - "" = SVJECE\bacio.exe
O33 - MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\Shell\explore\command - "" = SVJECE\\bacio.exe
O33 - MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\Shell\Install\command - "" = SVJECE\\bacio.exe
O33 - MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\Shell\open\command - "" = SVJECE\\bacio.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/21 20:01:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/05/21 19:47:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
[2011/05/21 19:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/16 13:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ERIC\Mes documents\Téléchargements
[2011/05/08 23:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
[2011/05/08 22:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/04/29 23:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/04/25 20:20:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ERIC\Bureau\Photos retruovaille Quentin
[2010/08/28 12:15:08 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\ERIC\Application Data\pcouffin.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/21 19:47:03 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\ERIC\Bureau\HijackThis.lnk
[2011/05/21 19:23:09 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2011/05/21 19:22:50 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/21 19:22:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/19 19:16:52 | 000,612,984 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/05/19 19:16:52 | 000,535,102 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/19 19:16:52 | 000,121,446 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/05/19 19:16:52 | 000,101,076 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/17 22:53:34 | 000,190,976 | ---- | M] () -- C:\Documents and Settings\ERIC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/14 22:34:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/05/03 19:07:55 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\ERIC\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/03 19:07:55 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/21 19:47:02 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\ERIC\Bureau\HijackThis.lnk
[2011/05/17 22:43:48 | 838,815,744 | ---- | C] () -- C:\Documents and Settings\ERIC\Bureau\L'armée des ombres.avi
[2011/05/03 19:07:55 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/05/03 19:07:55 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/04/04 16:29:05 | 000,352,468 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-823518204-261903793-839522115-1004-0.dat
[2011/04/04 16:29:04 | 000,275,278 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/03/21 19:56:22 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/01/29 19:38:42 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\ERIC\Local Settings\Application Data\fusioncache.dat
[2010/11/29 13:18:39 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\ERIC\Local Settings\Application Data\housecall.guid.cache
[2010/10/17 00:13:41 | 002,496,368 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/15 20:50:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/10 16:27:50 | 000,000,400 | ---- | C] () -- C:\WINDOWS\RPCD.ini
[2010/08/28 12:15:08 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\ERIC\Application Data\inst.exe
[2010/08/28 12:15:08 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\ERIC\Application Data\pcouffin.cat
[2010/08/28 12:15:08 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\ERIC\Application Data\pcouffin.inf
[2010/07/14 11:45:39 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/05/31 17:31:33 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[2010/05/08 10:43:09 | 000,051,980 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/04/25 03:33:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/03/15 19:55:36 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/13 16:02:06 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7J.DLL
[2010/03/13 16:01:37 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010/03/10 23:32:42 | 000,190,976 | ---- | C] () -- C:\Documents and Settings\ERIC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/10 00:13:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/09 23:52:03 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/09 23:49:29 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/03/09 23:49:29 | 000,227,586 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/03/09 23:49:29 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/03/09 23:49:27 | 000,271,784 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/09 23:47:41 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/03/09 23:40:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/03/09 23:12:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/09 23:09:13 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2004/08/05 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/05 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 14:00:00 | 000,612,984 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/05 14:00:00 | 000,535,102 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 14:00:00 | 000,121,446 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/05 14:00:00 | 000,101,076 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/05 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/05 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/05 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/08/07 05:16:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\OTS_UI.EXE
[1998/09/14 21:43:16 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TWAIN32d.dll

========== LOP Check ==========

[2010/11/20 18:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
[2010/03/13 16:02:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/11/20 19:30:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2010/11/20 20:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2010/11/20 19:32:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/12/23 21:12:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2010/11/20 19:30:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2010/11/20 18:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2010/11/20 19:30:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/11/20 20:30:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010/11/20 19:30:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2010/11/20 18:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2010/03/16 21:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/03/25 19:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/12/04 19:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2010/03/17 21:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2011/04/02 21:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2010/10/17 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Application
[2010/08/08 16:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/04/03 18:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pendulo Studios
[2010/03/14 18:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/05/21 21:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Serveur Média
[2010/05/24 14:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skyline
[2010/03/13 16:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2010/03/13 16:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2011/04/02 21:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010/04/06 22:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/18 21:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{E434619C-846F-4697-8739-15F436DE9B2F}
[2010/11/21 13:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Canon
[2010/11/20 18:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Canon Easy-WebPrint EX
[2010/12/23 20:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\CD-LabelPrint
[2010/03/17 20:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\DAEMON Tools Lite
[2011/05/21 21:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\DMCache
[2011/03/25 19:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\f-secure
[2010/05/24 17:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\FreeAudioPack
[2011/03/05 18:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\FreeVideoConverter
[2011/05/21 21:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\IDM
[2010/09/10 17:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Leadertech
[2011/05/07 20:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Media Player
[2010/10/10 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Micro Application
[2010/07/09 23:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\MSNInstaller
[2010/08/08 17:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\NCH Swift Sound
[2010/08/08 17:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\NetMedia Providers
[2011/01/29 19:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Orange
[2011/01/31 18:02:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Oxemis
[2010/08/28 12:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\PhotoFiltre
[2010/08/08 17:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Publish Providers
[2011/04/02 20:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\PunkBuster
[2011/04/29 18:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\QuickScan
[2010/03/13 16:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\ScanSoft
[2010/08/08 17:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Sony
[2011/04/16 16:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\SystemRequirementsLab
[2010/05/10 15:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Ubisoft
[2010/08/28 12:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ERIC\Application Data\Vso

========== Purity Check ==========



< End of report >
a c 267 8 Sécurité
21 Mai 2011 23:01:59

Citation :
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Host\Hoster.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Host\Hoster.exe

--> D'après ce que j'ai vu sur Internet, c'est une infection.
21 Mai 2011 23:27:04

Et comment peut-on s'en débarrasser?
a c 267 8 Sécurité
21 Mai 2011 23:31:49

Citation :
C:\WINDOWS\system32\Host

--> Il y a quoi dans ce dossier ?

Citation :
C:\WINDOWS\system32\Host\Hoster.exe

--> Peux-tu uploader le fichier sur le site suivant ?
http://upload.malekal.com/
21 Mai 2011 23:58:33

Impossible, quand j'ouvre le fichier Host, il est vide?
22 Mai 2011 00:11:01

J'ai procédé à la modification, mais ce fichier est toujours vide ?
a c 267 8 Sécurité
22 Mai 2011 00:22:50

Ok, remets comme c'était puis fais ceci :

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Host\Hoster.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Host\Hoster.exe
    O33 - MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\Shell\AutoRun\command - "" = DINO\\\\nastavishh.exe
    O33 - MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\Shell\explore\command - "" = DINO\\\\\nastavishh.exe
    O33 - MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\Shell\open\command - "" = DINO\\\\\nastavishh.exe
    O33 - MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\Shell\AutoRun\command - "" = SVJECE\bacio.exe
    O33 - MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\Shell\explore\command - "" = SVJECE\\bacio.exe
    O33 - MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\Shell\Install\command - "" = SVJECE\\bacio.exe
    O33 - MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\Shell\open\command - "" = SVJECE\\bacio.exe

    :commands
    [emptytemp]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    22 Mai 2011 12:36:43

    Voici le rapport après correction

    All processes killed
    ========== OTL ==========
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully.
    Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{139f408a-dc56-11df-b595-00241d8c2937}\ not found.
    File DINO\\\\nastavishh.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{139f408a-dc56-11df-b595-00241d8c2937}\ not found.
    File DINO\\\\\nastavishh.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{139f408a-dc56-11df-b595-00241d8c2937}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{139f408a-dc56-11df-b595-00241d8c2937}\ not found.
    File DINO\\\\\nastavishh.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\ not found.
    File SVJECE\bacio.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\ not found.
    File SVJECE\\bacio.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\ not found.
    File SVJECE\\bacio.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5aeef9d8-ab7a-11df-b53d-00241d8c2937}\ not found.
    File SVJECE\\bacio.exe not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 56502 bytes

    User: EMMANUELLE
    ->Temp folder emptied: 126482544 bytes
    ->Temporary Internet Files folder emptied: 153568081 bytes
    ->Java cache emptied: 72804 bytes
    ->FireFox cache emptied: 83440813 bytes
    ->Flash cache emptied: 37348 bytes

    User: ERIC
    ->Temp folder emptied: 589265693 bytes
    ->Temporary Internet Files folder emptied: 74421664 bytes
    ->Java cache emptied: 1360129 bytes
    ->FireFox cache emptied: 837562538 bytes
    ->Apple Safari cache emptied: 15446016 bytes
    ->Flash cache emptied: 94896 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 2335210 bytes
    %systemroot%\System32 .tmp files removed: 3614208 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 472726 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 59822758 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 1 858,00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 05222011_115454

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...
    a c 267 8 Sécurité
    22 Mai 2011 13:34:36

    Pas de changement ?
    22 Mai 2011 14:01:20

    Cela à l'air d'aller mieux, mais par contre quand je regarde le niveau d'utilisation de l'UC, dans l'onglet performance du gestionnaire de tâche, j'ai souvent des pics qui apparaissent en rouge, alors qu'il n'y a pas forcément un logiciel qui tourne en fonds de tâche. Est-ce que c'est vraiment normal, ou y-a t-il un autre pb, de virus ou de configuration ?
    Merci.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS