Se connecter / S'enregistrer
Votre question

Sites lancés automatiquement

Tags :
  • Système d'exploitation
  • Sécurité
Dernière réponse : dans Sécurité et virus
31 Décembre 2010 14:23:36

Bonjour,

Certains sites sont lancés automatiquement la nuit à intervalles réguliers même lorsque mon navigateur (Google chrome) est fermé.
Mon système d'exploitation est XP pack 3.
J'ai lancé plusieurs anti spy-ware AD-AWARE , spyware doctor, mon micro est protégé par AVAST.

Rien n'a été détecté.

Merci pour votre aide.

Ci-dessous l'historique de navigation lancé automatiquement à 1h10, 2h10, 3h 10, 5h 10, 6h10

06:10
http://c.ads-1-host.com/ads.php?c=244
05:10
http://c.ads-6-host.com/ads.php?c=241
03:10
http://c.ads-2-host.com/ads.php?c=242
02:10
http://c.ads-5-host.com/ads.php?c=209
01:10
Chocam : Live show hot et sexy – Accès 100% gratuit
01:10
http://c.ads-7-host.com/ads.php?c=215

Autres pages sur : sites lances automatiquement

31 Décembre 2010 14:43:22

Fais un scan Malwarebyte anti malware
Post le ici
31 Décembre 2010 18:10:59

Bonjour,

Voici le scan de Malwarebyte anti malware après avoir cliqué dans "supprimer la sélection" à la fin du SCAN
Il y avait bien 6 programmes malveillants

Nota les logiciels AD-AWARE, AD-REMOVER, SPYWARE DOCTAR n'avaient rien détectés.
Ci dessous le rapport.

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5428

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

31/12/2010 17:23:34
mbam-log-2010-12-31 (17-23-34).txt

Type d'examen: Examen complet (C:\|H:\|J:\|)
Elément(s) analysé(s): 224846
Temps écoulé: 38 minute(s), 8 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
c:\documents and settings\user\application data\EoRezo\EoRezo\softwareupdatehp.exe (Rogue.Eorezo) -> 2280 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SoftwareHelper (Rogue.Eorezo) -> Value: SoftwareHelper -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\program files\eoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\documents and settings\user\application data\EoRezo\EoRezo\softwareupdatehp.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\eoRezo\eorezo.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.

Espérons que le résultat sera positif en tous cas merci beaucoup.
Contenus similaires
31 Décembre 2010 19:20:58


# Clique sur Menu démarrer --> Panneau de configuration --> Ajout-Suppression de programmes --> désinstalle tout ce qui a trait a Eorezo, par exemple eorezo, eoWeather, eoEngine...

# Redémarre l'ordinateur.

# Menu démarrer --> Panneau de configuration --> Option des dossiers --> affichage --> coche "afficher les fichiers et dossiers cachés" et décoche "masquer les fichiers protégés du système d'exploitation" (tu pourras remettre les réglages comme ils étaient à la fin de cette procédure)

# Supprime les répertoires résiduels :

Menu démarrer --> Poste de travail --> Disque local C --> Program Files --> supprime eoRezo
Menu démarrer --> Poste de travail --> Disque local C --> Documents and Settings --> nom de la session (faire de même pour chaque session) --> Application Data --> supprime EoRezo

Ensuite tu télécharge Hijackthis et tu me post le rapport.
1 Janvier 2011 09:57:19

Bonjour,

Je n'ai trouvé aucun EoRezo dans les répertoires mentionnés.

Ci-dessous le rapport


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:50:34, on 01/01/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\BackupIP\service.exe
C:\Program Files\Fighters\SPAMfighter\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fighters\FighterSuiteService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Fighters\SPAMfighter\sfagent.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe
C:\Program Files\Installer\lnetworker.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [installer] C:\Program Files\Installer\lnetworker.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Backup IP Network (sdmBackupIP) - Unknown owner - C:\WINDOWS\BackupIP\service.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

--
End of file - 9333 bytes
1 Janvier 2011 11:31:04

Bonjour
post pour suivre :) 
1 Janvier 2011 15:53:45

Merci :) 

Rien d'alarmant.
Refait un MBAM en mode sans échec.
Et aussi un Spybot search and destroy qui peut être utile même après malwarebyte :) 
1 Janvier 2011 17:18:21

AWINDOWS a dit :
Merci :) 

Rien d'alarmant.
Refait un MBAM en mode sans échec.
Et aussi un Spybot search and destroy qui peut être utile même après malwarebyte :) 

bah ça sert doublement à rien... :D 

Lire:
Mbam:
Citation :
NB : Ce programme ne doit pas être utilisé en mode sans échec, car cela diminue son efficacité.
En outre, sa mise à jour ne peut se faire qu'avec les droits d'administrateur.

http://www.commentcamarche.net/download/telecharger-340...

Spybot:
http://forum.malekal.com/adwares-spywares-comment-pas-d...

par contre dans hijackthis:
O4 - HKLM\..\Run: [installer] C:\Program Files\Installer\lnetworker.exe
O23 - Service: Backup IP Network (sdmBackupIP) - Unknown owner - C:\WINDOWS\BackupIP\service.exe

ça ne me plait pas trop... :o 



1 Janvier 2011 17:35:23

Sham_Rock a dit :
bah ça sert doublement à rien... :D 

Lire:
Mbam:
Citation :
NB : Ce programme ne doit pas être utilisé en mode sans échec, car cela diminue son efficacité.
En outre, sa mise à jour ne peut se faire qu'avec les droits d'administrateur.

http://www.commentcamarche.net/download/telecharger-340...

Spybot:
http://forum.malekal.com/adwares-spywares-comment-pas-d...

par contre dans hijackthis:
O4 - HKLM\..\Run: [installer] C:\Program Files\Installer\lnetworker.exe
O23 - Service: Backup IP Network (sdmBackupIP) - Unknown owner - C:\WINDOWS\BackupIP\service.exe

ça ne me plait pas trop... :o 


Diminue son efficacité mais au moins il chargera pas le virus donc à moins que ce soit un beagle ou une autre daube crypter :o 

Très juste il est infecté.

PC infecté par l'adware InstallPedia.

Télécharge Ad-Remover (de C_XX) sur ton Bureau.
Ferme toutes les applications en cours y compris le navigateur.
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
Choisis Nettoyer puis valide.
Poste le rapport qui apparaît à la fin sur le forum (C:\Ad-Report-CLEAN.log).


1 Janvier 2011 19:34:45

Bonjour,

A noter dans le répertoire EoRezo " C:\Documents and Settings\user\Application Data\EoRezo " il n'y a aucun fichier.

Ci-dessous le rapport de AD-R


.
======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 19/05/10 à 19:20
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:18:21 le 01/01/2011 | Mode normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft Windows XP Édition familiale (Service Pack 3 - X86)
Nom du PC: ACER-TOUR
Utilisateur actuel: user
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
C:\Documents and Settings\user\Application Data\EoRezo

(!) -- Fichiers temporaires supprimés.
.
.
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version Impossible d'obtenir la version *
.
C:\Documents and Settings\user\..\qdy899gl.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.13
C:\Documents and Settings\user\..\qdy899gl.default\prefs.js - browser.startup.homepage: hxxp://y.lo.stbrowser.startup.homepage:
.
EFFACÉ: C:\Documents and Settings\user\..\qdy899gl.default\prefs.js - user_pref("browser.startup.homepage", "hxxp://y.lo.st");user_pref("browser.startup.homepage", "");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 13 Fichier(s)
.
C:\Ad-Report-CLEAN[1].txt - 2339 Octet(s)
C:\Ad-Report-SCAN[1].txt - 2260 Octet(s)
.
Fin à: 19:21:08, 01/01/2011
.
============== E.O.F - CLEAN[1] ==============
1 Janvier 2011 19:37:28

bonsoir
on arrête les frais, je reprends cette désinfection. :) 

AWINDOWS, on peut en discuter en mp si tu le souhaites. :) 

kikisqy


  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • sous Personnalisation (dans le cadre blanc), copie_colle le contenu du cadre ci dessous:


    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    userinit.exe
    winlogon.exe
    wininit.exe
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT



  • Enfin, clique sur le bouton Analyse. Laisse travailler l'outil.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    2 Janvier 2011 18:00:55

    Bonjour,

    La procédure décrite ci-dessous s'est mal passée.

    Je joints les 2 fichiers OTL.txt et Extras.txt ci-dessous

    Fichier OTL.txt



    OTL logfile created on: 02/01/2011 17:26:45 - Run 1
    OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\user\Mes documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    958,00 Mb Total Physical Memory | 415,00 Mb Available Physical Memory | 43,00% Memory free
    2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
    Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 113,76 Gb Total Space | 90,29 Gb Free Space | 79,38% Space Free | Partition Type: NTFS
    Drive H: | 114,22 Gb Total Space | 38,58 Gb Free Space | 33,77% Space Free | Partition Type: FAT32
    Drive J: | 232,88 Gb Total Space | 153,80 Gb Free Space | 66,04% Space Free | Partition Type: NTFS
    Drive Z: | 232,88 Gb Total Space | 153,80 Gb Free Space | 66,04% Space Free | Partition Type: NTFS

    Computer Name: ACER-TOUR | User Name: user | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\user\Mes documents\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\WINDOWS\BackupIP\service.exe ()
    PRC - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Program Files\Fighters\FighterSuiteService.exe (SPAMfighter ApS)
    PRC - C:\Program Files\Fighters\SPAMfighter\sfus.exe (SPAMfighter ApS)
    PRC - C:\Program Files\Fighters\SPAMfighter\sfagent.exe (SPAMfighter ApS)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
    PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
    PRC - C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
    PRC - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
    PRC - C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.)
    PRC - c:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
    PRC - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe (Logitech Inc.)
    PRC - C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
    PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
    PRC - C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe ()
    PRC - C:\Program Files\Motive\AsstCommon\MotiveDirectory.exe (Motive Communications, Inc.)
    PRC - C:\Program Files\Club-Internet\Le Compagnon Club\bin\lecompagnonclub.exe (Club Internet)
    PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
    PRC - C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
    PRC - C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe (Fred's Software)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\user\Mes documents\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
    MOD - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)
    MOD - C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\SBHook.dll (Motive Communications, Inc.)


    ========== Win32 Services (SafeList) ==========

    SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
    SRV - (sdmBackupIP) -- C:\WINDOWS\BackupIP\service.exe ()
    SRV - (Suite Service) -- C:\Program Files\Fighters\FighterSuiteService.exe (SPAMfighter ApS)
    SRV - (SPAMfighter Update Service) -- C:\Program Files\Fighters\SPAMfighter\sfus.exe (SPAMfighter ApS)
    SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (LVSrvLauncher) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
    SRV - (LVPrcSrv) -- c:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
    SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
    SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
    DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
    DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)
    DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
    DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
    DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys ()
    DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
    DRV - (LVUVC) Logitech QuickCam Pro 5000(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
    DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
    DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
    DRV - (LVHybrid) -- C:\WINDOWS\system32\drivers\LVHybrid.sys (Animation Technologies Inc.)
    DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
    DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
    DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
    DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
    DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
    DRV - (MRENDIS5) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
    DRV - (GTNDIS5) -- C:\Program Files\Belkin\F5D7050v3\GTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 82 A0 2B 12 78 CB 01 [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..network.proxy.type: 0


    [2010/12/18 15:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
    [2010/12/18 15:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\qdy899gl.default\extensions
    [2010/12/18 15:59:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\qdy899gl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/11/03 08:20:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

    O1 HOSTS File: ([2004/08/05 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
    O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
    O4 - HKLM..\Run: [installer] C:\Program Files\Installer\lnetworker.exe ()
    O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
    O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
    O4 - HKLM..\Run: [Motive SmartBridge] C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe (SPAMfighter ApS)
    O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
    O4 - HKLM..\Run: [workflow] I:\install\workflow.exe File not found
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
    O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe (Motive Communications, Inc.)
    O4 - Startup: C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage\PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe (Fred's Software)
    O4 - Startup: C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage\ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
    O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-wind... (Java Plug-in 1.5.0_06)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/10/27 09:29:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{81ef1c9a-e1a6-11df-8db3-806d6172696f}\Shell - "" = AutoRun
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found


    SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vds - Service
    SafeBootMin: vga.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: vga.sys - Driver
    SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:o E /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
    ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
    ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (17183584330711040)

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/01/01 16:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
    [2011/01/01 16:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [2011/01/01 14:21:21 | 000,081,920 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll
    [2011/01/01 14:21:21 | 000,017,162 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Pcandis5.sys
    [2011/01/01 14:21:21 | 000,016,848 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Pcandis4.sys
    [2011/01/01 14:21:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Motive
    [2011/01/01 14:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Motive
    [2011/01/01 14:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
    [2011/01/01 14:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
    [2011/01/01 14:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Motive
    [2011/01/01 14:18:26 | 000,171,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jit.dll
    [2011/01/01 14:18:26 | 000,139,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaee.dll
    [2011/01/01 14:18:26 | 000,046,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\setdebug.exe
    [2011/01/01 14:18:25 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx3j.dll
    [2011/01/01 14:18:21 | 000,286,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vmhelper.dll
    [2011/01/01 14:18:21 | 000,172,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jview.exe
    [2011/01/01 14:18:21 | 000,171,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wjview.exe
    [2011/01/01 14:18:21 | 000,154,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msawt.dll
    [2011/01/01 14:18:21 | 000,021,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjdbc10.dll
    [2011/01/01 14:18:21 | 000,015,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jdbgmgr.exe
    [2011/01/01 14:18:20 | 000,404,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javart.dll
    [2011/01/01 14:18:20 | 000,187,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javacypt.dll
    [2011/01/01 14:18:20 | 000,063,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaprxy.dll
    [2011/01/01 14:18:19 | 000,049,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clspack.exe
    [2011/01/01 14:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\BroadJump
    [2011/01/01 14:17:57 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
    [2011/01/01 14:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\Club-Internet
    [2011/01/01 14:12:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Club-Internet
    [2011/01/01 09:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
    [2010/12/31 17:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\malwarebytes Anti-malware
    [2010/12/31 16:37:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/12/31 16:37:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
    [2010/12/31 16:37:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2010/12/31 16:37:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/12/31 16:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/12/31 13:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\virus
    [2010/12/31 13:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
    [2010/12/31 13:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
    [2010/12/31 12:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/12/31 11:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010/12/30 18:28:45 | 000,000,000 | ---D | C] -- C:\Ad-Remover
    [2010/12/30 13:01:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
    [2010/12/30 12:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes
    [2010/12/29 11:19:38 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
    [2010/12/29 11:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Sunbelt Software
    [2010/12/29 11:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
    [2010/12/27 10:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\vlc
    [2010/12/20 21:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2010/12/20 21:03:25 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
    [2010/12/20 21:03:25 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
    [2010/12/20 11:53:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
    [2010/12/20 11:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
    [2010/12/20 09:29:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\networker
    [2010/12/19 18:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Installer
    [2010/12/19 18:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\assembly
    [2010/12/19 18:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\assembly
    [2010/12/19 18:46:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\BackupIP
    [2010/12/19 18:46:42 | 000,197,632 | ---- | C] (Dino Chiesa) -- C:\WINDOWS\System32\Ionic.Zip.Reduced.dll
    [2010/12/19 18:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
    [2010/12/18 15:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Mozilla
    [2010/12/18 15:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Mozilla
    [2010/12/15 03:49:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
    [2010/12/15 03:48:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
    [2010/12/14 20:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Démarrer\Programmes\Google Chrome
    [2010/12/14 11:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\télé sejour
    [2010/12/11 15:41:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
    [2010/12/09 09:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Apple Computer
    [2010/12/09 09:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
    [2010/12/09 09:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2010/12/09 09:48:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2010/12/09 09:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Apple
    [2010/12/09 09:47:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Apple
    [2010/12/09 09:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2010/12/09 09:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2010/12/09 09:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Apple Computer
    [2010/12/08 11:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Mes documents\Downloads
    [66 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/01/02 17:05:00 | 000,001,142 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1078081533-725345543-1004UA.job
    [2011/01/02 12:05:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1078081533-725345543-1004Core.job
    [2011/01/02 08:47:14 | 000,039,291 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2011/01/02 08:47:13 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
    [2011/01/02 08:46:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/01/02 08:46:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
    [2011/01/02 08:42:59 | 000,010,631 | ---- | M] () -- C:\Documents and Settings\user\Bureau\message erreur.gif
    [2011/01/01 15:41:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011/01/01 14:21:01 | 000,001,889 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
    [2011/01/01 12:30:59 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
    [2011/01/01 11:19:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [2011/01/01 09:50:14 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\user\Bureau\HijackThis.lnk
    [2011/01/01 09:35:59 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\user\Bureau\malware.doc
    [2011/01/01 09:35:27 | 000,002,591 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
    [2010/12/31 16:37:33 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
    [2010/12/31 16:37:33 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2010/12/31 13:53:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/12/30 12:11:25 | 000,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/12/29 11:19:38 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
    [2010/12/27 22:02:56 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2003.lnk
    [2010/12/20 19:14:54 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/12/18 15:55:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
    [2010/12/16 17:03:08 | 000,011,264 | ---- | M] () -- C:\WINDOWS\System32\Utils.dll
    [2010/12/16 16:51:20 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Ancien Régime.doc
    [2010/12/14 20:50:18 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2010/12/14 20:46:57 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
    [2010/12/14 15:47:15 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\user\Bureau\sfr neuf box evolution.doc
    [2010/12/05 12:10:19 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Décodeur TV Evolution.doc
    [66 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/01/02 08:42:59 | 000,010,631 | ---- | C] () -- C:\Documents and Settings\user\Bureau\message erreur.gif
    [2011/01/01 14:21:21 | 000,016,073 | ---- | C] () -- C:\WINDOWS\System32\Pcandis3.vxd
    [2011/01/01 14:21:01 | 000,001,889 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
    [2011/01/01 14:18:26 | 000,007,315 | ---- | C] () -- C:\WINDOWS\System32\javasup.vxd
    [2011/01/01 14:18:25 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
    [2011/01/01 14:18:22 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedon.reg
    [2011/01/01 14:18:22 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedoff.reg
    [2011/01/01 14:18:02 | 000,663,552 | ---- | C] () -- C:\WINDOWS\System32\libeay32_1-1-0_DDR.dll
    [2011/01/01 14:18:02 | 000,532,594 | ---- | C] () -- C:\WINDOWS\System32\xerces-c_1_40_0_DDR.dll
    [2011/01/01 14:18:02 | 000,524,377 | ---- | C] () -- C:\WINDOWS\System32\stlport_4_0_0_DDR.dll
    [2011/01/01 14:18:02 | 000,307,329 | ---- | C] () -- C:\WINDOWS\System32\BJBase_2-2-2_DDR.dll
    [2011/01/01 14:18:02 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32_1-1-0_DDR.dll
    [2011/01/01 14:12:52 | 000,006,345 | R--- | C] () -- C:\WINDOWS\System32\DevMngr.vxd
    [2011/01/01 09:50:14 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\user\Bureau\HijackThis.lnk
    [2011/01/01 09:35:58 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\user\Bureau\malware.doc
    [2010/12/31 16:37:33 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
    [2010/12/31 16:37:33 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2010/12/29 11:21:11 | 000,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [2010/12/26 18:14:04 | 000,233,203 | ---- | C] () -- C:\Documents and Settings\user\Bureau\france télécom tarifs.jpg
    [2010/12/19 18:46:42 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\Utils.dll
    [2010/12/18 15:55:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2010/12/14 20:50:18 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2010/12/14 15:01:40 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\user\Bureau\sfr neuf box evolution.doc
    [2010/12/14 11:21:50 | 000,052,736 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Ancien Régime.doc
    [2010/12/09 09:47:52 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2010/12/05 12:09:55 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Décodeur TV Evolution.doc
    [2010/11/26 13:28:19 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
    [2010/11/20 15:26:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
    [2010/11/20 15:26:57 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
    [2010/11/19 14:44:19 | 000,005,224 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
    [2010/10/28 18:47:33 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2010/10/28 13:43:28 | 000,050,127 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2010/10/28 12:46:14 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2010/10/27 20:33:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
    [2010/10/27 11:21:12 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/10/27 10:14:22 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
    [2010/10/27 10:14:19 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
    [2010/10/27 09:54:13 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2010/10/27 09:41:36 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\fusioncache.dat
    [2010/10/27 09:32:12 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2008/05/14 11:21:52 | 000,441,705 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
    [2007/02/06 16:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
    [2007/02/06 16:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
    [2005/10/10 20:49:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2005/10/10 20:49:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2005/10/10 20:49:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2005/10/10 20:49:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
    [2005/10/10 20:49:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2005/10/10 20:49:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
    [2005/10/10 20:49:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
    [2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
    [2001/03/30 21:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll

    ========== LOP Check ==========

    [2010/10/27 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2010/10/27 20:55:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2010/10/28 12:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
    [2010/10/27 20:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
    [2010/11/21 10:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
    [2010/12/31 13:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/10/28 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro
    [2010/10/28 12:24:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}
    [2010/10/28 12:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
    [2010/10/28 12:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Fighters
    [2010/10/28 20:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GlarySoft
    [2010/10/28 12:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\VadeRetro
    [2011/01/01 11:19:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
    [2011/01/02 08:47:13 | 000,000,310 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %ALLUSERSPROFILE%\Application Data\*. >
    [2010/10/28 13:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
    [2010/10/27 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2010/12/09 09:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2010/12/09 09:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2010/10/27 20:55:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2010/10/28 12:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
    [2010/10/27 20:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
    [2010/12/29 11:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
    [2010/10/28 13:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
    [2010/10/28 13:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
    [2010/12/31 16:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2010/11/21 10:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
    [2010/12/20 11:53:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
    [2011/01/01 14:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
    [2010/11/04 11:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    [2010/10/28 19:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
    [2011/01/01 19:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [2010/11/03 08:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2010/12/31 13:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/10/28 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro
    [2010/10/29 18:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
    [2010/10/28 18:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    [2010/10/28 12:24:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >
    [2010/10/21 13:45:40 | 003,386,144 | ---- | M] (SPAMfighter ApS ) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\SPAMfighter_Client.exe
    [2010/10/21 13:44:19 | 000,706,696 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\1491EB17\2F7662E3\FighterLauncher.exe
    [2010/10/21 13:44:02 | 000,598,664 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\55469686\5409B3BF\spamcfg.exe
    [2010/10/21 13:43:59 | 000,760,968 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\B4209484\5409B3BF\sfagent.exe
    [2010/10/21 13:44:22 | 000,994,440 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\B8F925CC\2F7662E3\MsgSys.exe
    [2010/10/21 13:44:04 | 000,131,720 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\BC728C84\5409B3BF\uninstall.exe
    [2010/10/21 13:44:00 | 000,189,064 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\d_\temp\SPAMFI~1\7126E1~1.X\Sources\INSTAL~1\Input\Binaries\sfus.exe
    [2010/10/21 13:44:21 | 001,130,120 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\E5069363\2F7662E3\FighterSuiteService.exe
    [2010/10/21 13:43:57 | 000,385,672 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\EE56776E\5409B3BF\prep.exe

    < %APPDATA%\*. >
    [2010/10/28 13:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Adobe
    [2010/12/09 09:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Apple Computer
    [2010/10/28 12:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
    [2010/10/28 12:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Fighters
    [2010/10/28 20:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GlarySoft
    [2010/10/27 09:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Identities
    [2010/11/19 14:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InstallShield
    [2010/10/27 11:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Macromedia
    [2010/12/30 12:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Malwarebytes
    [2010/11/24 21:26:54 | 000,000,000 | --SD | M] -- C:\Documents and Settings\user\Application Data\Microsoft
    [2010/12/18 15:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla
    [2011/01/02 16:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Skype
    [2011/01/02 16:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\skypePM
    [2010/11/03 08:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sun
    [2010/10/28 12:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\VadeRetro
    [2010/12/27 10:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\vlc
    [2010/12/29 10:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Winamp

    < %APPDATA%\*.exe /s >
    [2010/10/28 13:40:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
    [2010/10/28 13:41:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
    [2010/10/28 13:40:48 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe

    < %SYSTEMDRIVE%\*.exe >


    < MD5 for: EXPLORER.EXE >
    [2004/08/05 13:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
    [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

    < MD5 for: USERINIT.EXE >
    [2004/08/05 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
    [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
    [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

    < MD5 for: WINLOGON.EXE >
    [2004/08/05 13:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
    [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
    [2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
    [2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2010/10/27 09:52:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2010/10/27 09:52:14 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2010/10/27 09:52:13 | 000,462,848 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D FC5A2B2

    < End of report >


    Fichier Extras.txt

    OTL Extras logfile created on: 02/01/2011 17:26:45 - Run 1
    OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\user\Mes documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    958,00 Mb Total Physical Memory | 415,00 Mb Available Physical Memory | 43,00% Memory free
    2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
    Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 113,76 Gb Total Space | 90,29 Gb Free Space | 79,38% Space Free | Partition Type: NTFS
    Drive H: | 114,22 Gb Total Space | 38,58 Gb Free Space | 33,77% Space Free | Partition Type: FAT32
    Drive J: | 232,88 Gb Total Space | 153,80 Gb Free Space | 66,04% Space Free | Partition Type: NTFS
    Drive Z: | 232,88 Gb Total Space | 153,80 Gb Free Space | 66,04% Space Free | Partition Type: NTFS

    Computer Name: ACER-TOUR | User Name: user | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Ubi Soft\Chessmaster 9000\Chessmaster.exe" = C:\Program Files\Ubi Soft\Chessmaster 9000\Chessmaster.exe:*:Enabled:Chessmaster 9000 -- File not found
    "C:\Program Files\K!TV\K!TV.exe" = C:\Program Files\K!TV\K!TV.exe:*:Enabled:K!TV - Application de TéléVision -- File not found


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1D0AB230-E7BC-41CB-A50C-F282273E897B}" = SPAMfighter Client
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
    "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français
    "{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
    "{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10ème Edition
    "{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
    "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
    "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Ad-Remover" = Ad-Remover By C_XX
    "avast5" = avast! Free Antivirus
    "BroadJump Client Foundation" = BroadJump Client Foundation
    "CCleaner" = CCleaner
    "DMX5_is1" = DriverMax 5
    "ffdshow_is1" = ffdshow v1.1.3498 [2010-07-04]
    "Glary Utilities_is1" = Glary Utilities 2.29.0.1032
    "HijackThis" = HijackThis 2.0.2
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10ème Edition
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
    "MP Navigator 3.0" = Canon MP Navigator 3.0
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NVIDIA Drivers" = NVIDIA Drivers
    "OutilsCI" = Outils Club Internet
    "Picasa 3" = Picasa 3
    "PrintKey 2000 Fr" = PrintKey 2000 Fr
    "QcDrv" = Programme de gestion Camera de Logitech
    2 Janvier 2011 18:20:51


    Bonjour,

    Ci-dessous le fichier Extras.txt


    OTL Extras logfile created on: 02/01/2011 17:26:45 - Run 1
    OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\user\Mes documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    958,00 Mb Total Physical Memory | 415,00 Mb Available Physical Memory | 43,00% Memory free
    2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
    Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 113,76 Gb Total Space | 90,29 Gb Free Space | 79,38% Space Free | Partition Type: NTFS
    Drive H: | 114,22 Gb Total Space | 38,58 Gb Free Space | 33,77% Space Free | Partition Type: FAT32
    Drive J: | 232,88 Gb Total Space | 153,80 Gb Free Space | 66,04% Space Free | Partition Type: NTFS
    Drive Z: | 232,88 Gb Total Space | 153,80 Gb Free Space | 66,04% Space Free | Partition Type: NTFS

    Computer Name: ACER-TOUR | User Name: user | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Ubi Soft\Chessmaster 9000\Chessmaster.exe" = C:\Program Files\Ubi Soft\Chessmaster 9000\Chessmaster.exe:*:Enabled:Chessmaster 9000 -- File not found
    "C:\Program Files\K!TV\K!TV.exe" = C:\Program Files\K!TV\K!TV.exe:*:Enabled:K!TV - Application de TéléVision -- File not found


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1D0AB230-E7BC-41CB-A50C-F282273E897B}" = SPAMfighter Client
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
    "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français
    "{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
    "{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10ème Edition
    "{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
    "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
    "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Ad-Remover" = Ad-Remover By C_XX
    "avast5" = avast! Free Antivirus
    "BroadJump Client Foundation" = BroadJump Client Foundation
    "CCleaner" = CCleaner
    "DMX5_is1" = DriverMax 5
    "ffdshow_is1" = ffdshow v1.1.3498 [2010-07-04]
    "Glary Utilities_is1" = Glary Utilities 2.29.0.1032
    "HijackThis" = HijackThis 2.0.2
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10ème Edition
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
    "MP Navigator 3.0" = Canon MP Navigator 3.0
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NVIDIA Drivers" = NVIDIA Drivers
    "OutilsCI" = Outils Club Internet
    "Picasa 3" = Picasa 3
    "PrintKey 2000 Fr" = PrintKey 2000 Fr
    "QcDrv" = Programme de gestion Camera de Logitech®
    "SPAMfighter" = SPAMfighter
    "TONLFR.MCCInstall" = LE COMPAGNON CLUB
    "Total Uninstall 5_is1" = Total Uninstall 5.8.0
    "Winamp" = Winamp
    "Winamp Toolbar" = Winamp Toolbar
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "Windows XP Service" = Windows XP Service Pack 3
    "WJChess2D" = WJChess2D
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "Winamp Detect" = Détection de l'application Winamp

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 28/12/2010 04:47:46 | Computer Name = ACER-TOUR | Source = Application Error | ID = 1000
    Description = Application défaillante chrome.exe, version 0.0.0.0, module défaillant
    unknown, version 0.0.0.0, adresse de défaillance 0x00000000.

    Error - 29/12/2010 06:16:29 | Computer Name = ACER-TOUR | Source = Lavasoft Ad-Aware Service | ID = 0
    Description =

    Error - 31/12/2010 04:43:50 | Computer Name = ACER-TOUR | Source = Application Hang | ID = 1002
    Description = Application bloquée chrome.exe, version 0.0.0.0, module bloqué hungapp,
    version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 31/12/2010 08:45:57 | Computer Name = ACER-TOUR | Source = sdCoreService | ID = 0
    Description =

    Error - 01/01/2011 04:48:28 | Computer Name = ACER-TOUR | Source = Application Error | ID = 1000
    Description = Application défaillante chrome.exe, version 0.0.0.0, module défaillant
    unknown, version 0.0.0.0, adresse de défaillance 0x00f10a80.

    Error - 01/01/2011 04:48:49 | Computer Name = ACER-TOUR | Source = Application Error | ID = 1000
    Description = Application défaillante chrome.exe, version 0.0.0.0, module défaillant
    unknown, version 0.0.0.0, adresse de défaillance 0x00f10a80.

    Error - 02/01/2011 03:41:21 | Computer Name = ACER-TOUR | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
    Description = EventType clr20r3, P1 lnetworker.exe, P2 1.0.0.0, P3 4d07213b, P4
    mscorlib, P5 2.0.0.0, P6 4be90358, P7 1c89, P8 b, P9 exception, P10 NIL.

    Error - 02/01/2011 03:42:38 | Computer Name = ACER-TOUR | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 02/01/2011 03:42:38 | Computer Name = ACER-TOUR | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 02/01/2011 03:47:22 | Computer Name = ACER-TOUR | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
    Description = EventType clr20r3, P1 lnetworker.exe, P2 1.0.0.0, P3 4d07213b, P4
    mscorlib, P5 2.0.0.0, P6 4be90358, P7 1c89, P8 b, P9 exception, P10 NIL.

    [ System Events ]
    Error - 08/12/2010 13:31:16 | Computer Name = ACER-TOUR | Source = Disk | ID = 262155
    Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\D.

    Error - 08/12/2010 14:09:43 | Computer Name = ACER-TOUR | Source = Disk | ID = 262155
    Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\D.

    Error - 08/12/2010 16:29:10 | Computer Name = ACER-TOUR | Source = Disk | ID = 262155
    Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\D.

    Error - 09/12/2010 08:29:42 | Computer Name = ACER-TOUR | Source = Disk | ID = 262155
    Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\D.

    Error - 09/12/2010 10:09:52 | Computer Name = ACER-TOUR | Source = Disk | ID = 262155
    Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\D.

    Error - 10/12/2010 09:11:20 | Computer Name = ACER-TOUR | Source = Dhcp | ID = 1002
    Description = Le bail de l'adresse IP 192.168.1.2 pour la carte réseau dont l'adresse
    réseau est 001558461D81 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a
    envoyé un message DHCPNACK).

    Error - 10/12/2010 09:11:49 | Computer Name = ACER-TOUR | Source = W32Time | ID = 39452689
    Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
    la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
    va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
    a été tentée sur un hôte impossible à atteindre. (0x80072751)

    Error - 10/12/2010 09:11:49 | Computer Name = ACER-TOUR | Source = W32Time | ID = 39452701
    Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
    à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
    accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
    NtpClient
    n'a pas de source de temps précis.

    Error - 10/12/2010 09:12:05 | Computer Name = ACER-TOUR | Source = W32Time | ID = 39452689
    Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
    la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
    va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
    a été tentée sur un hôte impossible à atteindre. (0x80072751)

    Error - 10/12/2010 09:12:05 | Computer Name = ACER-TOUR | Source = W32Time | ID = 39452701
    Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
    à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
    accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
    NtpClient
    n'a pas de source de temps précis.


    < End of report >


    2 Janvier 2011 18:27:54

    Bonjour,

    En complément le fichier OTL.txt

    OTL logfile created on: 02/01/2011 17:26:45 - Run 1
    OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\user\Mes documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    958,00 Mb Total Physical Memory | 415,00 Mb Available Physical Memory | 43,00% Memory free
    2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
    Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 113,76 Gb Total Space | 90,29 Gb Free Space | 79,38% Space Free | Partition Type: NTFS
    Drive H: | 114,22 Gb Total Space | 38,58 Gb Free Space | 33,77% Space Free | Partition Type: FAT32
    Drive J: | 232,88 Gb Total Space | 153,80 Gb Free Space | 66,04% Space Free | Partition Type: NTFS
    Drive Z: | 232,88 Gb Total Space | 153,80 Gb Free Space | 66,04% Space Free | Partition Type: NTFS

    Computer Name: ACER-TOUR | User Name: user | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\user\Mes documents\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\WINDOWS\BackupIP\service.exe ()
    PRC - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Program Files\Fighters\FighterSuiteService.exe (SPAMfighter ApS)
    PRC - C:\Program Files\Fighters\SPAMfighter\sfus.exe (SPAMfighter ApS)
    PRC - C:\Program Files\Fighters\SPAMfighter\sfagent.exe (SPAMfighter ApS)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
    PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
    PRC - C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
    PRC - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
    PRC - C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.)
    PRC - c:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
    PRC - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe (Logitech Inc.)
    PRC - C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
    PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
    PRC - C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe ()
    PRC - C:\Program Files\Motive\AsstCommon\MotiveDirectory.exe (Motive Communications, Inc.)
    PRC - C:\Program Files\Club-Internet\Le Compagnon Club\bin\lecompagnonclub.exe (Club Internet)
    PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
    PRC - C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
    PRC - C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe (Fred's Software)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\user\Mes documents\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
    MOD - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)
    MOD - C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\SBHook.dll (Motive Communications, Inc.)


    ========== Win32 Services (SafeList) ==========

    SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
    SRV - (sdmBackupIP) -- C:\WINDOWS\BackupIP\service.exe ()
    SRV - (Suite Service) -- C:\Program Files\Fighters\FighterSuiteService.exe (SPAMfighter ApS)
    SRV - (SPAMfighter Update Service) -- C:\Program Files\Fighters\SPAMfighter\sfus.exe (SPAMfighter ApS)
    SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (LVSrvLauncher) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
    SRV - (LVPrcSrv) -- c:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
    SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
    SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
    DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
    DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)
    DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
    DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
    DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys ()
    DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
    DRV - (LVUVC) Logitech QuickCam Pro 5000(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
    DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
    DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
    DRV - (LVHybrid) -- C:\WINDOWS\system32\drivers\LVHybrid.sys (Animation Technologies Inc.)
    DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
    DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
    DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
    DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
    DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
    DRV - (MRENDIS5) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
    DRV - (GTNDIS5) -- C:\Program Files\Belkin\F5D7050v3\GTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 82 A0 2B 12 78 CB 01 [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..network.proxy.type: 0


    [2010/12/18 15:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
    [2010/12/18 15:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\qdy899gl.default\extensions
    [2010/12/18 15:59:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\qdy899gl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/11/03 08:20:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

    O1 HOSTS File: ([2004/08/05 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
    O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
    O4 - HKLM..\Run: [installer] C:\Program Files\Installer\lnetworker.exe ()
    O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
    O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
    O4 - HKLM..\Run: [Motive SmartBridge] C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe (SPAMfighter ApS)
    O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
    O4 - HKLM..\Run: [workflow] I:\install\workflow.exe File not found
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
    O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe (Motive Communications, Inc.)
    O4 - Startup: C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage\PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe (Fred's Software)
    O4 - Startup: C:\Documents and Settings\user\Menu Démarrer\Programmes\Démarrage\ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
    O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-wind... (Java Plug-in 1.5.0_06)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/10/27 09:29:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{81ef1c9a-e1a6-11df-8db3-806d6172696f}\Shell - "" = AutoRun
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found


    SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vds - Service
    SafeBootMin: vga.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: vga.sys - Driver
    SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:o E /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
    ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
    ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (17183584330711040)

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/01/01 16:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
    [2011/01/01 16:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [2011/01/01 14:21:21 | 000,081,920 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32n50.dll
    [2011/01/01 14:21:21 | 000,017,162 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Pcandis5.sys
    [2011/01/01 14:21:21 | 000,016,848 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Pcandis4.sys
    [2011/01/01 14:21:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Motive
    [2011/01/01 14:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Motive
    [2011/01/01 14:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
    [2011/01/01 14:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
    [2011/01/01 14:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Motive
    [2011/01/01 14:18:26 | 000,171,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jit.dll
    [2011/01/01 14:18:26 | 000,139,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaee.dll
    [2011/01/01 14:18:26 | 000,046,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\setdebug.exe
    [2011/01/01 14:18:25 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx3j.dll
    [2011/01/01 14:18:21 | 000,286,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vmhelper.dll
    [2011/01/01 14:18:21 | 000,172,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jview.exe
    [2011/01/01 14:18:21 | 000,171,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wjview.exe
    [2011/01/01 14:18:21 | 000,154,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msawt.dll
    [2011/01/01 14:18:21 | 000,021,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjdbc10.dll
    [2011/01/01 14:18:21 | 000,015,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jdbgmgr.exe
    [2011/01/01 14:18:20 | 000,404,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javart.dll
    [2011/01/01 14:18:20 | 000,187,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javacypt.dll
    [2011/01/01 14:18:20 | 000,063,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaprxy.dll
    [2011/01/01 14:18:19 | 000,049,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clspack.exe
    [2011/01/01 14:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\BroadJump
    [2011/01/01 14:17:57 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
    [2011/01/01 14:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\Club-Internet
    [2011/01/01 14:12:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Club-Internet
    [2011/01/01 09:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
    [2010/12/31 17:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\malwarebytes Anti-malware
    [2010/12/31 16:37:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/12/31 16:37:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
    [2010/12/31 16:37:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2010/12/31 16:37:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/12/31 16:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/12/31 13:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\virus
    [2010/12/31 13:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
    [2010/12/31 13:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
    [2010/12/31 12:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/12/31 11:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010/12/30 18:28:45 | 000,000,000 | ---D | C] -- C:\Ad-Remover
    [2010/12/30 13:01:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
    [2010/12/30 12:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes
    [2010/12/29 11:19:38 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
    [2010/12/29 11:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Sunbelt Software
    [2010/12/29 11:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
    [2010/12/27 10:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\vlc
    [2010/12/20 21:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2010/12/20 21:03:25 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
    [2010/12/20 21:03:25 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
    [2010/12/20 11:53:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
    [2010/12/20 11:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
    [2010/12/20 09:29:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\networker
    [2010/12/19 18:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Installer
    [2010/12/19 18:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\assembly
    [2010/12/19 18:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\assembly
    [2010/12/19 18:46:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\BackupIP
    [2010/12/19 18:46:42 | 000,197,632 | ---- | C] (Dino Chiesa) -- C:\WINDOWS\System32\Ionic.Zip.Reduced.dll
    [2010/12/19 18:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
    [2010/12/18 15:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Mozilla
    [2010/12/18 15:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Mozilla
    [2010/12/15 03:49:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
    [2010/12/15 03:48:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
    [2010/12/14 20:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Démarrer\Programmes\Google Chrome
    [2010/12/14 11:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\télé sejour
    [2010/12/11 15:41:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
    [2010/12/09 09:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Apple Computer
    [2010/12/09 09:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
    [2010/12/09 09:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2010/12/09 09:48:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2010/12/09 09:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Apple
    [2010/12/09 09:47:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Apple
    [2010/12/09 09:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2010/12/09 09:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2010/12/09 09:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Apple Computer
    [2010/12/08 11:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Mes documents\Downloads
    [66 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/01/02 17:05:00 | 000,001,142 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1078081533-725345543-1004UA.job
    [2011/01/02 12:05:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1078081533-725345543-1004Core.job
    [2011/01/02 08:47:14 | 000,039,291 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2011/01/02 08:47:13 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
    [2011/01/02 08:46:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/01/02 08:46:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
    [2011/01/02 08:42:59 | 000,010,631 | ---- | M] () -- C:\Documents and Settings\user\Bureau\message erreur.gif
    [2011/01/01 15:41:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011/01/01 14:21:01 | 000,001,889 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
    [2011/01/01 12:30:59 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
    [2011/01/01 11:19:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [2011/01/01 09:50:14 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\user\Bureau\HijackThis.lnk
    [2011/01/01 09:35:59 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\user\Bureau\malware.doc
    [2011/01/01 09:35:27 | 000,002,591 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
    [2010/12/31 16:37:33 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
    [2010/12/31 16:37:33 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2010/12/31 13:53:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/12/30 12:11:25 | 000,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/12/29 11:19:38 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
    [2010/12/27 22:02:56 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2003.lnk
    [2010/12/20 19:14:54 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/12/18 15:55:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
    [2010/12/16 17:03:08 | 000,011,264 | ---- | M] () -- C:\WINDOWS\System32\Utils.dll
    [2010/12/16 16:51:20 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Ancien Régime.doc
    [2010/12/14 20:50:18 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2010/12/14 20:46:57 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
    [2010/12/14 15:47:15 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\user\Bureau\sfr neuf box evolution.doc
    [2010/12/05 12:10:19 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Décodeur TV Evolution.doc
    [66 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/01/02 08:42:59 | 000,010,631 | ---- | C] () -- C:\Documents and Settings\user\Bureau\message erreur.gif
    [2011/01/01 14:21:21 | 000,016,073 | ---- | C] () -- C:\WINDOWS\System32\Pcandis3.vxd
    [2011/01/01 14:21:01 | 000,001,889 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
    [2011/01/01 14:18:26 | 000,007,315 | ---- | C] () -- C:\WINDOWS\System32\javasup.vxd
    [2011/01/01 14:18:25 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
    [2011/01/01 14:18:22 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedon.reg
    [2011/01/01 14:18:22 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedoff.reg
    [2011/01/01 14:18:02 | 000,663,552 | ---- | C] () -- C:\WINDOWS\System32\libeay32_1-1-0_DDR.dll
    [2011/01/01 14:18:02 | 000,532,594 | ---- | C] () -- C:\WINDOWS\System32\xerces-c_1_40_0_DDR.dll
    [2011/01/01 14:18:02 | 000,524,377 | ---- | C] () -- C:\WINDOWS\System32\stlport_4_0_0_DDR.dll
    [2011/01/01 14:18:02 | 000,307,329 | ---- | C] () -- C:\WINDOWS\System32\BJBase_2-2-2_DDR.dll
    [2011/01/01 14:18:02 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32_1-1-0_DDR.dll
    [2011/01/01 14:12:52 | 000,006,345 | R--- | C] () -- C:\WINDOWS\System32\DevMngr.vxd
    [2011/01/01 09:50:14 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\user\Bureau\HijackThis.lnk
    [2011/01/01 09:35:58 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\user\Bureau\malware.doc
    [2010/12/31 16:37:33 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
    [2010/12/31 16:37:33 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2010/12/29 11:21:11 | 000,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [2010/12/26 18:14:04 | 000,233,203 | ---- | C] () -- C:\Documents and Settings\user\Bureau\france télécom tarifs.jpg
    [2010/12/19 18:46:42 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\Utils.dll
    [2010/12/18 15:55:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2010/12/14 20:50:18 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2010/12/14 15:01:40 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\user\Bureau\sfr neuf box evolution.doc
    [2010/12/14 11:21:50 | 000,052,736 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Ancien Régime.doc
    [2010/12/09 09:47:52 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2010/12/05 12:09:55 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Décodeur TV Evolution.doc
    [2010/11/26 13:28:19 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
    [2010/11/20 15:26:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
    [2010/11/20 15:26:57 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
    [2010/11/19 14:44:19 | 000,005,224 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
    [2010/10/28 18:47:33 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2010/10/28 13:43:28 | 000,050,127 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2010/10/28 12:46:14 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2010/10/27 20:33:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
    [2010/10/27 11:21:12 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/10/27 10:14:22 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
    [2010/10/27 10:14:19 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
    [2010/10/27 09:54:13 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2010/10/27 09:41:36 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\fusioncache.dat
    [2010/10/27 09:32:12 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2008/05/14 11:21:52 | 000,441,705 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
    [2007/02/06 16:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
    [2007/02/06 16:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
    [2005/10/10 20:49:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2005/10/10 20:49:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2005/10/10 20:49:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2005/10/10 20:49:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
    [2005/10/10 20:49:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2005/10/10 20:49:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
    [2005/10/10 20:49:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
    [2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
    [2001/03/30 21:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll

    ========== LOP Check ==========

    [2010/10/27 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2010/10/27 20:55:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2010/10/28 12:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
    [2010/10/27 20:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
    [2010/11/21 10:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
    [2010/12/31 13:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/10/28 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro
    [2010/10/28 12:24:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}
    [2010/10/28 12:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
    [2010/10/28 12:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Fighters
    [2010/10/28 20:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GlarySoft
    [2010/10/28 12:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\VadeRetro
    [2011/01/01 11:19:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
    [2011/01/02 08:47:13 | 000,000,310 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %ALLUSERSPROFILE%\Application Data\*. >
    [2010/10/28 13:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
    [2010/10/27 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2010/12/09 09:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2010/12/09 09:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2010/10/27 20:55:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2010/10/28 12:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
    [2010/10/27 20:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
    [2010/12/29 11:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
    [2010/10/28 13:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
    [2010/10/28 13:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
    [2010/12/31 16:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2010/11/21 10:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
    [2010/12/20 11:53:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
    [2011/01/01 14:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
    [2010/11/04 11:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    [2010/10/28 19:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
    [2011/01/01 19:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [2010/11/03 08:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2010/12/31 13:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/10/28 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro
    [2010/10/29 18:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
    [2010/10/28 18:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    [2010/10/28 12:24:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >
    [2010/10/21 13:45:40 | 003,386,144 | ---- | M] (SPAMfighter ApS ) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\SPAMfighter_Client.exe
    [2010/10/21 13:44:19 | 000,706,696 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\1491EB17\2F7662E3\FighterLauncher.exe
    [2010/10/21 13:44:02 | 000,598,664 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\55469686\5409B3BF\spamcfg.exe
    [2010/10/21 13:43:59 | 000,760,968 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\B4209484\5409B3BF\sfagent.exe
    [2010/10/21 13:44:22 | 000,994,440 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\B8F925CC\2F7662E3\MsgSys.exe
    [2010/10/21 13:44:04 | 000,131,720 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\BC728C84\5409B3BF\uninstall.exe
    [2010/10/21 13:44:00 | 000,189,064 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\d_\temp\SPAMFI~1\7126E1~1.X\Sources\INSTAL~1\Input\Binaries\sfus.exe
    [2010/10/21 13:44:21 | 001,130,120 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\E5069363\2F7662E3\FighterSuiteService.exe
    [2010/10/21 13:43:57 | 000,385,672 | ---- | M] (SPAMfighter ApS) -- C:\Documents and Settings\All Users\Application Data\{6FFECD61-BD8C-4A6E-96EE-4E677D84BA25}\common\EE56776E\5409B3BF\prep.exe

    < %APPDATA%\*. >
    [2010/10/28 13:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Adobe
    [2010/12/09 09:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Apple Computer
    [2010/10/28 12:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
    [2010/10/28 12:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Fighters
    [2010/10/28 20:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GlarySoft
    [2010/10/27 09:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Identities
    [2010/11/19 14:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InstallShield
    [2010/10/27 11:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Macromedia
    [2010/12/30 12:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Malwarebytes
    [2010/11/24 21:26:54 | 000,000,000 | --SD | M] -- C:\Documents and Settings\user\Application Data\Microsoft
    [2010/12/18 15:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla
    [2011/01/02 16:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Skype
    [2011/01/02 16:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\skypePM
    [2010/11/03 08:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sun
    [2010/10/28 12:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\VadeRetro
    [2010/12/27 10:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\vlc
    [2010/12/29 10:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Winamp

    < %APPDATA%\*.exe /s >
    [2010/10/28 13:40:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
    [2010/10/28 13:41:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
    [2010/10/28 13:40:48 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe

    < %SYSTEMDRIVE%\*.exe >


    < MD5 for: EXPLORER.EXE >
    [2004/08/05 13:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
    [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

    < MD5 for: USERINIT.EXE >
    [2004/08/05 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
    [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
    [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

    < MD5 for: WINLOGON.EXE >
    [2004/08/05 13:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
    [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
    [2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
    [2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2010/10/27 09:52:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2010/10/27 09:52:14 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2010/10/27 09:52:13 | 000,462,848 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D FC5A2B2

    < End of report >
    2 Janvier 2011 21:11:34

    Bonsoir
    C'est quoi ça?
    Citation :
    C:\Documents and Settings\user\Bureau\virus


    Ouvre Spybot , clique sur l'onglet Mode et choisis Mode Avancé
    Ne tiens pas compte de l'avertissement
    En bas à gauche , clique sur Outils
    Toujours dans la colonne de gauche , clique sur Résident ( pas dans la fenêtre centrale )
    Et décoche l'option Resident "TeaTimer".......



  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation (dans le cadre blanc) en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    PRC - C:\WINDOWS\BackupIP\service.exe ()
    SRV - (sdmBackupIP) -- C:\WINDOWS\BackupIP\service.exe ()
    O4 - HKLM..\Run: [installer] C:\Program Files\Installer\lnetworker.exe ()
    :commands
    [emptytemp]
    [reboot]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    2 Janvier 2011 21:58:41

    Bonjour,

    Ci-dessous le rapport:


    All processes killed
    ========== OTL ==========
    No active process named service.exe was found!
    Service sdmBackupIP stopped successfully!
    Service sdmBackupIP deleted successfully!
    C:\WINDOWS\BackupIP\service.exe moved successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\installer deleted successfully.
    C:\Program Files\Installer\lnetworker.exe moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 115616 bytes
    ->Temporary Internet Files folder emptied: 103136 bytes
    ->Google Chrome cache emptied: 7150626 bytes
    ->Flash cache emptied: 343 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 545923 bytes

    User: user
    ->Temp folder emptied: 859203 bytes
    ->Temporary Internet Files folder emptied: 4926369 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 3472940 bytes
    ->Google Chrome cache emptied: 160571689 bytes
    ->Flash cache emptied: 5881 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 4988161 bytes
    %systemroot%\System32 .tmp files removed: 102912 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 18622 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 65037224 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 1287000 bytes

    Total Files Cleaned = 238,00 mb
    3 Janvier 2011 21:05:27

    Bonsoir
    tu n'as pas répondu à ma question...
    Citation :
    C'est quoi ça?
    Citation :

    C:\Documents and Settings\user\Bureau\virus

    Ce dossier n'est pas arrivé par magie sur ton bureau ... :D 

    comment se comporte ton pc?
    3 Janvier 2011 21:12:19

    Tu t'amuses a faire le LamouZ et d'un seul coup le vent tourne ?
    J'dis ça j'dis rien :D 
    3 Janvier 2011 23:02:50

    Sham_Rock a dit :
    Bonsoir
    tu n'as pas répondu à ma question...
    Citation :
    C'est quoi ça?
    Citation :

    C:\Documents and Settings\user\Bureau\virus


    J'ai crée un répertoire nommé "VIRUS" sur mon bureau ou j'ai rangé les fichiers relatifs à l'infection de mon micro.

    Ce dossier n'est pas arrivé par magie sur ton bureau ... :D 

    comment se comporte ton pc?


    La nuit dernière (moment ou se produisaient les lancements automatiques de sites X ) le phénomène ne s'est pas reproduit.

    Merci beaucoup pour votre aide.

    En espérant que ce problème est définitivement réglé.
    4 Janvier 2011 08:21:00


    J'ai crée un répertoire nommé "VIRUS" sur mon bureau ou j'ai rangé les fichiers relatifs à l'infection de mon micro.



    Voici deux nuits (période ou se produisaient les lancements automatiques de sites X ) que le phénomène ne s'est pas reproduit.

    Merci beaucoup pour votre aide.

    En espérant que ce problème est définitivement réglé.
    4 Janvier 2011 08:27:44

    AWINDOWS:

    Je ne connais pas l'expression "faire le LamouZ"



    La nuit dernière (moment ou se produisaient les lancements automatiques de sites X ) le phénomène ne s'est pas reproduit.

    Merci beaucoup pour votre aide.

    En espérant que ce problème est définitivement réglé.


    4 Janvier 2011 18:42:56

    Non laisse :D 
    Content pour toi :) 
    5 Janvier 2011 10:10:23



    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Edite ton premier message et marque [résolu] dans le titre.
    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS