Se connecter / S'enregistrer
Votre question

résolu Trojan + pub fréquentes

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Mai 2010 20:23:19

Bonsoir,

J'ai un probléme depuis que sur msn je recoive un message : regardez cette photo et cela me mettais un lien que je n'ai pas ouvert. Mais depuis plein de pages de pub qui s'ouvrent et msn qui n'arrête pas de planter.
Merci d'avance à la persone qui pourra m'aider.
Voici un rapport hijacthis + rapport malwaresbyte qui m'a touvé des trojans


Rapport hijacthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:13:36, on 13/05/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\DOCUME~1\BOULOC\LOCALS~1\Temp\Tth.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe
C:\Documents and Settings\BOULOC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\BOULOC\LOCALS~1\Temp\Rar$EX00.531\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: French DivX Toolbar - {e2a3fc1d-545a-414f-b499-1a3a0f1150ea} - C:\Program Files\French_DivX\tbFren.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: French DivX Toolbar - {e2a3fc1d-545a-414f-b499-1a3a0f1150ea} - C:\Program Files\French_DivX\tbFren.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows System Guard] C:\Documents and Settings\BOULOC\Application Data\egun.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [M5T8QL3YW3] C:\DOCUME~1\BOULOC\LOCALS~1\Temp\Tth.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\BOULOC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\BOULOC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\BOULOC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: TrayMin315.exe.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://marmaraphoto.com/Components/Upload/ImageUploader...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} (CDFusionActiveXCtl Object) - http://tele.premiere.fr/design/tele/images/RA/johnny/pl...
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca50ed41837e2e) (gupdate1ca50ed41837e2e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe

--
End of file - 12952 bytes



rapport malwarebyte

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

13/05/2010 20:07:04
mbam-log-2010-05-13 (20-07-04).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 135168
Temps écoulé: 10 minute(s), 12 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
c:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsvncs.txt (Malware.Trace) -> Quarantined and deleted successfully.

Autres pages sur : resolu trojan pub frequentes

13 Mai 2010 20:48:26

Même problème depuis hier. Toujours pas fixé. Semble aller moins mal avec de nombreuses sessions de MBAM dont une complète que je viens juste de finir.
13 Mai 2010 23:12:12

Yop!

@Minotaure, ouvre ton propre sujet! ;) 

=====

@Babouch:

/!\ Pour le bon déroulement de la désinfection:
  • N'ouvre pas le même sujet sur des forums différents, c'est une perte de temps pour tout le monde!
  • Évites les manipulations hasardeuses avec ton PC, mieux vaut demander!
  • Prends le temps de lire corectement et de comprendre l'ensemble des procédures qui te seront demandées.
  • Suis à la lettre chaque procédure qui te sera fournie.
  • Si tu as une quelconque question ou un quelconque problème, n'hésite pas à me demander.
  • Dans un souci de lisibilité du sujet, merci de bien vouloir héberger tous les rapports ici, et de poster les liens dans la discussion. :clin: 

    =====

    Télécharge OTL(de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
  • (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
  • Héberge les rapports, puis donne leurs liens.
    Contenus similaires
    14 Mai 2010 12:54:04

    bonjour voici les rapports

    OTL logfile created on: 14/05/2010 12:43:42 - Run 1
    OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\BOULOC\Mes documents
    Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.11)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    959,00 Mb Total Physical Memory | 387,00 Mb Available Physical Memory | 40,00% Memory free
    2,00 Gb Paging File | 1,00 Gb Available in Paging File | 63,00% Paging File free
    Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 144,15 Gb Total Space | 46,09 Gb Free Space | 31,98% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: LUANA
    Current User Name: BOULOC
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\BOULOC\Mes documents\OTL.exe (OldTimer Tools)
    PRC - C:\Documents and Settings\BOULOC\Local Settings\temp\Tth.exe ()
    PRC - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    PRC - C:\Documents and Settings\BOULOC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
    PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
    PRC - C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
    PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe ( )
    PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe ()
    PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
    PRC - C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe ()
    PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
    PRC - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe ()
    PRC - C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe (America Online, Inc.)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\BOULOC\Mes documents\OTL.exe (OldTimer Tools)
    MOD - C:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll (RealPlayer)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
    MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
    SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
    SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
    SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
    SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
    SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
    SRV - (AshampooDefragService) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe ( )
    SRV - (USBDeviceService) -- C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe ()
    SRV - (AOL ACS) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe (America Online, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
    DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
    DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
    DRV - (VX1000) -- C:\WINDOWS\system32\drivers\VX1000.sys (Microsoft Corporation)
    DRV - (btnetBUs) -- C:\WINDOWS\system32\drivers\btnetBus.sys ()
    DRV - (IvtBtBUs) -- C:\WINDOWS\system32\drivers\IvtBtBus.sys (IVT Corporation.)
    DRV - (BtHidBus) -- C:\WINDOWS\System32\Drivers\BtHidBus.sys (IVT Corporation.)
    DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
    DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
    DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
    DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
    DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\WINDOWS\system32\drivers\LV561AV.SYS (Logitech Inc.)
    DRV - (ASCTRM) -- C:\WINDOWS\system32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
    DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
    DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
    DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
    DRV - (ZSMC301b) -- C:\WINDOWS\system32\drivers\usbVM31b.sys (VM)
    DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
    DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
    DRV - (PCANDIS5) -- C:\WINDOWS\system32\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Google"
    FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
    FF - prefs.js..browser.search.selectedEngine: "Live Search"
    FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-fr&FORM=MIMW..."
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.search.selectedEngine: "uStart"
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.search.selectedEngine: "uStart"
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.search.selectedEngine: "uStart"
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.search.selectedEngine: "uStart"
    FF - prefs.js..browser.startup.homepage: "http://www.ustart.org"
    FF - prefs.js..browser.search.selectedEngine: "uStart"


    FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/05/27 20:42:26 | 000,000,000 | ---D | M]

    [2009/04/18 22:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\Mozilla\Firefox\Profiles\sp0sir1e.default\extensions
    [2009/04/18 22:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\Mozilla\Firefox\Profiles\sp0sir1e.default\extensions\ChoiceGuard@Microsoft
    [2007/05/27 20:43:42 | 000,001,716 | ---- | M] () -- C:\Documents and Settings\BOULOC\Application Data\Mozilla\Firefox\Profiles\sp0sir1e.default\searchplugins\LiveSearch.xml
    [2010/01/23 15:26:20 | 000,005,254 | ---- | M] () -- C:\Documents and Settings\BOULOC\Application Data\Mozilla\Firefox\Profiles\sp0sir1e.default\searchplugins\ustart.xml
    [2007/05/27 20:46:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/04/25 07:56:37 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Program Files\Mozilla Firefox\extensions\{087F774D-4F58-4BA6-B208-DA64CCD8CE6F}
    [2007/01/16 23:24:40 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

    O1 HOSTS File: ([2009/04/27 18:46:39 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
    O2 - BHO: (French DivX Toolbar) - {e2a3fc1d-545a-414f-b499-1a3a0f1150ea} - C:\Program Files\French_DivX\tbFren.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
    O3 - HKLM\..\Toolbar: (French DivX Toolbar) - {e2a3fc1d-545a-414f-b499-1a3a0f1150ea} - C:\Program Files\French_DivX\tbFren.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (French DivX Toolbar) - {E2A3FC1D-545A-414F-B499-1A3A0F1150EA} - C:\Program Files\French_DivX\tbFren.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
    O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Windows System Guard] C:\Documents and Settings\BOULOC\Application Data\egun.exe (SfxTze7dD)
    O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [M5T8QL3YW3] C:\Documents and Settings\BOULOC\Local Settings\temp\Tth.exe ()
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\TrayMin315.exe.lnk = C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe ()
    O4 - Startup: C:\Documents and Settings\BOULOC\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\BOULOC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = avnotify.exe.
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://webscanner.kaspersky.fr/kavwebscan_unicode.cab (CKAVWebScan Object)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/dir... (Shockwave ActiveX Control)
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.... (Solitaire Showdown Class)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca... (UnoCtrl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClie... (MessengerStatsClient Class)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/curren... (Reg Error: Key error.)
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} http://marmaraphoto.com/Components/Upload/ImageUploader... (Aurigma Image Uploader 3.5 Control)
    O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab (Creative Toolbox Plug-in)
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game13.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa... (Virtools WebPlayer Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} http://tele.premiere.fr/design/tele/images/RA/johnny/pl... (CDFusionActiveXCtl Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\BOULOC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\BOULOC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/08/27 12:56:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\Z\Shell - "" = AutoRun
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/05/14 12:43:03 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\BOULOC\Mes documents\OTL.exe
    [2010/05/14 08:40:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\BOULOC\Recent
    [2010/05/13 16:13:50 | 000,176,128 | RHS- | C] (SfxTze7dD) -- C:\Documents and Settings\BOULOC\Application Data\egun.exe
    [2010/05/09 12:03:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\BOULOC\Mes documents\Mes DVD
    [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/05/14 12:44:01 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
    [2010/05/14 12:43:08 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BOULOC\Mes documents\OTL.exe
    [2010/05/14 12:21:01 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/05/14 08:27:02 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/05/14 08:26:40 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2010/05/14 08:26:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2010/05/14 08:26:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/05/14 08:26:16 | 000,149,200 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/05/14 08:25:35 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\BOULOC\NTUSER.DAT
    [2010/05/13 18:38:15 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
    [2010/05/13 16:15:10 | 000,182,272 | ---- | M] () -- C:\WINDOWS\Tmepua.exe
    [2010/05/13 16:13:47 | 000,176,128 | RHS- | M] (SfxTze7dD) -- C:\Documents and Settings\BOULOC\Application Data\egun.exe
    [2010/05/09 11:50:56 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
    [2010/05/09 11:50:56 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
    [2010/05/08 15:43:22 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\BOULOC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/05/07 17:16:57 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [2010/05/03 18:41:13 | 000,152,088 | ---- | M] () -- C:\img2-001.raw
    [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/04/28 18:59:52 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
    [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/05/13 16:15:23 | 000,182,272 | ---- | C] () -- C:\WINDOWS\Tmepua.exe
    [2010/05/13 16:15:21 | 000,000,286 | -H-- | C] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
    [2010/05/09 11:50:56 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
    [2010/05/09 11:50:56 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
    [2009/06/26 17:21:02 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
    [2009/06/17 15:02:46 | 000,029,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
    [2008/09/19 23:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
    [2008/09/19 23:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
    [2008/03/12 17:23:44 | 000,000,078 | ---- | C] () -- C:\WINDOWS\System32\netwbix32.dll
    [2007/09/11 13:12:38 | 000,000,330 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
    [2007/07/18 23:54:18 | 000,059,500 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2007/02/03 19:55:26 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2007/01/31 23:07:32 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS76.DLL
    [2007/01/21 19:46:08 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
    [2007/01/17 22:01:16 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
    [2007/01/14 18:59:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
    [2007/01/12 19:46:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
    [2006/09/14 09:26:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2006/09/14 09:05:25 | 000,000,611 | ---- | C] () -- C:\WINDOWS\WININIT.INI
    [2006/09/14 09:02:29 | 000,007,604 | ---- | C] () -- C:\WINDOWS\HDReg.ini
    [2006/09/14 08:41:50 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
    [2006/09/14 08:41:41 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
    [2006/08/27 21:41:51 | 000,006,069 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
    [2006/08/25 00:33:34 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
    [2006/08/25 00:33:34 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
    [2006/08/25 00:33:34 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
    [2006/08/25 00:33:34 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
    [2006/08/25 00:33:34 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
    [2006/08/25 00:32:10 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2006/01/12 18:23:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
    [2005/08/05 22:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
    [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

    ========== LOP Check ==========

    [2007/09/09 18:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
    [2007/10/04 19:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
    [2007/01/31 23:06:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2007/10/04 19:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
    [2009/10/30 23:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
    [2007/01/16 22:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    [2006/09/14 08:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OD2
    [2009/02/07 19:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
    [2009/05/05 18:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
    [2007/01/28 17:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
    [2007/09/09 19:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
    [2006/09/14 08:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2009/03/16 21:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VistaCodecs
    [2009/02/07 19:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
    [2009/05/10 17:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\AdSigner
    [2007/01/12 22:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\Leadertech
    [2010/05/01 11:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\LimeWire
    [2007/01/16 22:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\MSNInstaller
    [2007/01/12 19:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\OD2
    [2010/03/25 14:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\PhotoFiltre
    [2009/02/07 19:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\PlayFirst
    [2006/09/14 09:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\SampleView
    [2007/05/12 20:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\Screenshot Sender
    [2009/05/05 18:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\Sony
    [2008/06/08 17:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\TaoUSign
    [2010/03/30 12:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\Total Immersion
    [2007/09/09 18:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\TuneUp Software
    [2007/01/12 22:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOULOC\Application Data\VadeRetro
    [2010/05/07 17:16:57 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\Maintenance en 1 clic.job
    [2010/05/14 12:44:01 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

    ========== Purity Check ==========


    < End of report >





    2eme rapport

    OTL Extras logfile created on: 14/05/2010 12:43:42 - Run 1
    OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\BOULOC\Mes documents
    Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.11)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    959,00 Mb Total Physical Memory | 387,00 Mb Available Physical Memory | 40,00% Memory free
    2,00 Gb Paging File | 1,00 Gb Available in Paging File | 63,00% Paging File free
    Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 144,15 Gb Total Space | 46,09 Gb Free Space | 31,98% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: LUANA
    Current User Name: BOULOC
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    "AntiVirusDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:D isabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
    "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
    "C:\Program Files\eChanblard\emule.exe" = C:\Program Files\eChanblard\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe" = C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2 -- (Sony Creative Software Inc.)
    "C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
    "C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
    "C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
    "C:\Documents and Settings\BOULOC\Application Data\egun.exe" = C:\Documents and Settings\BOULOC\Application Data\egun.exe:*:Enabled:Windows System Guard -- (SfxTze7dD)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 17
    "{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Ultra Edition
    "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
    "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
    "{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Camera Window
    "{5AFA4872-16B2-419E-ADCA-8E96E739115D}" = Music Manager
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}" = Macromedia Flash Player 8
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{5F1ECBFB-048E-406E-A7AB-A81F9E359961}" = Sony Ericsson Media Manager 1.2
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
    "{673AB3CA-22D3-477C-8F09-8BB9923C0160}" = ATI Catalyst Control Center
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{755D3B4E-D3A3-4D05-99D8-FC35E26A331C}" = File Viewer Utility 1.2.2
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{968D41C3-25BB-4632-A6DF-2E1C8F0143A4}" = Microsoft LifeCam
    "{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9E75AF24-815C-4BD1-9A05-F96866CC6005}" = CIG
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB3AC39D-9915-435D-ACC4-9881E75326BC}" = RemoteCapture 2.7.2
    "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
    "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3 - Français
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
    "{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
    "{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
    "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
    "{D95F0670-EBA8-46B2-8ABE-9DDA2BC3DC7E}" = Philips SPC315NC Webcam
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = PhotoStitch
    "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
    "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
    "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
    "504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
    "America Online fr" = AOL (France)
    "AOL Connectivity Services" = Module de connectivité AOL
    "AOL YGP Screensaver" = Ecran de veille AOL Photos
    "AOLCoach fr" = AOL Coach Version 1.0(Build:20040229.1 fr)
    "Ashampoo Magical Defrag 2" = Ashampoo Magical Defrag 2
    "ATI Display Driver" = ATI Display Driver
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "CANONBJ_Deinstall_CNMCP76.DLL" = Canon iP1200
    "CCleaner" = CCleaner (remove only)
    "D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
    "DivX Setup.divx.com" = Configuration DivX
    "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
    "Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
    "Easy-WebPrint" = Easy-WebPrint
    "French_DivX Toolbar" = French_DivX Toolbar
    "Google Chrome" = Google Chrome
    "GoogleVideoPlayer" = Google Video Player
    "HijackThis" = HijackThis 2.0.2
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "InstallShield_{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Fenêtre d'appareil photo Canon pour ZoomBrowser EX
    "InstallShield_{755D3B4E-D3A3-4D05-99D8-FC35E26A331C}" = Canon Utilities File Viewer Utility 1.2
    "InstallShield_{9E75AF24-815C-4BD1-9A05-F96866CC6005}" = Canon Internet Library for ZoomBrowser EX
    "InstallShield_{AB3AC39D-9915-435D-ACC4-9881E75326BC}" = Canon Utilities RemoteCapture 2.7
    "InstallShield_{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = Canon Utilities PhotoStitch 3.1
    "Kaspersky Online Scanner" = Kaspersky Online Scanner
    "LimeWire" = LimeWire 4.16.6
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Messenger Plus! Live" = Messenger Plus! Live
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "PhotoRecord" = Canon PhotoRecord
    "QuickTime" = QuickTime
    "RealPlayer 12.0" = RealPlayer
    "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
    "StreetPlugin" = Learn2 Player (Uninstall Only)
    "UnityWebPlayer" = Unity Web Player
    "ViewpointMediaPlayer" = Viewpoint Media Player
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Archiveur WinRAR
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "GP Vs Superbike" = GP Vs Superbike
    "Notification de cadeaux MSN" = Notification de cadeaux MSN
    "PhotoFiltre" = PhotoFiltre

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 26/04/2010 12:35:18 | Computer Name = LUANA | Source = Application Error | ID = 1001
    Description = Détecteur d'erreurs 1830877556.

    Error - 27/04/2010 15:56:10 | Computer Name = LUANA | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 04/05/2010 10:47:56 | Computer Name = LUANA | Source = Application Error | ID = 1000
    Description = Application défaillante explorer.exe, version 6.0.2900.3156, module
    défaillant divxdech264.ax, version 9.0.1.10, adresse de défaillance 0x000b92a6.

    Error - 05/05/2010 11:18:44 | Computer Name = LUANA | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 07/05/2010 12:51:06 | Computer Name = LUANA | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 7.0.6000.17023, module
    défaillant kernel32.dll, version 5.1.2600.3541, adresse de défaillance 0x00012a6b.

    Error - 07/05/2010 12:52:54 | Computer Name = LUANA | Source = Application Error | ID = 1001
    Description = Détecteur d'erreurs 1784896760.

    Error - 08/05/2010 09:38:19 | Computer Name = LUANA | Source = Application Error | ID = 1000
    Description = Application défaillante explorer.exe, version 6.0.2900.3156, module
    défaillant unknown, version 0.0.0.0, adresse de défaillance 0x043492a0.

    Error - 13/05/2010 06:14:23 | Computer Name = LUANA | Source = Application Hang | ID = 1002
    Description = Application bloquée msnmsgr.exe, version 14.0.8089.726, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 13/05/2010 13:00:41 | Computer Name = LUANA | Source = Application Hang | ID = 1002
    Description = Application bloquée iexplore.exe, version 7.0.6000.17023, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 13/05/2010 13:51:46 | Computer Name = LUANA | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    [ System Events ]
    Error - 13/05/2010 12:54:50 | Computer Name = LUANA | Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
    avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

    Error - 13/05/2010 13:48:54 | Computer Name = LUANA | Source = DCOM | ID = 10010
    Description = Le serveur {781B925F-0BF8-4C7B-A2A8-A8B11B488A07} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 13/05/2010 13:51:00 | Computer Name = LUANA | Source = Service Control Manager | ID = 7001
    Description = Le service Media Center Extender Service dépend du service SSDP Discovery
    Service qui n'a pas pu démarrer en raison de l'erreur : %%1058

    Error - 13/05/2010 13:51:06 | Computer Name = LUANA | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : BTHidMgr

    Error - 13/05/2010 13:51:49 | Computer Name = LUANA | Source = Service Control Manager | ID = 7009
    Description = Délai (30000 millisecondes) d'attente pour une connexion du service
    Carte de performance WMI.

    Error - 13/05/2010 13:51:49 | Computer Name = LUANA | Source = Service Control Manager | ID = 7000
    Description = Le service Carte de performance WMI n'a pas pu démarrer en raison
    de l'erreur : %%1053

    Error - 13/05/2010 14:10:35 | Computer Name = LUANA | Source = Service Control Manager | ID = 7001
    Description = Le service Media Center Extender Service dépend du service SSDP Discovery
    Service qui n'a pas pu démarrer en raison de l'erreur : %%1058

    Error - 13/05/2010 14:10:41 | Computer Name = LUANA | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : BTHidMgr IntelIde

    Error - 14/05/2010 02:26:42 | Computer Name = LUANA | Source = Service Control Manager | ID = 7001
    Description = Le service Media Center Extender Service dépend du service SSDP Discovery
    Service qui n'a pas pu démarrer en raison de l'erreur : %%1058

    Error - 14/05/2010 02:26:46 | Computer Name = LUANA | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : BTHidMgr


    < End of report >
    14 Mai 2010 13:56:50

    Ok,

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Copies et colles le contenu ci dessous dans la partie inférieur d'OTL: Personnalisation

    :Processes
    Tth.exe

    :Files
    C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
    C:\WINDOWS\System32\netwbix32.dll
    C:\WINDOWS\Tmepua.exe
    C:\Documents and Settings\BOULOC\Application Data\egun.exe
    C:\Documents and Settings\BOULOC\Local Settings\temp\Tth.exe


    :OTL
    O4 - HKCU\..\Run: [M5T8QL3YW3] C:\Documents and Settings\BOULOC\Local Settings\temp\Tth.exe ()
    O4 - HKLM\..\Run: [Windows System Guard] C:\Documents and Settings\BOULOC\Application Data\egun.exe (SfxTze7dD)


  • Enfin, clique sur le bouton Correction. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, un rapport va s'ouvrir.
  • Copie/colle ensuite les rapports.
  • Note: Le rapport se trouve dans C:\OTL\

    =====

    Redémarre et dis si encore soucis. :o 
    14 Mai 2010 17:18:34


    rapport


    ========== PROCESSES ==========
    Process Tth.exe killed successfully!
    ========== FILES ==========
    C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job moved successfully.
    C:\WINDOWS\System32\netwbix32.dll moved successfully.
    C:\WINDOWS\Tmepua.exe moved successfully.
    C:\Documents and Settings\BOULOC\Application Data\egun.exe moved successfully.
    C:\Documents and Settings\BOULOC\Local Settings\temp\Tth.exe moved successfully.
    ========== OTL ==========
    Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    File C:\Documents and Settings\BOULOC\Local Settings\temp\Tth.exe not found.
    Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    File C:\Documents and Settings\BOULOC\Application Data\egun.exe not found.

    OTL by OldTimer - Version 3.2.4.1 log created on 05142010_171756
    14 Mai 2010 17:29:54

    Tu as encore des soucis?
    14 Mai 2010 18:25:49

    re,

    ca à l'air d'être ok
    merci de ton aide
    14 Mai 2010 18:27:04

    Ok!

    1/ Pour supprimer les utilitaires téléchargés:

  • Télécharge ToolsCleaner2 sur ton bureau
  • Double-clique sur Toolscleaner.exe,
  • Clique sur restauration pour créer un point de restauration.
  • Puis clique sur recherche.
  • Quand la recherche sera terminée, clique sur suppression.
  • A la fin (il y aura des indications dans le cadre en-dessous), clique sur quitter et poste le rapport qui se trouve dans C:\Tcleaner.txt.
  • Clique droit sur son icône => supprimer.


    2/ Pour supprimer les fichiers temporaires (à utiliser régulièrement!):

    Télécharge sur le bureau « CCleaner »
  • Installe le en refusant la Yahoo! Toolbar,
  • Puis lance le.
  • Va dans Options, puis Avancé et décoche la case Effacer uniquement les fichiers etc...
  • Retourne dans Nettoyeur, puis choisis Analyse.
  • Une fois cette dernière terminée, clique sur Nettoyer

    -----

    3/ Désactiver et réactiver la restauration système:

    - sous xp:

  • Clique-Droit sur Poste de Travail
  • Clique Propriétés,
  • Clique Restauration du système.
  • Cocher : Désactiver la restauration système sur tous les lecteurs,
  • Valider en cliquant sur OK.
  • Redémarrer le pc.
  • Et même manoeuvre en décochant pour rétablir la restauration.
  • Puis Menu Démarrer ==> Tous les programmes ==> Accessoires ==> Outils système ==> Restauration système,
  • Clique Créer un nouveau point de restauration.
  • note => le nom donné n’a aucune importance.

    - sous vista:

  • Clique sur Démarrer,
  • Clique-droit sur Ordinateur,
  • Clique Propriétés,
  • Clique Protection du système.
  • Décocher : C,
  • Valider en cliquant sur OK.
  • Redémarrer le pc.
  • Et même manoeuvre en recochant pour rétablir la restauration.
  • Puis de même et cliquer créer pour établir un nouveau point de restauration.

    - sous seven:

  • Clique sur Démarrer,
  • Clique-droit sur Ordinateur,
  • Clique Propriétés,
  • Clique Protection du système,
  • Clique sur l'onglet Protection du système.
  • Sélectionne : C,
  • Clique Configurer...,
  • Coche : Désactiver la protection du système.
  • Valider en cliquant sur OK.
  • Redémarrer le pc.
  • Et même manoeuvre en recochant : Restaurer les paramètres système et les versions précédentes des fichiers pour rétablir la restauration.
  • Puis de même et cliquer créer pour établir un nouveau point de restauration.

    -----

    4/Anti-spyware/malware
  • Garder malwarebytes' et penser à faire des scans réguliers avec ce dernier! => Tuto malwarebytes'
  • Antispyware gratuit : ça sert à rien!

    -----

    5/Protection
  • Un dossier sur les infections.
  • Sécuriser son ordinateur (version courte).
  • Surfer sécurisé.
  • Les idées reçues en sécurité logicielle.

    -----

    6/ Problème résolu?

    Alors penser à mettre le sujet en résolu en éditant ton titre!
  • Clique sur le bouton Éditer dans ton premier message (en bas à droite du message).
  • Ajoute [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message :clin: 
    14 Mai 2010 18:44:31

    [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:


    ---------------------------------
    --> Suppression:
    14 Mai 2010 18:58:24

    voilà j'ai tout fait merci beaucoup
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS