Votre question

Virus ver msn gros soucis!!

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Avril 2010 11:09:23

Bonjour,
Voila depuis 15 jours j'ai un virus je l'ai attrapé sur msn en cliquant sur un lien de photos facebook. Je ne peux démarrer mon pc qu'en mode sans échec avec prise en charge réseaux. Quand je le démarre en mode normal, sa m'affiche un ecran noir avec la souris. J'ai lancé avast qui me trouve sans arret le virus ver donc je le supprime à chaque fois car je ne peux le mettre en quarantaine. J'ai essayé msn clean qui ne m'a rien trouvé un autre aussi usbfix il me semble qui ne m'a rien trouvé non plus. Je fais souvent des analyses scan mais sa ne me trouve rien ou des fois il me marque qu'il retrouve le virus!! Pouvez vous m'aider? Je n'ose pas formater mon pc car déja je ne sais pas faire et de plus, je n'ai pas le cd d'installation. C'est un Windows vista HP. J'ai fait beaucoup de tri dans mes fichiers pour faire de la place mais toujours pareil. S'il vous plait aidez moi.
Cordialement.

Autres pages sur : virus ver msn gros soucis

a c 295 8 Sécurité
1 Avril 2010 11:12:18

Bonjour,

  • Télécharge UsbFix (par El Desaparecido & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    1 Avril 2010 11:13:34

    Je vois plusieurs personnes dans mon cas mais je précise que moi en mode sans echec prise en charge reseaux il y a beaucoup de fonctions du pc que je ne peux pas accéder comme le poste de travail le son certains telechargement ect... Quand je veux télécharger il me dit que sa risque d'endommager mon pc.
    D'avance merci.
    Contenus similaires
    a c 295 8 Sécurité
    1 Avril 2010 11:15:26

    Tu n'as pas trop le choix.
    1 Avril 2010 11:23:19

    Voila ce qu'il me marque; ############################## | UsbFix V6.100 |

    User : denis (Administrateurs) # PC-DE-DENIS
    Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 12:20:01 | 01/04/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Genuine Intel(R) CPU T2130 @ 1.86GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 7.0.6002.18005
    Windows Firewall Status : Enabled
    AV : Windows Live OneCare 1.0.0 [ Enabled | Updated ]
    FW : Pare-feu Windows Live OneCare[ Enabled ]1.0.0

    C:\ -> Disque fixe local # 141,63 Go (86,42 Go free) # NTFS
    D:\ -> Disque fixe local # 7,42 Go (2,19 Go free) [HP_RECOVERY] # NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque amovible # 7,45 Go (6,43 Go free) [Lexar] # FAT32

    ################## | Elements infectieux |


    ################## | Registre |


    ################## | Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{93756e18-c3d3-11dd-afae-001b2468f717}
    shell\AutoRun\command =F:\AutoRunCardDetector.exe

    ################## | Vaccin |

    (!) Cet ordinateur n'est pas vacciné !

    ################## | ! Fin du rapport # UsbFix V6.100 ! |
    a c 295 8 Sécurité
    1 Avril 2010 11:26:28

    On va utiliser un autre programme.

  • Relance UsbFix et choisis l'option 6 pour le désinstaller.

  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche Minimal Output.
  • Coche également les cases à côté de LOP Check et Purity Check.
  • Enfin, clique sur le bouton Run Scan. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    1 Avril 2010 11:44:18

    Je peux pas te les copier coller ici? car sur le site je n'ai pas parcourir et les rapports sont sur des feuilles bloc notes. Désolé pas bien doué en informatique.
    a c 295 8 Sécurité
    1 Avril 2010 12:25:07

    Si, tu peux. Je m'absente.
    1 Avril 2010 12:28:02

    OTL logfile created on: 01/04/2010 12:38:16 - Run 1
    OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\denis\Documents\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
    4,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 141,63 Gb Total Space | 86,41 Gb Free Space | 61,01% Space Free | Partition Type: NTFS
    Drive D: | 7,42 Gb Total Space | 2,19 Gb Free Space | 29,54% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    Drive F: | 7,45 Gb Total Space | 6,43 Gb Free Space | 86,25% Space Free | Partition Type: FAT32
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-DENIS
    Current User Name: denis
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Users\denis\Documents\Downloads\OTL (1).exe (OldTimer Tools)
    PRC - C:\Users\denis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\denis\Documents\Downloads\OTL (1).exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll (Microsoft Corporation)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (winss) -- C:\Program Files\Microsoft Windows OneCare Live\winss.exe (Microsoft Corporation)
    SRV - (OcHealthMon) -- C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe (Microsoft Corporation)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
    SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
    SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
    SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
    SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    SRV - (OneCareMP) -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)
    SRV - (FTRTSVC) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (msfwsvc) -- C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe (Microsoft Corporation)
    SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
    SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()
    SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
    SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)


    ========== Driver Services (SafeList) ==========

    DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
    DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
    DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
    DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
    DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
    DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
    DRV - (MpFilter) -- C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
    DRV - (MSFWDrv) -- C:\Windows\System32\drivers\msfwdrv.sys (Microsoft Corporation)
    DRV - (MSFWHLPR) -- C:\Windows\System32\drivers\msfwhlpr.sys (Microsoft Corporation)
    DRV - (GT72UBUS) -- C:\Windows\System32\drivers\gt72ubus.sys (Option N.V.)
    DRV - (GTPTSER) -- C:\Windows\System32\drivers\gtptser.sys (Option N.V.)
    DRV - (GT72NDISIPXP) -- C:\Windows\System32\drivers\Gt51Ip.sys (Option NV)
    DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.)
    DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
    DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
    DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
    DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
    DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
    DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
    DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
    DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
    DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
    DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
    DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
    DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI)
    DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI)
    DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI)
    DRV - (ssm_mdm) -- C:\Windows\System32\drivers\ssm_mdm.sys (MCCI)
    DRV - (ssm_mdfl) -- C:\Windows\System32\drivers\ssm_mdfl.sys (MCCI)
    DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll (TODO: <Company name>)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    [2009/05/30 12:35:54 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\mozilla\Extensions
    [2009/05/30 12:35:54 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

    O1 HOSTS File: ([2009/08/26 16:27:17 | 000,325,948 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 11155 more lines...
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
    O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
    O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
    O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
    O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe (France Telecom SA)
    O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe (1-Click Media)
    O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [OneCareUI] C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Shareaza] C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKCU..\Run: [Weflirt] C:\Program Files\Weflirt\weflirt.exe ()
    O4 - HKLM..\RunOnce: [BrowserBallot] C:\Windows\System32\browserchoice.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
    O4 - Startup: C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe (Gigatribe SAS)
    O4 - Startup: C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\denis\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
    O9 - Extra Button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Users\Public\Titan Poker\casino.exe ()
    O9 - Extra 'Tools' menuitem : Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Users\Public\Titan Poker\casino.exe ()
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/F... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/Obe... (Oberon Flash Game Host)
    O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/Install... (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Users\denis\Pictures\2009-01-06 photo titou et loute\photo titou et loute 233.JPG
    O24 - Desktop BackupWallPaper: C:\Users\denis\Pictures\2009-01-06 photo titou et loute\photo titou et loute 233.JPG
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2007/04/22 03:55:46 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2005/09/11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
    O33 - MountPoints2\{93756e18-c3d3-11dd-afae-001b2468f717}\Shell - "" = AutoRun
    O33 - MountPoints2\{93756e18-c3d3-11dd-afae-001b2468f717}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/04/01 12:19:14 | 000,000,000 | ---D | C] -- C:\UsbFix
    [2010/03/26 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\denis\AppData\Local\Temp(59)
    [2010/03/26 19:50:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2010/03/26 19:20:03 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/03/24 14:58:59 | 000,000,000 | ---D | C] -- C:\Users\denis\AppData\Roaming\Audacity
    [2010/03/21 18:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
    [2010/03/18 22:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSNFix
    [2010/03/18 16:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\AxBx
    [2010/03/18 16:47:00 | 000,000,000 | ---D | C] -- C:\MSNCleaner
    [2010/03/12 04:01:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010/03/11 04:04:01 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
    [2010/03/11 04:03:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
    [2010/03/07 16:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\SFR

    ========== Files - Modified Within 30 Days ==========

    [2010/04/01 12:37:26 | 006,029,312 | -HS- | M] () -- C:\Users\denis\ntuser.dat
    [2010/04/01 12:21:02 | 001,478,524 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/04/01 12:21:02 | 000,671,336 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/04/01 12:21:02 | 000,589,472 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/04/01 12:21:02 | 000,123,850 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/04/01 12:21:02 | 000,101,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/04/01 11:25:33 | 000,005,676 | ---- | M] () -- C:\Users\denis\AppData\Local\d3d9caps.dat
    [2010/04/01 09:52:31 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2010/04/01 09:52:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/04/01 09:51:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/04/01 09:51:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/04/01 09:51:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1027950865-1566024491-1235179411-1000UA.job
    [2010/04/01 09:50:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/04/01 00:06:12 | 000,524,288 | -HS- | M] () -- C:\Users\denis\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
    [2010/04/01 00:06:12 | 000,065,536 | -HS- | M] () -- C:\Users\denis\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
    [2010/03/30 19:31:38 | 000,002,042 | ---- | M] () -- C:\Users\denis\Desktop\Google Chrome.lnk
    [2010/03/19 14:38:39 | 001,161,841 | ---- | M] () -- C:\Users\denis\Desktop\C.V à moi.rtf
    [2010/03/19 14:37:34 | 000,011,861 | ---- | M] () -- C:\Users\denis\Documents\LETTRE MOTIVATION.docx
    [2010/03/17 10:05:59 | 001,158,300 | ---- | M] () -- C:\Users\denis\Desktop\Mlle MANOLOUDIS Sonia.rtf
    [2010/03/14 20:51:00 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1027950865-1566024491-1235179411-1000Core.job
    [2010/03/11 10:25:55 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
    [2010/03/07 18:27:34 | 000,002,687 | ---- | M] () -- C:\Users\denis\Desktop\Microsoft Office Word 2007.lnk
    [2010/03/07 14:16:47 | 000,011,776 | ---- | M] () -- C:\Users\denis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== Files Created - No Company Name ==========

    [2010/03/31 15:42:37 | 000,008,230 | ---- | C] () -- C:\Users\denis\Desktop\grille(1).png
    [2010/03/30 19:31:38 | 000,002,042 | ---- | C] () -- C:\Users\denis\Desktop\Google Chrome.lnk
    [2009/07/05 16:29:04 | 000,338,944 | ---- | C] () -- C:\Windows\System32\LFFPX7.DLL
    [2009/07/05 16:29:04 | 000,118,784 | ---- | C] () -- C:\Windows\System32\LFKODAK.DLL
    [2009/07/05 12:53:02 | 000,000,943 | ---- | C] () -- C:\Windows\wininit.ini
    [2009/06/06 22:21:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/03/12 12:52:50 | 000,003,053 | ---- | C] () -- C:\Users\denis\AppData\Local\iqcmgcq.dat
    [2009/03/09 08:28:49 | 000,000,090 | ---- | C] () -- C:\Users\denis\AppData\Local\gsiaqqq.bat
    [2009/01/22 11:58:14 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
    [2009/01/22 11:58:13 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
    [2008/12/09 09:30:16 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\rx_image.Cache
    [2008/10/08 19:30:36 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Horn Section
    [2008/10/08 19:30:36 | 000,000,268 | RH-- | C] () -- C:\Users\denis\AppData\Roaming\Helper Scripts
    [2008/10/08 19:30:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
    [2008/10/08 19:30:36 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Icons
    [2008/01/25 18:10:12 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI
    [2008/01/25 18:10:12 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
    [2008/01/25 18:05:27 | 000,031,831 | ---- | C] () -- C:\Windows\maxlink.ini
    [2008/01/01 17:06:13 | 000,000,316 | ---- | C] () -- C:\Windows\yes_messenger.ini
    [2007/12/28 23:06:13 | 000,027,814 | ---- | C] () -- C:\Users\denis\AppData\Roaming\UserTile.png
    [2007/11/24 16:27:07 | 000,005,676 | ---- | C] () -- C:\Users\denis\AppData\Local\d3d9caps.dat
    [2007/10/12 21:25:33 | 000,000,061 | ---- | C] () -- C:\Windows\yesmessenger.ini
    [2007/10/07 10:39:44 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
    [2007/10/06 20:15:03 | 000,011,776 | ---- | C] () -- C:\Users\denis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\QSwitch.txt
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\DSwitch.txt
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\AtStart.txt
    [2007/04/22 03:46:57 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log
    [2007/03/09 16:27:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
    [2007/02/27 22:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
    [2007/02/22 12:14:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1214.dll
    [2007/02/22 10:50:42 | 000,245,760 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
    [2006/12/13 23:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
    [2006/12/13 23:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
    [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/03/10 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2005/05/08 06:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

    ========== LOP Check ==========

    [2010/03/24 19:16:36 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Audacity
    [2007/10/21 21:14:15 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\iWin
    [2009/05/30 12:37:05 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\LimeWire
    [2009/03/07 09:53:01 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\MP-Manager
    [2009/03/07 09:32:53 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\MPMAN
    [2008/10/08 19:33:53 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Nikon
    [2007/12/28 23:06:13 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\PeerNetworking
    [2007/12/15 14:15:46 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\pokerth
    [2007/11/18 20:30:46 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Samsung
    [2008/01/05 11:44:51 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Shareaza
    [2008/02/24 10:42:02 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Weflirt
    [2008/12/11 16:19:48 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Zylom
    [2010/03/11 04:28:10 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 669 bytes -> C:\Users\denis\Documents\bull.eml:o ECustomProperty
    < End of report >
    1 Avril 2010 12:29:35

    OTL logfile created on: 01/04/2010 12:38:16 - Run 1
    OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\denis\Documents\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
    4,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 141,63 Gb Total Space | 86,41 Gb Free Space | 61,01% Space Free | Partition Type: NTFS
    Drive D: | 7,42 Gb Total Space | 2,19 Gb Free Space | 29,54% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    Drive F: | 7,45 Gb Total Space | 6,43 Gb Free Space | 86,25% Space Free | Partition Type: FAT32
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-DENIS
    Current User Name: denis
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Users\denis\Documents\Downloads\OTL (1).exe (OldTimer Tools)
    PRC - C:\Users\denis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\denis\Documents\Downloads\OTL (1).exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll (Microsoft Corporation)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (winss) -- C:\Program Files\Microsoft Windows OneCare Live\winss.exe (Microsoft Corporation)
    SRV - (OcHealthMon) -- C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe (Microsoft Corporation)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
    SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
    SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
    SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
    SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    SRV - (OneCareMP) -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)
    SRV - (FTRTSVC) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (msfwsvc) -- C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe (Microsoft Corporation)
    SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
    SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()
    SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
    SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)


    ========== Driver Services (SafeList) ==========

    DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
    DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
    DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
    DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
    DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
    DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
    DRV - (MpFilter) -- C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
    DRV - (MSFWDrv) -- C:\Windows\System32\drivers\msfwdrv.sys (Microsoft Corporation)
    DRV - (MSFWHLPR) -- C:\Windows\System32\drivers\msfwhlpr.sys (Microsoft Corporation)
    DRV - (GT72UBUS) -- C:\Windows\System32\drivers\gt72ubus.sys (Option N.V.)
    DRV - (GTPTSER) -- C:\Windows\System32\drivers\gtptser.sys (Option N.V.)
    DRV - (GT72NDISIPXP) -- C:\Windows\System32\drivers\Gt51Ip.sys (Option NV)
    DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.)
    DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
    DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
    DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
    DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
    DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
    DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
    DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
    DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
    DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
    DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
    DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
    DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI)
    DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI)
    DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI)
    DRV - (ssm_mdm) -- C:\Windows\System32\drivers\ssm_mdm.sys (MCCI)
    DRV - (ssm_mdfl) -- C:\Windows\System32\drivers\ssm_mdfl.sys (MCCI)
    DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll (TODO: <Company name>)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    [2009/05/30 12:35:54 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\mozilla\Extensions
    [2009/05/30 12:35:54 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

    O1 HOSTS File: ([2009/08/26 16:27:17 | 000,325,948 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 11155 more lines...
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
    O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
    O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
    O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
    O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe (France Telecom SA)
    O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe (1-Click Media)
    O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [OneCareUI] C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Shareaza] C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKCU..\Run: [Weflirt] C:\Program Files\Weflirt\weflirt.exe ()
    O4 - HKLM..\RunOnce: [BrowserBallot] C:\Windows\System32\browserchoice.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
    O4 - Startup: C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe (Gigatribe SAS)
    O4 - Startup: C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\denis\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
    O9 - Extra Button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Users\Public\Titan Poker\casino.exe ()
    O9 - Extra 'Tools' menuitem : Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Users\Public\Titan Poker\casino.exe ()
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/F... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/Obe... (Oberon Flash Game Host)
    O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/Install... (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Users\denis\Pictures\2009-01-06 photo titou et loute\photo titou et loute 233.JPG
    O24 - Desktop BackupWallPaper: C:\Users\denis\Pictures\2009-01-06 photo titou et loute\photo titou et loute 233.JPG
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2007/04/22 03:55:46 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2005/09/11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
    O33 - MountPoints2\{93756e18-c3d3-11dd-afae-001b2468f717}\Shell - "" = AutoRun
    O33 - MountPoints2\{93756e18-c3d3-11dd-afae-001b2468f717}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/04/01 12:19:14 | 000,000,000 | ---D | C] -- C:\UsbFix
    [2010/03/26 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\denis\AppData\Local\Temp(59)
    [2010/03/26 19:50:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2010/03/26 19:20:03 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/03/24 14:58:59 | 000,000,000 | ---D | C] -- C:\Users\denis\AppData\Roaming\Audacity
    [2010/03/21 18:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
    [2010/03/18 22:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSNFix
    [2010/03/18 16:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\AxBx
    [2010/03/18 16:47:00 | 000,000,000 | ---D | C] -- C:\MSNCleaner
    [2010/03/12 04:01:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010/03/11 04:04:01 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
    [2010/03/11 04:03:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
    [2010/03/07 16:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\SFR

    ========== Files - Modified Within 30 Days ==========

    [2010/04/01 12:37:26 | 006,029,312 | -HS- | M] () -- C:\Users\denis\ntuser.dat
    [2010/04/01 12:21:02 | 001,478,524 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/04/01 12:21:02 | 000,671,336 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/04/01 12:21:02 | 000,589,472 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/04/01 12:21:02 | 000,123,850 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/04/01 12:21:02 | 000,101,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/04/01 11:25:33 | 000,005,676 | ---- | M] () -- C:\Users\denis\AppData\Local\d3d9caps.dat
    [2010/04/01 09:52:31 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2010/04/01 09:52:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/04/01 09:51:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/04/01 09:51:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/04/01 09:51:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1027950865-1566024491-1235179411-1000UA.job
    [2010/04/01 09:50:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/04/01 00:06:12 | 000,524,288 | -HS- | M] () -- C:\Users\denis\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
    [2010/04/01 00:06:12 | 000,065,536 | -HS- | M] () -- C:\Users\denis\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
    [2010/03/30 19:31:38 | 000,002,042 | ---- | M] () -- C:\Users\denis\Desktop\Google Chrome.lnk
    [2010/03/19 14:38:39 | 001,161,841 | ---- | M] () -- C:\Users\denis\Desktop\C.V à moi.rtf
    [2010/03/19 14:37:34 | 000,011,861 | ---- | M] () -- C:\Users\denis\Documents\LETTRE MOTIVATION.docx
    [2010/03/17 10:05:59 | 001,158,300 | ---- | M] () -- C:\Users\denis\Desktop\Mlle MANOLOUDIS Sonia.rtf
    [2010/03/14 20:51:00 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1027950865-1566024491-1235179411-1000Core.job
    [2010/03/11 10:25:55 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
    [2010/03/07 18:27:34 | 000,002,687 | ---- | M] () -- C:\Users\denis\Desktop\Microsoft Office Word 2007.lnk
    [2010/03/07 14:16:47 | 000,011,776 | ---- | M] () -- C:\Users\denis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== Files Created - No Company Name ==========

    [2010/03/31 15:42:37 | 000,008,230 | ---- | C] () -- C:\Users\denis\Desktop\grille(1).png
    [2010/03/30 19:31:38 | 000,002,042 | ---- | C] () -- C:\Users\denis\Desktop\Google Chrome.lnk
    [2009/07/05 16:29:04 | 000,338,944 | ---- | C] () -- C:\Windows\System32\LFFPX7.DLL
    [2009/07/05 16:29:04 | 000,118,784 | ---- | C] () -- C:\Windows\System32\LFKODAK.DLL
    [2009/07/05 12:53:02 | 000,000,943 | ---- | C] () -- C:\Windows\wininit.ini
    [2009/06/06 22:21:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/03/12 12:52:50 | 000,003,053 | ---- | C] () -- C:\Users\denis\AppData\Local\iqcmgcq.dat
    [2009/03/09 08:28:49 | 000,000,090 | ---- | C] () -- C:\Users\denis\AppData\Local\gsiaqqq.bat
    [2009/01/22 11:58:14 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
    [2009/01/22 11:58:13 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
    [2008/12/09 09:30:16 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\rx_image.Cache
    [2008/10/08 19:30:36 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Horn Section
    [2008/10/08 19:30:36 | 000,000,268 | RH-- | C] () -- C:\Users\denis\AppData\Roaming\Helper Scripts
    [2008/10/08 19:30:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
    [2008/10/08 19:30:36 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Icons
    [2008/01/25 18:10:12 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI
    [2008/01/25 18:10:12 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
    [2008/01/25 18:05:27 | 000,031,831 | ---- | C] () -- C:\Windows\maxlink.ini
    [2008/01/01 17:06:13 | 000,000,316 | ---- | C] () -- C:\Windows\yes_messenger.ini
    [2007/12/28 23:06:13 | 000,027,814 | ---- | C] () -- C:\Users\denis\AppData\Roaming\UserTile.png
    [2007/11/24 16:27:07 | 000,005,676 | ---- | C] () -- C:\Users\denis\AppData\Local\d3d9caps.dat
    [2007/10/12 21:25:33 | 000,000,061 | ---- | C] () -- C:\Windows\yesmessenger.ini
    [2007/10/07 10:39:44 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
    [2007/10/06 20:15:03 | 000,011,776 | ---- | C] () -- C:\Users\denis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\QSwitch.txt
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\DSwitch.txt
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\AtStart.txt
    [2007/04/22 03:46:57 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log
    [2007/03/09 16:27:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
    [2007/02/27 22:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
    [2007/02/22 12:14:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1214.dll
    [2007/02/22 10:50:42 | 000,245,760 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
    [2006/12/13 23:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
    [2006/12/13 23:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
    [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/03/10 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2005/05/08 06:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

    ========== LOP Check ==========

    [2010/03/24 19:16:36 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Audacity
    [2007/10/21 21:14:15 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\iWin
    [2009/05/30 12:37:05 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\LimeWire
    [2009/03/07 09:53:01 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\MP-Manager
    [2009/03/07 09:32:53 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\MPMAN
    [2008/10/08 19:33:53 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Nikon
    [2007/12/28 23:06:13 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\PeerNetworking
    [2007/12/15 14:15:46 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\pokerth
    [2007/11/18 20:30:46 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Samsung
    [2008/01/05 11:44:51 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Shareaza
    [2008/02/24 10:42:02 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Weflirt
    [2008/12/11 16:19:48 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Zylom
    [2010/03/11 04:28:10 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 669 bytes -> C:\Users\denis\Documents\bull.eml:o ECustomProperty
    < End of report >
    1 Avril 2010 12:30:49

    OTL Extras logfile created on: 01/04/2010 12:38:16 - Run 1
    OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\denis\Documents\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
    4,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 141,63 Gb Total Space | 86,41 Gb Free Space | 61,01% Space Free | Partition Type: NTFS
    Drive D: | 7,42 Gb Total Space | 2,19 Gb Free Space | 29,54% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    Drive F: | 7,45 Gb Total Space | 6,43 Gb Free Space | 86,25% Space Free | Partition Type: FAT32
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-DENIS
    Current User Name: denis
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- C:\Users\denis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 1
    "InternetSettingsDisableNotify" = 1
    "AutoUpdateDisableNotify" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe" = C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- File not found


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0692FC6D-A1D8-4015-B89D-0157C07E07FC}" = lport=50000 | protocol=6 | dir=in | name=windows live onecare |
    "{217F0E38-86ED-48FC-8C95-F9C96EDB0180}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{2A7364AF-FCDF-4ECE-9A36-1EE8532FBF36}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare |
    "{3A2DE49F-7296-4076-8642-BC166DA55C82}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare |
    "{54AA4760-9571-4F08-A134-2E083914937E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
    "{57E7CAE3-BF5E-449D-93BD-3848C772C5B3}" = lport=50000 | protocol=6 | dir=in | name=windows live onecare |
    "{746BCEED-3292-43E0-9BB3-169D5227B27F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{7C7D11C7-EE43-43C6-9079-8B0B23A66927}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{9D2DCB28-1435-4E3D-A629-5F8BBC8B6AE1}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{B6071266-CC72-4423-BDA6-BAD4A3ABBFD8}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{B819A2E4-AAC1-4365-8C84-C6CFA00A577F}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{C6534402-D68C-4B96-B9BE-4A83B04DED28}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare |
    "{E76255E1-99F2-4B81-B9AD-0B2733A5BE14}" = lport=50000 | protocol=6 | dir=in | name=windows live onecare |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04606A6B-091A-4362-AE9D-DC7E2235B68A}" = protocol=6 | dir=in | app=c:\program files\gigatribe\gigatribe.exe |
    "{06C296DA-C8AB-49AD-B278-1F07D3512AA4}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
    "{0B3D48ED-7E64-4F39-B4AE-AF0D2B07637F}" = protocol=17 | dir=in | app=c:\program files\gigatribe\gigatribe.exe |
    "{18B06E99-BEEC-446F-93E6-92BDEF0B5BF4}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
    "{1D098C2E-B5EF-46A8-8A10-9E66F6B8D7AC}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
    "{25EB9BAF-59E9-417B-A767-C2A64AF999A7}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
    "{29C0724B-4383-49E0-A73B-E9D91BD9B0AC}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
    "{2CFF3DE2-FEFB-4DF6-AEE1-EE07CE5EB618}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{5D1A4DFC-8971-486F-9FD4-03E194F1FA24}" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
    "{7169386F-640D-4860-88FF-8C44B3B9D13F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
    "{7656FC73-CBF7-472F-B8D5-0275A99BB068}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{8890AAEA-6265-4CB1-8365-FED25F455988}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{88CAC299-04F1-4C72-909F-EA9F14BCE056}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
    "{8DF41FA1-EE8A-49A0-A0BB-E7398819232A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{9ABB7426-FC8F-4FD7-B452-C1CF93DD15DA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
    "{AF08982B-A9A0-44E0-8463-8B13B9065941}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
    "{BBC3C7D3-3625-47E8-95BE-9D46C896EA9E}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
    "{D1245273-238D-40C8-9C19-A6348BF26F0B}" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
    "{DE529558-8F75-4BF0-B13F-6E586BA5D7E3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E1CB17CE-9BFA-4AFA-A7A4-BF19DDFC9478}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
    "{F52440E0-4E29-446B-A4A3-E82E643FD5A4}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{023EC958-023C-42D1-B2A4-E9E4BEF599FC}" = SweetIM for Messenger 2.6
    "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
    "{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
    "{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
    "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
    "{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
    "{1967D67C-6F3F-4001-9644-BAC704F7EE84}" = Samsung PC Studio
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
    "{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
    "{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
    "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
    "{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
    "{336A609A-6ECC-4E05-B320-CCC085BF7EA7}" = MSCU for Microsoft Vista
    "{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
    "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
    "{3851147E-5A91-4469-BA4D-13FFFCC8A920}" = Microsoft Windows OneCare Live v2.5.2900.20 Idcrl Install
    "{39523EA4-F914-4447-A551-2513766095F5}" = ESU for Microsoft Vista
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
    "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{49E597BA-63D3-4936-9E02-AEDB5D1FE002}" = MP Manager
    "{5660022E-F3F2-4126-8CC5-9726C47150EB}" = Microsoft Windows Live OneCare Resources v2.5.2900.30
    "{5CA81D12-9EC2-4082-972B-43ECA63F41F2}" = HP Pavilion Webcam Driver for Vista v061.001.00005
    "{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{6513E869-647F-40FD-A55D-CFC92579B9BA}" = PX Engine
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
    "{6FF86625-F11A-44EE-8886-432E6994B474}" = Micro Application - Super Point de Croix 3
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{77EE3F1E-C5E2-4A51-A86E-7CD2DE36F676}" = Point de croix version 3
    "{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
    "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}" = GTOneCare
    "{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
    "{90120000-0019-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
    "{90120000-001A-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0401-0000-0000000FF1CE}_SMALLBUSINESSR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0413-0000-0000000FF1CE}_SMALLBUSINESSR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-006E-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
    "{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
    "{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
    "{A9E5D235-52F9-49E5-98F0-CD79940FB0CE}" = Microsoft Protection Service
    "{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
    "{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1 - Français
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{B1F535AE-F732-44bd-9B6D-0712403945DF}_is1" = TF1Vision version 1.3.1.4
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
    "{BEWINTERNET-FR-DMGP-V2}.UninstallSuite" = Internet Everywhere
    "{C23587D9-1415-4042-9B3D-43118A4334C7}_is1" = BoontyBox 2.3
    "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D07A8E7E-D324-4945-BA8C-E532AD008FF3}" = Microsoft Windows OneCare Live v2.5.2900.30
    "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
    "{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
    "{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
    "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E26B83D1-C0BB-41BC-8F44-31D5354DD6AF}" = Microsoft Windows OneCare Live AntiSpyware and AntiVirus
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
    "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
    "{FCCC555E-166C-426A-A98C-39C80AE7C081}" = HP User Guides 0082
    "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
    "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "avast!" = avast! Antivirus
    "CardDetectorICON225" = Card Detector for Option Icon 225
    "CartaGoGo v3.1.8_is1" = CartaGoGo v3.1.8
    "CNXT_HDAUDIO" = Conexant HD Audio
    "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP
    "Créer ta carte - Version de démonstration_is1" = Créer ta carte - Version de démonstration
    "DialMessenger_is1" = Weflirt
    "eMule_is1" = eMulev0.48a.-MorphXTv10.5
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "HP Photosmart Essential" = HP Photosmart Essential 2.0
    "Jewel Quest Solitaire 2_is1" = Jewel Quest Solitaire 2 fr
    "LimeWire" = LimeWire 5.1.1
    "Ludi" = Ludi
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "MiraplacidPublisherSDK" = Miraplacid Publisher SDK 6.2
    "PartyPoker" = PartyPoker
    "PhotoFiltre" = PhotoFiltre
    "Picasa 3" = Picasa 3
    "PokerFROnline" = PokerFROnline
    "PokerStars" = PokerStars
    "PokerTH 0.6" = PokerTH
    "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
    "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
    "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
    "Search Guard Plus" = Search Guard Plus (My Web Tattoo)
    "Search Guard Plus Updater" = Search Guard Plus Updater (My Web Tattoo)
    "SFR_Kit" = SFR - Kit de connexion
    "ShalSoft.GigaTribe_is1" = GigaTribe 3.01.001
    "Shareaza_is1" = Shareaza 2.3.1.0
    "SMALLBUSINESSR" = Microsoft Office Small Business 2007
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Web Tattoo)
    "Titan Poker" = Titan Poker
    "UNO© Freeware" = UNO© Freeware
    "villafortuna" = Villa Fortuna
    "Vodafone WCDMA Composite Device Drive" = Vodafone WCDMA Composite Device Drive Software
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Archiveur WinRAR
    "WinSS" = Windows Live OneCare
    "YesMessenger_is1" = YesMessenger 2.2.10

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "Monopoly Deluxe" = Monopoly Deluxe
    "Notification de cadeaux MSN" = Notification de cadeaux MSN
    "Yahoo! BrowserPlus" = Yahoo! BrowserPlus

    ========== Last 10 Event Log Errors ==========

    [ Antivirus Events ]
    Error - 18/03/2010 06:22:53 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestAddFile Error 1753.

    Error - 18/03/2010 08:53:56 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestOpenList Error 1753.

    Error - 18/03/2010 08:53:56 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
    chestOpenList() failed: 2147422219.

    Error - 18/03/2010 08:54:12 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = aswChestInterface - Program error description: CChestListView::o nCreate()
    !m_strErrorWnd.IsEmpty().

    Error - 21/03/2010 17:07:44 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestAddFile Error 1753.

    Error - 25/03/2010 13:44:47 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestAddFile Error 1753.

    Error - 30/03/2010 16:49:13 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestOpenList Error 1753.

    Error - 30/03/2010 16:49:13 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
    chestOpenList() failed: 2147422219.

    Error - 30/03/2010 16:49:39 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = aswChestInterface - Program error description: CChestListView::o nCreate()
    !m_strErrorWnd.IsEmpty().

    Error - 30/03/2010 17:16:57 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestAddFile Error 1753.


    ========== Last 10 Event Log Errors ==========

    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

    < End of report >
    1 Avril 2010 12:41:45

    OTL Extras logfile created on: 01/04/2010 12:38:16 - Run 1
    OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\denis\Documents\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
    4,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 141,63 Gb Total Space | 86,41 Gb Free Space | 61,01% Space Free | Partition Type: NTFS
    Drive D: | 7,42 Gb Total Space | 2,19 Gb Free Space | 29,54% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    Drive F: | 7,45 Gb Total Space | 6,43 Gb Free Space | 86,25% Space Free | Partition Type: FAT32
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-DENIS
    Current User Name: denis
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- C:\Users\denis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 1
    "InternetSettingsDisableNotify" = 1
    "AutoUpdateDisableNotify" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe" = C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- File not found


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0692FC6D-A1D8-4015-B89D-0157C07E07FC}" = lport=50000 | protocol=6 | dir=in | name=windows live onecare |
    "{217F0E38-86ED-48FC-8C95-F9C96EDB0180}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{2A7364AF-FCDF-4ECE-9A36-1EE8532FBF36}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare |
    "{3A2DE49F-7296-4076-8642-BC166DA55C82}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare |
    "{54AA4760-9571-4F08-A134-2E083914937E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
    "{57E7CAE3-BF5E-449D-93BD-3848C772C5B3}" = lport=50000 | protocol=6 | dir=in | name=windows live onecare |
    "{746BCEED-3292-43E0-9BB3-169D5227B27F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{7C7D11C7-EE43-43C6-9079-8B0B23A66927}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{9D2DCB28-1435-4E3D-A629-5F8BBC8B6AE1}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{B6071266-CC72-4423-BDA6-BAD4A3ABBFD8}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{B819A2E4-AAC1-4365-8C84-C6CFA00A577F}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{C6534402-D68C-4B96-B9BE-4A83B04DED28}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare |
    "{E76255E1-99F2-4B81-B9AD-0B2733A5BE14}" = lport=50000 | protocol=6 | dir=in | name=windows live onecare |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04606A6B-091A-4362-AE9D-DC7E2235B68A}" = protocol=6 | dir=in | app=c:\program files\gigatribe\gigatribe.exe |
    "{06C296DA-C8AB-49AD-B278-1F07D3512AA4}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
    "{0B3D48ED-7E64-4F39-B4AE-AF0D2B07637F}" = protocol=17 | dir=in | app=c:\program files\gigatribe\gigatribe.exe |
    "{18B06E99-BEEC-446F-93E6-92BDEF0B5BF4}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
    "{1D098C2E-B5EF-46A8-8A10-9E66F6B8D7AC}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
    "{25EB9BAF-59E9-417B-A767-C2A64AF999A7}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
    "{29C0724B-4383-49E0-A73B-E9D91BD9B0AC}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
    "{2CFF3DE2-FEFB-4DF6-AEE1-EE07CE5EB618}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{5D1A4DFC-8971-486F-9FD4-03E194F1FA24}" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
    "{7169386F-640D-4860-88FF-8C44B3B9D13F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
    "{7656FC73-CBF7-472F-B8D5-0275A99BB068}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{8890AAEA-6265-4CB1-8365-FED25F455988}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{88CAC299-04F1-4C72-909F-EA9F14BCE056}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
    "{8DF41FA1-EE8A-49A0-A0BB-E7398819232A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{9ABB7426-FC8F-4FD7-B452-C1CF93DD15DA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
    "{AF08982B-A9A0-44E0-8463-8B13B9065941}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
    "{BBC3C7D3-3625-47E8-95BE-9D46C896EA9E}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
    "{D1245273-238D-40C8-9C19-A6348BF26F0B}" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
    "{DE529558-8F75-4BF0-B13F-6E586BA5D7E3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E1CB17CE-9BFA-4AFA-A7A4-BF19DDFC9478}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
    "{F52440E0-4E29-446B-A4A3-E82E643FD5A4}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{023EC958-023C-42D1-B2A4-E9E4BEF599FC}" = SweetIM for Messenger 2.6
    "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
    "{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
    "{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
    "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
    "{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
    "{1967D67C-6F3F-4001-9644-BAC704F7EE84}" = Samsung PC Studio
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
    "{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
    "{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
    "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
    "{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
    "{336A609A-6ECC-4E05-B320-CCC085BF7EA7}" = MSCU for Microsoft Vista
    "{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
    "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
    "{3851147E-5A91-4469-BA4D-13FFFCC8A920}" = Microsoft Windows OneCare Live v2.5.2900.20 Idcrl Install
    "{39523EA4-F914-4447-A551-2513766095F5}" = ESU for Microsoft Vista
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
    "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{49E597BA-63D3-4936-9E02-AEDB5D1FE002}" = MP Manager
    "{5660022E-F3F2-4126-8CC5-9726C47150EB}" = Microsoft Windows Live OneCare Resources v2.5.2900.30
    "{5CA81D12-9EC2-4082-972B-43ECA63F41F2}" = HP Pavilion Webcam Driver for Vista v061.001.00005
    "{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{6513E869-647F-40FD-A55D-CFC92579B9BA}" = PX Engine
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
    "{6FF86625-F11A-44EE-8886-432E6994B474}" = Micro Application - Super Point de Croix 3
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{77EE3F1E-C5E2-4A51-A86E-7CD2DE36F676}" = Point de croix version 3
    "{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
    "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}" = GTOneCare
    "{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
    "{90120000-0019-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
    "{90120000-001A-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0401-0000-0000000FF1CE}_SMALLBUSINESSR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0413-0000-0000000FF1CE}_SMALLBUSINESSR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-006E-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
    "{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
    "{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
    "{A9E5D235-52F9-49E5-98F0-CD79940FB0CE}" = Microsoft Protection Service
    "{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
    "{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1 - Français
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{B1F535AE-F732-44bd-9B6D-0712403945DF}_is1" = TF1Vision version 1.3.1.4
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
    "{BEWINTERNET-FR-DMGP-V2}.UninstallSuite" = Internet Everywhere
    "{C23587D9-1415-4042-9B3D-43118A4334C7}_is1" = BoontyBox 2.3
    "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D07A8E7E-D324-4945-BA8C-E532AD008FF3}" = Microsoft Windows OneCare Live v2.5.2900.30
    "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
    "{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
    "{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
    "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E26B83D1-C0BB-41BC-8F44-31D5354DD6AF}" = Microsoft Windows OneCare Live AntiSpyware and AntiVirus
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
    "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
    "{FCCC555E-166C-426A-A98C-39C80AE7C081}" = HP User Guides 0082
    "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
    "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "avast!" = avast! Antivirus
    "CardDetectorICON225" = Card Detector for Option Icon 225
    "CartaGoGo v3.1.8_is1" = CartaGoGo v3.1.8
    "CNXT_HDAUDIO" = Conexant HD Audio
    "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP
    "Créer ta carte - Version de démonstration_is1" = Créer ta carte - Version de démonstration
    "DialMessenger_is1" = Weflirt
    "eMule_is1" = eMulev0.48a.-MorphXTv10.5
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "HP Photosmart Essential" = HP Photosmart Essential 2.0
    "Jewel Quest Solitaire 2_is1" = Jewel Quest Solitaire 2 fr
    "LimeWire" = LimeWire 5.1.1
    "Ludi" = Ludi
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "MiraplacidPublisherSDK" = Miraplacid Publisher SDK 6.2
    "PartyPoker" = PartyPoker
    "PhotoFiltre" = PhotoFiltre
    "Picasa 3" = Picasa 3
    "PokerFROnline" = PokerFROnline
    "PokerStars" = PokerStars
    "PokerTH 0.6" = PokerTH
    "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
    "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
    "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
    "Search Guard Plus" = Search Guard Plus (My Web Tattoo)
    "Search Guard Plus Updater" = Search Guard Plus Updater (My Web Tattoo)
    "SFR_Kit" = SFR - Kit de connexion
    "ShalSoft.GigaTribe_is1" = GigaTribe 3.01.001
    "Shareaza_is1" = Shareaza 2.3.1.0
    "SMALLBUSINESSR" = Microsoft Office Small Business 2007
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Web Tattoo)
    "Titan Poker" = Titan Poker
    "UNO© Freeware" = UNO© Freeware
    "villafortuna" = Villa Fortuna
    "Vodafone WCDMA Composite Device Drive" = Vodafone WCDMA Composite Device Drive Software
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Archiveur WinRAR
    "WinSS" = Windows Live OneCare
    "YesMessenger_is1" = YesMessenger 2.2.10

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "Monopoly Deluxe" = Monopoly Deluxe
    "Notification de cadeaux MSN" = Notification de cadeaux MSN
    "Yahoo! BrowserPlus" = Yahoo! BrowserPlus

    ========== Last 10 Event Log Errors ==========

    [ Antivirus Events ]
    Error - 18/03/2010 06:22:53 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestAddFile Error 1753.

    Error - 18/03/2010 08:53:56 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestOpenList Error 1753.

    Error - 18/03/2010 08:53:56 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
    chestOpenList() failed: 2147422219.

    Error - 18/03/2010 08:54:12 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = aswChestInterface - Program error description: CChestListView::o nCreate()
    !m_strErrorWnd.IsEmpty().

    Error - 21/03/2010 17:07:44 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestAddFile Error 1753.

    Error - 25/03/2010 13:44:47 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestAddFile Error 1753.

    Error - 30/03/2010 16:49:13 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestOpenList Error 1753.

    Error - 30/03/2010 16:49:13 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
    chestOpenList() failed: 2147422219.

    Error - 30/03/2010 16:49:39 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = aswChestInterface - Program error description: CChestListView::o nCreate()
    !m_strErrorWnd.IsEmpty().

    Error - 30/03/2010 17:16:57 | Computer Name = PC-de-denis | Source = avast! | ID = 33554522
    Description = Error in aswChestC: chestAddFile Error 1753.


    ========== Last 10 Event Log Errors ==========

    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

    < End of report >

    Voila il m'a sortit 4 pages il me semble que 2 sont pareils mais pour être sure je préfère te les mettre toutes. J'espere que tu pourras m'aider. D'avance merci.
    a c 295 8 Sécurité
    1 Avril 2010 19:29:02

    1/

  • Démarre Spybot, clique sur Mode, coche Mode avancé.
  • A gauche, clique sur Outils, puis sur Résident.
  • Décoche la case devant Résident "TeaTimer" :

  • Quitte Spybot.


    2/

  • Télécharge Ad-Remover (de C_XX) sur ton Bureau.
  • Déconnecte-toi et ferme toutes applications en cours.
  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
  • Choisis Nettoyer puis valide.
  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
    2 Avril 2010 10:42:49

    .
    ======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 31/03/10 à 21:30
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 11:23:28 le 02/04/2010 | Mode sans echec | Option: CLEAN
    Exécuté de: C:\Ad-Remover\ADR.exe
    SE: Microsoft® Windows Vista™ HomePremium Service Pack 2 - X86
    Nom du PC: PC-DE-DENIS | Utilisateur actuel: denis (Administrateur)
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    C:\Program Files\AGI
    C:\Program Files\Everest Poker
    C:\Program Files\Fast Browser Search
    C:\Program Files\PokerStars
    C:\Program Files\Search Guard Plus
    C:\Program Files\Search Guard PlusU
    C:\Program Files\SGPSA
    C:\Program Files\SweetIM
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\PartyPoker.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyPoker
    C:\ProgramData\SweetIM
    C:\Programs\PartyGaming
    C:\Users\denis\AppData\Local\gsiaqqq.bat
    C:\Users\denis\AppData\Local\PokerStars
    C:\Users\denis\AppData\LocalLow\SweetIM
    C:\Users\denis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk
    C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PartyPoker
    C:\Users\denis\Desktop\PartyPoker.lnk
    C:\Users\Public\MyWebTattoo.exe
    C:\Users\Public\Titan Poker

    (!) -- Fichiers temporaires supprimés.
    .
    HKCU\Software\FBSearch
    HKCU\Software\fcn
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKCU\Software\pacificpoker
    HKCU\Software\PartyGaming
    HKCU\Software\pokerinstaller
    HKCU\Software\SGPUpdater
    HKCU\Software\SweetIM
    HKCU\Software\Titan Poker
    HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    HKLM\Software\Classes\MediaPlayer.GraphicsUtils
    HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1
    HKLM\Software\Classes\MgMediaPlayer.GifAnimator
    HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
    HKLM\Software\Classes\SWEETIE.IEToolbar
    HKLM\Software\Classes\SWEETIE.IEToolbar.1
    HKLM\Software\Classes\SWEETIE.SWEETIE
    HKLM\Software\Classes\SWEETIE.SWEETIE.3
    HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
    HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
    HKLM\Software\Classes\Toolbar3.SWEETIE
    HKLM\Software\Classes\Toolbar3.SWEETIE.1
    HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543}
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{266C7330-C0F4-49E5-8F20-A56F9F822875}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Guard Plus
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Guard Plus Updater
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker
    HKLM\Software\SweetIM
    HKLM\Software\Titan Poker
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Sweetim
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\ArticleManager.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\CleanUp.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\CleanUp.txt
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\defaults\pref\PG_Pref.js
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\DID.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\images\habeas_webseal.gif
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\libeay32.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\llh.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\PartyGaming.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\PGBrowser.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\PGDetector.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\PGImageDll.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\programs\partygaming\tmpUpgrade\..\ssleay32.dll
    .
    (Orpheline) BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} (CLSID manquant)
    .
    ============== SCAN ADDITIONNEL ==============
    .
    .
    * Internet Explorer Version 7.0.6002.18005 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Local Page: C:\Windows\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: %SystemRoot%\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ============== SUSPECT(S) ==============
    .
    C:\Users\denis\Documents\Mes fichiers reçus\WinRAR 3.71 Fr + Patch.zip
    .
    ========================================
    .
    C:\Users\denis\AppData\Local\Temp: 2 Fichier(s), 36 Dossier(s)
    C:\Windows\temp: 0 Fichier(s), 2 Dossier(s)
    C:\Users\denis\AppData\Roaming\Microsoft\Windows\Cookies: 2 Fichier(s), 2 Dossier(s)
    Temporary Internet Files: 3 Fichier(s), 44 Dossier(s)
    .
    C:\Ad-Remover\Quarantine: 4659 Fichier(s)
    C:\Ad-Remover\Backup: 14 Fichier(s)
    .
    C:\Ad-Report-CLEAN[1].txt - 8590 Octet(s)
    .
    Fin à: 11:31:45, 02/04/2010
    .
    ============== E.O.F - CLEAN[1] ==============
    a c 295 8 Sécurité
    2 Avril 2010 10:48:54

    Bien.

  • Relance Ad-Remover et choisis Désinstaller.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    2 Avril 2010 11:11:46

    Malwarebytes' Anti-Malware 1.45
    www.malwarebytes.org

    Version de la base de données: 3945

    Windows 6.0.6002 Service Pack 2 (Safe Mode)
    Internet Explorer 7.0.6002.18005

    02/04/2010 12:10:33
    mbam-log-2010-04-02 (12-10-33).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 109877
    Temps écoulé: 4 minute(s), 41 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 295 8 Sécurité
    2 Avril 2010 11:33:11

  • Refais un scan OTL et poste le rapport OTL.
    2 Avril 2010 11:39:33

    n OTL logfile created on: 02/04/2010 12:35:38 - Run 2
    OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\denis\Documents\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
    4,00 Gb Paging File | 4,00 Gb Available in Paging File | 84,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 141,63 Gb Total Space | 86,68 Gb Free Space | 61,20% Space Free | Partition Type: NTFS
    Drive D: | 7,42 Gb Total Space | 2,19 Gb Free Space | 29,54% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-DENIS
    Current User Name: denis
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Users\denis\Documents\Downloads\OTL (1).exe (OldTimer Tools)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    PRC - C:\Users\denis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)
    PRC - C:\Windows\HelpPane.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\denis\Documents\Downloads\OTL (1).exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (winss) -- C:\Program Files\Microsoft Windows OneCare Live\winss.exe (Microsoft Corporation)
    SRV - (OcHealthMon) -- C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe (Microsoft Corporation)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
    SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
    SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
    SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
    SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    SRV - (OneCareMP) -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)
    SRV - (FTRTSVC) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (msfwsvc) -- C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe (Microsoft Corporation)
    SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
    SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()
    SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
    SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)


    ========== Driver Services (SafeList) ==========

    DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
    DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
    DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
    DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
    DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
    DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
    DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
    DRV - (MpFilter) -- C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
    DRV - (MSFWDrv) -- C:\Windows\System32\drivers\msfwdrv.sys (Microsoft Corporation)
    DRV - (MSFWHLPR) -- C:\Windows\System32\drivers\msfwhlpr.sys (Microsoft Corporation)
    DRV - (GT72UBUS) -- C:\Windows\System32\drivers\gt72ubus.sys (Option N.V.)
    DRV - (GTPTSER) -- C:\Windows\System32\drivers\gtptser.sys (Option N.V.)
    DRV - (GT72NDISIPXP) -- C:\Windows\System32\drivers\Gt51Ip.sys (Option NV)
    DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.)
    DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
    DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
    DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
    DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
    DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
    DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
    DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
    DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
    DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
    DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
    DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
    DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI)
    DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI)
    DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI)
    DRV - (ssm_mdm) -- C:\Windows\System32\drivers\ssm_mdm.sys (MCCI)
    DRV - (ssm_mdfl) -- C:\Windows\System32\drivers\ssm_mdfl.sys (MCCI)
    DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    [2009/05/30 12:35:54 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\mozilla\Extensions
    [2009/05/30 12:35:54 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

    O1 HOSTS File: ([2009/08/26 16:27:17 | 000,325,948 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 11155 more lines...
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
    O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
    O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
    O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe (France Telecom SA)
    O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe (1-Click Media)
    O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [OneCareUI] C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Shareaza] C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKCU..\Run: [Weflirt] C:\Program Files\Weflirt\weflirt.exe ()
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - Startup: C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe (Gigatribe SAS)
    O4 - Startup: C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\denis\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/F... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/Obe... (Oberon Flash Game Host)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Users\denis\Pictures\2009-01-06 photo titou et loute\photo titou et loute 233.JPG
    O24 - Desktop BackupWallPaper: C:\Users\denis\Pictures\2009-01-06 photo titou et loute\photo titou et loute 233.JPG
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2007/04/22 03:55:46 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2005/09/11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
    O33 - MountPoints2\{93756e18-c3d3-11dd-afae-001b2468f717}\Shell - "" = AutoRun
    O33 - MountPoints2\{93756e18-c3d3-11dd-afae-001b2468f717}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/04/02 11:53:20 | 000,000,000 | ---D | C] -- C:\Users\denis\AppData\Roaming\Malwarebytes
    [2010/04/02 11:53:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/04/02 11:53:12 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/04/02 11:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/04/02 11:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/04/01 12:19:14 | 000,000,000 | ---D | C] -- C:\UsbFix
    [2010/03/26 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\denis\AppData\Local\Temp(59)
    [2010/03/26 19:50:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2010/03/26 19:20:03 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/03/24 14:58:59 | 000,000,000 | ---D | C] -- C:\Users\denis\AppData\Roaming\Audacity
    [2010/03/21 18:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
    [2010/03/18 22:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSNFix
    [2010/03/18 16:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\AxBx
    [2010/03/18 16:47:00 | 000,000,000 | ---D | C] -- C:\MSNCleaner
    [2010/03/12 04:01:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010/03/11 04:04:01 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
    [2010/03/11 04:03:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
    [2010/03/07 16:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\SFR

    ========== Files - Modified Within 30 Days ==========

    [2010/04/02 12:33:58 | 006,029,312 | -HS- | M] () -- C:\Users\denis\ntuser.dat
    [2010/04/02 11:53:16 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/04/02 11:41:22 | 001,478,524 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/04/02 11:41:22 | 000,671,336 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/04/02 11:41:22 | 000,589,472 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/04/02 11:41:22 | 000,123,850 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/04/02 11:41:22 | 000,101,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/04/02 11:39:55 | 000,005,676 | ---- | M] () -- C:\Users\denis\AppData\Local\d3d9caps.dat
    [2010/04/02 11:37:03 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
    [2010/04/02 11:36:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/04/02 11:35:23 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/04/02 11:35:23 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/04/02 11:35:14 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1027950865-1566024491-1235179411-1000UA.job
    [2010/04/02 11:35:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/04/02 11:33:47 | 000,524,288 | -HS- | M] () -- C:\Users\denis\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
    [2010/04/02 11:33:47 | 000,065,536 | -HS- | M] () -- C:\Users\denis\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
    [2010/04/01 16:32:19 | 000,002,641 | ---- | M] () -- C:\Users\denis\Desktop\Microsoft Office Excel 2007.lnk
    [2010/03/30 19:31:38 | 000,002,042 | ---- | M] () -- C:\Users\denis\Desktop\Google Chrome.lnk
    [2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/03/19 14:38:39 | 001,161,841 | ---- | M] () -- C:\Users\denis\Desktop\C.V à moi.rtf
    [2010/03/19 14:37:34 | 000,011,861 | ---- | M] () -- C:\Users\denis\Documents\LETTRE MOTIVATION.docx
    [2010/03/17 10:05:59 | 001,158,300 | ---- | M] () -- C:\Users\denis\Desktop\Mlle MANOLOUDIS Sonia.rtf
    [2010/03/14 20:51:00 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1027950865-1566024491-1235179411-1000Core.job
    [2010/03/11 10:25:55 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
    [2010/03/07 18:27:34 | 000,002,687 | ---- | M] () -- C:\Users\denis\Desktop\Microsoft Office Word 2007.lnk
    [2010/03/07 14:16:47 | 000,011,776 | ---- | M] () -- C:\Users\denis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== Files Created - No Company Name ==========

    [2010/04/02 11:53:16 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/03/31 15:42:37 | 000,008,230 | ---- | C] () -- C:\Users\denis\Desktop\grille(1).png
    [2010/03/30 19:31:38 | 000,002,042 | ---- | C] () -- C:\Users\denis\Desktop\Google Chrome.lnk
    [2009/07/05 16:29:04 | 000,338,944 | ---- | C] () -- C:\Windows\System32\LFFPX7.DLL
    [2009/07/05 16:29:04 | 000,118,784 | ---- | C] () -- C:\Windows\System32\LFKODAK.DLL
    [2009/07/05 12:53:02 | 000,000,943 | ---- | C] () -- C:\Windows\wininit.ini
    [2009/06/06 22:21:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/03/12 12:52:50 | 000,003,053 | ---- | C] () -- C:\Users\denis\AppData\Local\iqcmgcq.dat
    [2009/01/22 11:58:14 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
    [2009/01/22 11:58:13 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
    [2008/12/09 09:30:16 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\rx_image.Cache
    [2008/10/08 19:30:36 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Horn Section
    [2008/10/08 19:30:36 | 000,000,268 | RH-- | C] () -- C:\Users\denis\AppData\Roaming\Helper Scripts
    [2008/10/08 19:30:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
    [2008/10/08 19:30:36 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Icons
    [2008/01/25 18:10:12 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI
    [2008/01/25 18:10:12 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
    [2008/01/25 18:05:27 | 000,031,831 | ---- | C] () -- C:\Windows\maxlink.ini
    [2008/01/01 17:06:13 | 000,000,316 | ---- | C] () -- C:\Windows\yes_messenger.ini
    [2007/12/28 23:06:13 | 000,027,814 | ---- | C] () -- C:\Users\denis\AppData\Roaming\UserTile.png
    [2007/11/24 16:27:07 | 000,005,676 | ---- | C] () -- C:\Users\denis\AppData\Local\d3d9caps.dat
    [2007/10/12 21:25:33 | 000,000,061 | ---- | C] () -- C:\Windows\yesmessenger.ini
    [2007/10/07 10:39:44 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
    [2007/10/06 20:15:03 | 000,011,776 | ---- | C] () -- C:\Users\denis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\QSwitch.txt
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\DSwitch.txt
    [2007/10/06 13:13:55 | 000,000,000 | ---- | C] () -- C:\Users\denis\AppData\Local\AtStart.txt
    [2007/04/22 03:46:57 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log
    [2007/03/09 16:27:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
    [2007/02/27 22:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
    [2007/02/22 12:14:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1214.dll
    [2007/02/22 10:50:42 | 000,245,760 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
    [2006/12/13 23:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
    [2006/12/13 23:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
    [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/03/10 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2005/05/08 06:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

    ========== LOP Check ==========

    [2010/03/24 19:16:36 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Audacity
    [2007/10/21 21:14:15 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\iWin
    [2009/05/30 12:37:05 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\LimeWire
    [2009/03/07 09:53:01 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\MP-Manager
    [2009/03/07 09:32:53 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\MPMAN
    [2008/10/08 19:33:53 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Nikon
    [2007/12/28 23:06:13 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\PeerNetworking
    [2007/12/15 14:15:46 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\pokerth
    [2007/11/18 20:30:46 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Samsung
    [2008/01/05 11:44:51 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Shareaza
    [2008/02/24 10:42:02 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Weflirt
    [2008/12/11 16:19:48 | 000,000,000 | ---D | M] -- C:\Users\denis\AppData\Roaming\Zylom
    [2010/03/11 04:28:10 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 669 bytes -> C:\Users\denis\Documents\bull.eml:o ECustomProperty
    < End of report >
    a c 295 8 Sécurité
    2 Avril 2010 11:45:48

    Plus de souci ?

  • Mets à jour Java.

  • Mets à jour Avast.
    2 Avril 2010 11:48:43

    Si si je n'arrive toujours pas à redémarrer mon ordi en mode normal de windows il m'affiche toujours un écran noir avec la souris. Par contre comment dois je faire pour les mises à jours? Car je suis toujours en mode sans echec avec prises en charge réseaux.
    2 Avril 2010 11:53:49

    Pour avast j'ai fait mise à jour de la base virale sa c'est bon c'est faitInformation à propos de la mise à jour en cours :
    Temps total : 1:09

    - Vps : Mis à jour
    (version précédente : 100315-0, version à jour : 100402-0)

    Serveur : a804sm.avast.com (174.123.166.26)
    Fichiers téléchargés : 37 (1 763,38 KB)
    Temps de téléchargement : 32 s.

    Par contre pour java je ne le trouve pas en mode sans echec prise en charge réseaux??
    a c 295 8 Sécurité
    2 Avril 2010 12:02:01

    Citation :
    Pour avast j'ai fait mise à jour de la base virale sa c'est bon

    --> Je parle du logiciel en lui-même.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    2 Avril 2010 12:37:26

    a pComboFix 10-04-01.02 - denis 02/04/2010 13:09:04.1.2 - x86 NETWORK
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2037.1229 [GMT 2:00]
    Lancé depuis: c:\users\denis\Documents\Downloads\ComboFix.exe
    AV: Windows Live OneCare *On-access scanning enabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
    FW: Pare-feu Windows Live OneCare *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}
    SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    SP: Windows Live OneCare *enabled* (Updated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\$recycle.bin\S-1-5-21-1027950865-1566024491-1235179411-500
    c:\$recycle.bin\S-1-5-21-413226321-3452886260-426709285-500
    c:\users\denis\AppData\Local\TempDIR
    c:\users\denis\AppData\Local\TempDIR\register.exe
    c:\users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GigaTribe.lnk

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_Boonty Games


    ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-02 au 2010-04-02 ))))))))))))))))))))))))))))))))))))
    .

    2010-04-02 11:16 . 2010-04-02 11:21 -------- d-----w- c:\users\denis\AppData\Local\temp
    2010-04-02 09:53 . 2010-04-02 09:53 -------- d-----w- c:\users\denis\AppData\Roaming\Malwarebytes
    2010-04-02 09:53 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-04-02 09:53 . 2010-04-02 09:53 -------- d-----w- c:\programdata\Malwarebytes
    2010-04-02 09:53 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-04-02 09:53 . 2010-04-02 09:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-04-01 10:19 . 2010-04-01 10:30 -------- d-----w- C:\UsbFix
    2010-03-26 17:50 . 2010-03-27 11:06 -------- d-----w- c:\users\denis\AppData\Local\Temp(59)
    2010-03-24 12:58 . 2010-03-24 17:16 -------- d-----w- c:\users\denis\AppData\Roaming\Audacity
    2010-03-21 16:05 . 2010-03-21 16:05 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
    2010-03-18 20:41 . 2010-03-18 20:41 -------- d-----w- c:\program files\MSNFix
    2010-03-18 14:52 . 2010-03-18 14:52 -------- d-----w- c:\program files\AxBx
    2010-03-18 14:47 . 2010-03-25 16:33 -------- d-----w- C:\MSNCleaner
    2010-03-12 02:01 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
    2010-03-11 02:04 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2010-03-11 02:03 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2010-03-11 02:03 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
    2010-03-07 14:53 . 2010-03-07 14:53 -------- d-----w- c:\program files\SFR

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-02 09:41 . 2006-11-02 15:48 671336 ----a-w- c:\windows\system32\perfh00C.dat
    2010-04-02 09:41 . 2006-11-02 15:48 123850 ----a-w- c:\windows\system32\perfc00C.dat
    2010-04-02 09:39 . 2007-11-24 14:27 5676 ----a-w- c:\users\denis\AppData\Local\d3d9caps.dat
    2010-03-28 16:00 . 2009-05-04 16:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2010-03-28 16:00 . 2009-08-16 19:07 -------- d-----w- c:\program files\CartaGoGo
    2010-03-28 15:59 . 2009-08-17 08:47 -------- d-----w- c:\program files\Shua creation
    2010-03-17 18:36 . 2008-02-24 09:07 -------- d-----w- c:\program files\Microsoft Windows OneCare Live
    2010-03-11 02:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
    2010-03-11 02:11 . 2007-04-22 01:28 -------- d-----w- c:\programdata\Microsoft Help
    2010-02-28 17:57 . 2010-02-28 17:57 -------- d-----w- c:\program files\GigaTribe
    2010-02-24 02:25 . 2007-10-06 11:13 125216 ----a-w- c:\users\denis\AppData\Local\GDIPFONTCACHEV1.DAT
    2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
    2010-01-25 12:00 . 2010-02-23 18:44 471552 ----a-w- c:\windows\system32\secproc_isv.dll
    2010-01-25 12:00 . 2010-02-23 18:43 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2010-01-25 12:00 . 2010-02-23 18:43 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
    2010-01-25 12:00 . 2010-02-23 18:44 471552 ----a-w- c:\windows\system32\secproc.dll
    2010-01-25 11:58 . 2010-02-23 18:43 332288 ----a-w- c:\windows\system32\msdrm.dll
    2010-01-25 08:21 . 2010-02-23 18:43 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2010-01-25 08:21 . 2010-02-23 18:43 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2010-01-25 08:21 . 2010-02-23 18:43 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2010-01-25 08:21 . 2010-02-23 18:43 518144 ----a-w- c:\windows\system32\RMActivate.exe
    2010-01-23 09:26 . 2010-02-23 18:45 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-01-06 15:39 . 2010-02-23 18:43 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-01-06 15:38 . 2010-02-23 18:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-01-06 13:30 . 2010-02-23 18:43 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "Shareaza"="c:\program files\Shareaza\Shareaza.exe" [2008-01-01 4739072]
    "CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
    "Weflirt"="c:\program files\Weflirt\weflirt.exe" [2007-11-29 6897664]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-07 39408]
    "Google Update"="c:\users\denis\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-30 133104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-02-26 138008]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 154392]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2007-02-26 133912]
    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-03-28 176128]
    "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
    "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-04-22 77824]
    "e-TF1"="c:\program files\TF1Vision\TF1vision.exe" [2007-07-24 345600]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
    "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
    "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
    "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
    "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
    "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
    "OneCareUI"="c:\program files\Microsoft Windows OneCare Live\winssnotify.exe" [2010-02-05 65256]
    "CardDetectorICON225"="c:\program files\CardDetector\ICON225\CardDetector.exe" [2007-11-13 278528]
    "BEWINTERNET-FR-DMGP-V2SessionManager"="c:\program files\Orange\IEWInternet\SessionManager\SessionManager.exe" [2008-02-13 102400]
    "ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "GrpConv"="grpconv -o" [X]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-03-29 437584]

    c:\users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Notification de cadeaux MSN.lnk - c:\users\denis\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-3-27 135680]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Nikon Monitor.lnk - c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe [2007-10-18 479232]
    WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-7-13 525640]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):60,91,06,e8,ed,e6,c9,01

    R1 aswSP;avast! Self Protection; [x]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
    R2 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\Microsoft Windows OneCare Live\OcHealthMon.exe [2010-02-05 26120]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\DRIVERS\Gt51Ip.sys [2007-11-13 95744]
    R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\DRIVERS\gt72ubus.sys [2007-11-13 51968]
    R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]


    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contenu du dossier 'Tâches planifiées'

    2010-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1027950865-1566024491-1235179411-1000Core.job
    - c:\users\denis\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-30 17:17]

    2010-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1027950865-1566024491-1235179411-1000UA.job
    - c:\users\denis\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-30 17:17]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    uInternet Settings,ProxyOverride = *.local
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-RunOnce-<NO NAME> - (no file)
    AddRemove-PokerStars - c:\program files\PokerStars\PokerStarsUninstall.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-02 13:23
    Windows 6.0.6002 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
    c:\windows\helppane.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Windows Live\Contacts\wlcomm.exe
    c:\program files\Internet Explorer\iexplore.exe
    .
    **************************************************************************
    .
    Heure de fin: 2010-04-02 13:31:06 - La machine a redémarré
    ComboFix-quarantined-files.txt 2010-04-02 11:31
    ComboFix2.txt 2010-03-26 17:50

    Avant-CF: 92 945 666 048 octets libres
    Après-CF: 92 544 581 632 octets libres

    - - End Of File - - E2DC2CC0B28685D0D8D2B5BDBFB57018
    2 Avril 2010 12:38:19

    Vois tu à quoi le problème est dut?
    a c 295 8 Sécurité
    2 Avril 2010 13:57:49

    Non.
    2 Avril 2010 14:00:27

    Tu ne peux donc pas m'aider?
    2 Avril 2010 18:17:11

    ** J'ai une question aux helpers: comment faites vous pour décripter les raports?? **
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS