Votre question

Trojan ? virus ? bloquant executables

Tags :
  • Internet explorer 7
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Mars 2010 01:21:06

Bonjour,

Le PC de mon amie semble être infecté d'un virus ou malware. J'ai déjà demandé de l'aide ici quand le même souci m'était arrivé, j'espère qu'une solution sera trouvée pour elle aussi.


Après un démarrage en mode sans échec, OTL est installé, lancé avec minimal output + LOP check + purity check.
Voici les deux rapports générés :

http://www.cijoint.fr/cjlink.php?file=cj201003/cijkZ97U...

http://www.cijoint.fr/cjlink.php?file=cj201003/cijvxAZu...

Est-ce que cela suffit à un diagnostic ? Faut-il d'autres infos ?

Merci de votre aide.


Autres pages sur : trojan virus bloquant executables

a c 333 8 Sécurité
8 Mars 2010 10:47:50

Bonjour,

  • Télécharge Ad-Remover (de C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour Français.
  • Au menu principal, choisis l'option L.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    8 Mars 2010 16:38:38

    Bonjour,

    Je viens vers vous car j'ai effectué toute la démarche énoncée ci-dessus. Le nettoyage se lance bien en mode sans échec mais il se bloque à 21%. Là une fenêtre s'ouvre me disant que je suis en mode sans échec, « Pour continuer à travailler en mode dans échec cliquez sur oui. Si vous préférez utiliser la restauration du système pour restaurer votre ordinateur dans un état précédent cliquez sur non »

    J’ai cliqué une première fois sur « oui » alors la fenêtre s’est fermée et je suis retombée sur le bureau. Le nettoyage n’a pas repris pas et aucun rapport n’a été généré.
    J'ai donc redémarré l’ordinateur, relancé le scan, j’ai cliqué sur "non" cette fois lorsque il a bloqué au même endroit 21%. L'ordinateur me proposait de restaurer, j’ai annulé.

    J’ai redémarrer l’ordinateur pour la 3ème fois, je n’ai toujours pas de rapport à vous transmettre et là je ne sais plus quoi choisir comme option !

    D’avance merci pour votre aide.
    Contenus similaires
    a c 333 8 Sécurité
    8 Mars 2010 17:18:38

  • Désinstalle eoEngine, SoftwareUpdate et SweetIM.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    8 Mars 2010 17:42:11

    Bonjour,

    Impossible de désinstaller SweetIM il me met accès refusé est-ce génant pour la suite?...

    Merci
    a c 333 8 Sécurité
    8 Mars 2010 17:44:01

    Non.
    8 Mars 2010 18:11:47

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3837
    Windows 5.1.2600 Service Pack 2 (Safe Mode)
    Internet Explorer 7.0.5730.11

    08/03/2010 18:09:58
    mbam-log-2010-03-08 (18-09-58).txt

    Type de recherche: Examen rapide
    Eléments examinés: 166643
    Temps écoulé: 5 minute(s), 2 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 6
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 3
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 8

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4ad56e6f-7074-41ee-8a40-583c2c76efcd} (Rogue.PCSuperCharger) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nod32 runtime (Backdoor.Rbot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\nod32 runtime (Backdoor.Rbot) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\ELODIE\Local Settings\Temp\Semh.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ELODIE\Local Settings\Temp\tXRT.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Documents and Settings\SEBASTIEN\Local Settings\Application Data\av.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ELODIE\Local Settings\Temporary Internet Files\Content.IE5\WES83J7M\z002106201r000cRb7bae9f3X1c7a71f3Y57ea59f9Z0100f07030dP000301080[1] (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\NTSpool.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sysregi.exe (Backdoor.Rbot) -> Quarantined and deleted successfully.
    C:\WINDOWS\BM313e2b3d.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\images.zip (Backdoor.Bot) -> Quarantined and deleted successfully.


    Voici le rapport généré...
    a c 333 8 Sécurité
    8 Mars 2010 18:33:26

    Bien.

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Réessaie la procédure avec Ad-Remover.
    8 Mars 2010 18:42:53

    Ca ne marche toujours pas, ça bug à 21% je suis désespérée... :( 
    Mon ordi serait-il mort?...
    a c 333 8 Sécurité
    8 Mars 2010 18:56:32

  • Refais un scan OTL et poste le rapport OTL.
    8 Mars 2010 20:08:20

    OTL logfile created on: 08/03/2010 20:06:00 - Run 1
    OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau
    Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.11)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    958,00 Mb Total Physical Memory | 749,00 Mb Available Physical Memory | 78,00% Memory free
    2,00 Gb Paging File | 2,00 Gb Available in Paging File | 95,00% Paging File free
    Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 71,82 Gb Total Space | 6,91 Gb Free Space | 9,62% Space Free | Partition Type: FAT32
    Drive D: | 72,31 Gb Total Space | 14,43 Gb Free Space | 19,96% Space Free | Partition Type: FAT32
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: ACER-9DEB84EBB9
    Current User Name: Administrateur
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\OTL.exe (OldTimer Tools)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\OTL.exe (OldTimer Tools)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
    SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
    SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
    SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (FSMA) -- C:\Program Files\Pack Securite\Common\FSMA32.EXE (F-Secure Corporation)
    SRV - (FSAUA) -- C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe (F-Secure Corporation)
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
    SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
    SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
    SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
    SRV - (SSScsiSV) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
    SRV - (MSCSPTISRV) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
    SRV - (PACSPTISVR) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
    SRV - (SPTISRV) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
    SRV - (Acer Media Server) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe (Acer Inc.)
    SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
    DRV - (StarOpen) -- C:\WINDOWS\system32\drivers\StarOpen.sys ()
    DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
    DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
    DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
    DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
    DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
    DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
    DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.)
    DRV - (UsbDiag) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.)
    DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.)
    DRV - (ALIWEHCD) -- C:\WINDOWS\system32\drivers\mfpec.sys (None)
    DRV - (WUSBVBus) -- C:\WINDOWS\system32\drivers\mfpvbus.sys (None)
    DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
    DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
    DRV - (ssm_mdm) -- C:\WINDOWS\system32\drivers\ssm_mdm.sys (MCCI)
    DRV - (ssm_mdfl) -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys (MCCI)
    DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ssm_bus.sys (MCCI)
    DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
    DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
    DRV - (V0080Dev) -- C:\WINDOWS\system32\drivers\V0080Dev.sys (Creative Technology Ltd.)
    DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
    DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
    DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
    DRV - (UBHelper) -- C:\WINDOWS\system32\drivers\UBHelper.sys ()
    DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
    DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
    DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
    DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
    DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec)
    DRV - (Cdr4vsd) -- C:\WINDOWS\system32\drivers\CDR4VSD.SYS (Adaptec)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/07/19 12:24:28 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/05/15 23:30:38 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007/07/19 12:24:32 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007/07/19 12:24:32 | 000,000,000 | ---D | M]

    [2007/07/19 12:24:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2007/07/19 12:24:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\divx@partners.mozilla.com
    [2007/07/19 12:24:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
    [2007/02/22 00:13:26 | 000,066,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
    [2007/02/22 00:13:26 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
    [2007/02/22 00:13:26 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
    [2007/02/22 00:13:26 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
    [2007/02/22 00:13:26 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
    [2006/09/06 20:27:54 | 000,001,529 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
    [2006/06/03 22:11:44 | 000,001,072 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
    [2006/09/06 22:56:54 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
    [2006/09/13 23:56:36 | 000,001,203 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2006/09/11 21:46:50 | 000,000,664 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2008/04/06 20:22:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O2 - BHO: (no name) - {E1AC1CF0-FA04-47AD-8515-7F4E8B93EEA2} - C:\WINDOWS\System32\geebc.dll File not found
    O2 - BHO: (no name) - {E82BF42F-D979-427D-BE10-48B14B80D861} - C:\WINDOWS\System32\ddayw.dll File not found
    O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe (Acer Inc.)
    O4 - HKLM..\Run: [EoEngine] File not found
    O4 - HKLM..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [EPSON Stylus Photo R200 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe (acer Inc.)
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Pack Securite\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [GDI Manager] C:\Program Files\MFP Server\App\Common\MFPAgent.exe (Edimax Technology Co., Ltd.)
    O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe (Acer Inc.)
    O4 - HKLM..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe File not found
    O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
    O4 - HKLM..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [Server Application] C:\WINDOWS\system32\ServoApp.exe ()
    O4 - HKLM..\Run: [SoftwareHelper] C:\Documents and Settings\ELODIE\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
    O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
    O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\RunOnce: [] File not found
    O4 - HKLM..\RunOnce: [Ad-remover] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra Button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll (F-Secure Corporation)
    O9 - Extra 'Tools' menuitem : Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll (F-Secure Corporation)
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Pack Securite\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Pack Securite\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Pack Securite\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Pack Securite\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Pack Securite\FSPS\program\FSLSP.DLL (F-Secure Corporation)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/direc... (Shockwave ActiveX Control)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-a... (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get/shockwave/cabs/dir... (Shockwave ActiveX Control)
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.mypix.com/fr/fr/importer/newconf/aurigma5.8.... (Image Uploader Control)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-wind... (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-wind... (Java Plug-in 1.5.0_06)
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-wind... (Java Plug-in 1.6.0_03)
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-wind... (Java Plug-in 1.6.0_05)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-wind... (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-wind... (Java Plug-in 1.6.0_13)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\mljijji: DllName - mljijji.dll - File not found
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\WINDOWS\TM100.BMP
    O24 - Desktop BackupWallPaper: C:\WINDOWS\TM100.BMP
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2005/01/23 12:12:06 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/03/08 20:05:49 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\OTL.exe
    [2010/03/08 18:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Application Data\Malwarebytes
    [2010/03/08 18:01:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/03/08 18:01:00 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/03/08 18:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/03/08 18:01:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2010/03/08 18:00:35 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\18h_mbam-setup.exe
    [2010/03/08 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Tracing
    [2010/03/08 16:47:45 | 034,868,704 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\sdsetup.exe
    [2010/03/08 16:13:48 | 001,263,511 | ---- | C] (C_XX) -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\AD-R.exe
    [2010/03/08 16:06:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Application Data\Macromedia
    [2010/03/08 16:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Application Data\Adobe
    [2010/03/08 16:03:43 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Application Data\Microsoft
    [2010/03/08 16:03:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\SendTo
    [2010/03/08 16:03:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Recent
    [2010/03/08 16:03:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Application Data
    [2010/03/08 16:03:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Mes documents\Mes images
    [2010/03/08 16:03:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Mes documents
    [2010/03/08 16:03:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Menu Démarrer
    [2010/03/08 16:03:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Mes documents\Ma musique
    [2010/03/08 16:03:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Favoris
    [2010/03/08 16:03:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Cookies
    [2010/03/08 16:03:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Voisinage réseau
    [2010/03/08 16:03:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Voisinage d'impression
    [2010/03/08 16:03:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Modèles
    [2010/03/08 16:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Application Data\Symantec
    [2010/03/08 16:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Application Data\Identities
    [2010/03/08 16:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau
    [2010/03/08 16:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Mes documents\{9DF687E7-381C-4882-A05F-4ADF1DD53394}
    [2010/03/08 16:03:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Local Settings
    [2010/03/08 16:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Local Settings\Application Data\Microsoft
    [2010/03/08 15:13:17 | 000,000,000 | ---D | C] -- C:\Ad-Remover
    [2010/03/08 09:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/03/03 09:15:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
    [2006/10/07 20:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Symantec
    [2005/01/23 12:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
    [2005/01/23 12:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
    [2005/01/23 11:51:36 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
    [2005/01/23 11:51:36 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
    [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/03/08 20:05:52 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\OTL.exe
    [2010/03/08 18:37:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/03/08 18:37:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/03/08 18:36:26 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\NTUSER.DAT
    [2010/03/08 18:36:22 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\ntuser.ini
    [2010/03/08 18:01:06 | 000,000,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2010/03/08 18:00:44 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\18h_mbam-setup.exe
    [2010/03/08 17:02:06 | 000,090,128 | ---- | M] () -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [2010/03/08 16:47:46 | 034,868,704 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\sdsetup.exe
    [2010/03/08 16:28:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2010/03/08 16:21:38 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2010/03/08 16:13:52 | 001,263,511 | ---- | M] (C_XX) -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau\AD-R.exe
    [2010/03/08 15:20:02 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/03/06 22:38:54 | 000,040,960 | ---- | M] () -- C:\WINDOWS\System32\winupdats.exe
    [2010/03/06 22:38:54 | 000,000,682 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
    [2010/03/06 22:38:50 | 000,041,237 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/03/08 18:01:04 | 000,000,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2010/03/08 16:03:42 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\NTUSER.DAT
    [2010/03/08 16:03:42 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\ntuser.ini
    [2010/03/08 15:15:33 | 000,001,054 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/03/08 15:10:22 | 000,001,066 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2009/12/14 00:43:53 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
    [2009/12/14 00:42:07 | 000,008,133 | ---- | C] () -- C:\WINDOWS\System32\MFPScript.ini
    [2009/12/14 00:42:05 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ddschk.dll
    [2009/12/14 00:42:05 | 000,000,548 | ---- | C] () -- C:\WINDOWS\System32\cliktext.ini
    [2009/12/14 00:42:03 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\mfpcoins.dll
    [2009/12/14 00:27:57 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE SX400DEFGIPSDaFiNoSv.ini
    [2009/11/28 08:52:19 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
    [2009/02/15 21:09:34 | 000,000,682 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
    [2008/12/14 02:31:33 | 000,000,068 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
    [2008/06/11 02:03:26 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
    [2008/06/11 02:03:26 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
    [2008/05/23 00:18:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
    [2008/03/26 10:38:29 | 001,580,627 | -HS- | C] () -- C:\WINDOWS\System32\utyufleo.ini
    [2008/03/25 10:38:39 | 001,577,916 | -HS- | C] () -- C:\WINDOWS\System32\horhktfe.ini
    [2008/03/21 22:30:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
    [2008/03/20 10:38:27 | 001,391,041 | -HS- | C] () -- C:\WINDOWS\System32\vwshrhdy.ini
    [2008/03/18 10:32:17 | 001,482,076 | -HS- | C] () -- C:\WINDOWS\System32\mselweyy.ini
    [2008/03/17 10:32:18 | 001,441,315 | -HS- | C] () -- C:\WINDOWS\System32\crgrxrbd.ini
    [2008/03/16 10:32:52 | 001,345,013 | -HS- | C] () -- C:\WINDOWS\System32\dvsgkxur.ini
    [2008/03/15 10:28:14 | 001,344,875 | -HS- | C] () -- C:\WINDOWS\System32\hahgyftx.ini
    [2008/03/14 10:31:53 | 001,366,537 | -HS- | C] () -- C:\WINDOWS\System32\rqteywqr.ini
    [2008/03/13 10:31:17 | 001,352,510 | -HS- | C] () -- C:\WINDOWS\System32\vpocuxnw.ini
    [2008/03/12 13:43:14 | 001,321,191 | -HS- | C] () -- C:\WINDOWS\System32\impjsyms.ini
    [2008/03/11 13:46:32 | 001,315,890 | -HS- | C] () -- C:\WINDOWS\System32\bbuesjhv.ini
    [2008/02/14 03:03:37 | 000,000,285 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
    [2008/01/30 10:46:46 | 000,388,126 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
    [2008/01/25 16:39:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Jcmkr32.INI
    [2007/11/24 19:06:07 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
    [2007/08/25 11:08:40 | 000,000,019 | ---- | C] () -- C:\WINDOWS\KNP.INI
    [2007/07/29 16:16:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
    [2007/07/29 15:59:09 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
    [2007/03/25 00:04:01 | 000,000,058 | ---- | C] () -- C:\WINDOWS\dial-messenger.ini
    [2007/01/02 15:29:13 | 000,000,461 | ---- | C] () -- C:\Program Files\INSTALL.LOG
    [2006/11/29 15:43:03 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER200Euro.ini
    [2006/11/07 23:14:23 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2006/10/06 19:43:37 | 000,000,173 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
    [2006/10/06 19:17:58 | 000,000,294 | ---- | C] () -- C:\WINDOWS\PowerOption.ini
    [2006/06/08 11:20:45 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2006/06/08 11:20:45 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2006/06/08 11:20:45 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2006/06/08 11:20:45 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
    [2006/06/08 11:20:45 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2006/06/08 11:20:45 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
    [2006/06/08 11:20:45 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
    [2005/10/20 12:50:20 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
    [2005/02/03 11:11:40 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2005/01/23 12:37:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2005/01/23 12:12:26 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
    [2005/01/23 12:11:42 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
    [2005/01/23 12:11:42 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
    [2005/01/23 12:11:42 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
    [2005/01/23 12:11:42 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
    [2004/12/20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2004/12/20 11:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2004/12/17 17:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
    [2004/08/05 05:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
    [2002/12/14 22:46:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\oggDS.dll
    [2002/12/14 22:46:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
    [2002/12/14 22:46:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
    [2002/12/14 21:46:04 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
    [2002/11/15 13:11:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
    [2002/06/28 11:43:43 | 000,438,272 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
    [2002/05/16 01:38:40 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
    [2002/05/04 15:19:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\avisynthEx.dll
    [2002/04/19 16:23:26 | 000,106,137 | ---- | C] () -- C:\WINDOWS\System32\libpostproc.dll
    [2002/04/19 15:51:04 | 000,211,760 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
    [2002/02/21 18:41:20 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2001/12/26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
    [2001/09/03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
    [2001/07/30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
    [2001/07/23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
    [2001/06/22 13:06:02 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\MPEG2DEC.dll

    ========== LOP Check ==========

    [2006/10/08 09:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eConsole
    [2006/10/27 19:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    [2006/11/29 15:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
    [2007/11/19 22:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
    [2007/11/19 22:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
    [2008/01/30 10:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SprinterFacile
    [2008/12/20 20:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [2009/03/11 23:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
    [2009/05/29 22:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\albumfoto
    [2009/09/22 09:18:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
    [2009/12/14 00:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
    [2010/03/08 09:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

    ========== Purity Check ==========


    < End of report >
    8 Mars 2010 20:09:49

    Et voici le rapport EXTRA...
    Merci beaucoup

    OTL Extras logfile created on: 08/03/2010 20:06:00 - Run 1
    OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Bureau
    Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.11)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    958,00 Mb Total Physical Memory | 749,00 Mb Available Physical Memory | 78,00% Memory free
    2,00 Gb Paging File | 2,00 Gb Available in Paging File | 95,00% Paging File free
    Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 71,82 Gb Total Space | 6,91 Gb Free Space | 9,62% Space Free | Partition Type: FAT32
    Drive D: | 72,31 Gb Total Space | 14,43 Gb Free Space | 19,96% Space Free | Partition Type: FAT32
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: ACER-9DEB84EBB9
    Current User Name: Administrateur
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusOverride" = 1
    "FirewallOverride" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Acer\Acer eConsole\MediaSync.exe" = C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer -- (Acer Inc.)
    "C:\Program Files\Acer\Acer eConsole\eConsole.exe" = C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole -- (Acer Inc.)
    "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe" = C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server -- (Acer Inc.)
    "C:\Program Files\eMule\EMULE.EXE" = C:\Program Files\eMule\EMULE.EXE:*:Enabled:eMule -- File not found
    "C:\Documents and Settings\SEBASTIEN\Mes documents\Counter Strike\hl2.exe" = C:\Documents and Settings\SEBASTIEN\Mes documents\Counter Strike\hl2.exe:*:Enabled:hl2 -- File not found
    "C:\WINDOWS\System32\dpvsetup.exe" = C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
    "C:\Program Files\eMule2\emule.exe" = C:\Program Files\eMule2\emule.exe:*:Enabled:eMule -- File not found
    "DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ӟ" = DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ӟ:*:Enabled:Nod32 Runtime
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
    "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
    "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{23B59B9F-C360-11D7-875B-0090CC005647}" = PIF DESIGNER2.1
    "{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
    "{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
    "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
    "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
    "{2AA76C0B-0932-4F08-B277-AC607410F8C1}" = Samsung PC Studio 3
    "{2C2AE1FB-F9EE-467B-BF81-A7236CDC89ED}" = LG PC Suite II
    "{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
    "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
    "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
    "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
    "{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
    "{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
    "{4FEC2880-0ED9-44F4-AD20-1F4F4619B8F9}" = Mega Manager
    "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{65CDEC30-4BF4-48FB-8059-9FC480E4E94F}" = Acer eMode Management
    "{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6E43A647-3EE5-4A40-998F-7A5D27BBB96B}" = Xinek
    "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
    "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
    "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
    "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.4
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.3 - Français
    "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}" = NTI HomeVideo-Maker
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
    "{C359507C-30B1-48A6-BD9B-C7B1CC3B06D7}" = SweetIM for Messenger 2.6
    "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
    "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
    "{C514C594-23AA-4F13-A070-DB8BDB27594F}" = Windows Live Mail
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CFB17307-B244-4EAD-AE8E-CDAF440477C2}" = OpenMG Secure Module 4.4.00
    "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
    "{D87E4222-81D6-4C16-8AD3-8CBFA471FA59}" = Micro Application - Faire-part Edition Spéciale
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
    "{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
    "{EC028E6B-F3F1-4192-B63E-A7C97302ED5A}" = Acer eConsole
    "{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
    "{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
    "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
    "{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Shockwave Player" = Adobe Shockwave Player 11
    "Ad-Remover" = Ad-Remover By C_XX
    "avast!" = avast! Antivirus
    "CDCreator30" = Adaptec Easy CD Creator
    "Creative VF0080" = Creative WebCam Live! Pro/Effects Driver (1.02.05.0506)
    "Documalis Free Scanner 1.01.0" = Documalis Free Scanner 1.0
    "eMule" = eMule
    "EPSON Printer and Utilities" = EPSON Logiciel imprimante
    "EPSON Scanner" = EPSON Scan
    "EPSON Stylus SX200_SX400_TX200_TX400 Guide d'utilisation" = EPSON Stylus SX200_SX400_TX200_TX400 Manuel
    "EPSON Stylus SX400 Series" = EPSON Stylus SX400 Series Printer Uninstall
    "ESPR200 Guide de référence" = ESPR200 Guide de référence
    "ESPR200 Guide des logiciels" = ESPR200 Guide des logiciels
    "F-Secure Product 424" = Contrôle parental
    "HijackThis" = HijackThis 1.99.1
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
    "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
    "InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
    "InstallShield_{CFB17307-B244-4EAD-AE8E-CDAF440477C2}" = OpenMG Secure Module 4.4.00
    "JDownloader" = JDownloader
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Messenger Plus! Live" = Messenger Plus! Live
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
    "Mozilla Firefox (2.0.0.2)" = Mozilla Firefox (2.0.0.2)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "Neuf_Kit" = Neuf - Kit de connexion
    "NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "NVIDIA Drivers" = NVIDIA Drivers
    "OggDS" = Direct Show Ogg Vorbis Filter (remove only)
    "OpenMG HotFix4.4-05-12-06-01" = OpenMG Limited Patch 4.4-06-13-19-01
    "PhotoFiltre Studio" = PhotoFiltre Studio
    "Print@Fujicolor" = Print@Fujicolor
    "Q828026" = Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]
    "RealPlayer 6.0" = RealPlayer
    "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
    "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
    "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
    "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
    "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
    "SFR_Widget Neuf" = SFR - Widget neufbox
    "SLD Codec Pack" = SLD Codec Pack
    "SoftwareUpdate_is1" = SoftwareUpdate 1.0
    "TomTom HOME" = TomTom HOME 2.7.3.1894
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Archiveur WinRAR
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XviD" = XviD MPEG-4 Codec

    ========== Last 10 Event Log Errors ==========

    [ Antivirus Events ]
    Error - 27/06/2009 11:18:14 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    E:\LGPCSuite\Setup.exe failed, 0000001E.

    Error - 09/07/2009 18:32:26 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    D:\Documents ELODIE\Mes images\CD tata\P1060551.JPG failed, 0000001E.

    Error - 09/07/2009 18:34:41 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    D:\Documents ELODIE\Mes images\CD tata\P1060551.JPG failed, 0000001E.

    Error - 05/11/2009 19:10:40 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    http://clients1.google.fr/complete/search?hl=fr&ds=i&su...
    failed, 0000A413.

    Error - 06/11/2009 04:45:22 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    http://suggestqueries.google.com/complete/search?hl=fr&...
    failed, 0000A413.

    Error - 07/11/2009 20:47:42 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    http://suggestqueries.google.com/complete/search?hl=fr&...
    failed, 0000A413.

    Error - 07/11/2009 21:50:25 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    http://fr.wikipedia.org/w/api.php?action=opensearch&sea...
    failed, 0000A413.

    Error - 09/11/2009 11:49:35 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    http://www.mypix.com/fr/fr/pixbookV3/pixbook_export.php failed, 0000A413.

    Error - 18/11/2009 16:09:05 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Documents and Settings\ELODIE\Application Data\EoRezo\user.cyp failed, 0000A413.


    Error - 20/11/2009 18:09:51 | Computer Name = ACER-9DEB84EBB9 | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Documents and Settings\ELODIE\Application Data\EoRezo\user.cyp failed, 0000A413.


    [ Application Events ]
    Error - 25/09/2009 04:43:12 | Computer Name = ACER-9DEB84EBB9 | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 7.0.6000.16608, module
    défaillant mshtml.dll, version 7.0.6000.16608, adresse de défaillance 0x000b1cc2.

    Error - 04/10/2009 08:54:00 | Computer Name = ACER-9DEB84EBB9 | Source = ESENT | ID = 454
    Description = wlcomm (1396) La récupération/restauration de la base de données a
    échoué en raison d'une erreur inattendue -545.

    Error - 07/10/2009 11:48:51 | Computer Name = ACER-9DEB84EBB9 | Source = ESENT | ID = 454
    Description = wlcomm (3044) La récupération/restauration de la base de données a
    échoué en raison d'une erreur inattendue -545.

    Error - 07/10/2009 12:27:52 | Computer Name = ACER-9DEB84EBB9 | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 7.0.6000.16608, module
    défaillant mshtml.dll, version 7.0.6000.16608, adresse de défaillance 0x000b1cc2.

    Error - 07/10/2009 12:28:29 | Computer Name = ACER-9DEB84EBB9 | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 7.0.6000.16608, module
    défaillant mshtml.dll, version 7.0.6000.16608, adresse de défaillance 0x000b1cc2.

    Error - 07/10/2009 12:29:46 | Computer Name = ACER-9DEB84EBB9 | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 7.0.6000.16608, module
    défaillant mshtml.dll, version 7.0.6000.16608, adresse de défaillance 0x000b1cc2.

    Error - 08/10/2009 09:29:29 | Computer Name = ACER-9DEB84EBB9 | Source = ESENT | ID = 454
    Description = wlcomm (952) La récupération/restauration de la base de données a
    échoué en raison d'une erreur inattendue -545.

    Error - 08/10/2009 10:48:29 | Computer Name = ACER-9DEB84EBB9 | Source = MsiInstaller | ID = 10005
    Description = Produit : Windows Live Mail -- Windows Installer a rencontré une erreur
    inattendue lors de l'installation de ce package. Il s'agit peut-être d'un problème
    lié au package. Le code d'erreur est 2762. Les arguments sont : , ,

    Error - 08/10/2009 10:48:33 | Computer Name = ACER-9DEB84EBB9 | Source = MsiInstaller | ID = 10005
    Description = Produit : Windows Live Communications Platform -- Windows Installer
    a rencontré une erreur inattendue lors de l'installation de ce package. Il s'agit
    peut-être d'un problème lié au package. Le code d'erreur est 2762. Les arguments
    sont : , ,

    Error - 08/10/2009 10:48:33 | Computer Name = ACER-9DEB84EBB9 | Source = MsiInstaller | ID = 10005
    Description = Produit : Windows Live Communications Platform -- Windows Installer
    a rencontré une erreur inattendue lors de l'installation de ce package. Il s'agit
    peut-être d'un problème lié au package. Le code d'erreur est 2762. Les arguments
    sont : , ,

    [ System Events ]
    Error - 08/03/2010 13:31:56 | Computer Name = ACER-9DEB84EBB9 | Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
    avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}

    Error - 08/03/2010 13:36:20 | Computer Name = ACER-9DEB84EBB9 | Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
    avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error - 08/03/2010 13:37:24 | Computer Name = ACER-9DEB84EBB9 | Source = Application Popup | ID = 876
    Description = Driver Cdr4vsd.SYS has been blocked from loading.

    Error - 08/03/2010 13:37:24 | Computer Name = ACER-9DEB84EBB9 | Source = NetBT | ID = 4311
    Description = L'initialisation a échoué car le pilote de périphérique n'a pas pu
    être créé.

    Error - 08/03/2010 13:37:24 | Computer Name = ACER-9DEB84EBB9 | Source = NetBT | ID = 4311
    Description = L'initialisation a échoué car le pilote de périphérique n'a pas pu
    être créé.

    Error - 08/03/2010 13:37:24 | Computer Name = ACER-9DEB84EBB9 | Source = NetBT | ID = 4311
    Description = L'initialisation a échoué car le pilote de périphérique n'a pas pu
    être créé.

    Error - 08/03/2010 13:37:45 | Computer Name = ACER-9DEB84EBB9 | Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
    avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error - 08/03/2010 13:38:54 | Computer Name = ACER-9DEB84EBB9 | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : Aavmker4 AmdK8 aswSP Fips StarOpen

    Error - 08/03/2010 13:42:08 | Computer Name = ACER-9DEB84EBB9 | Source = Service Control Manager | ID = 7023
    Description = Le service Explorateur d'ordinateur s'est arrêté avec l'erreur : %%1460

    Error - 08/03/2010 14:08:22 | Computer Name = ACER-9DEB84EBB9 | Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
    avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}


    < End of report >
    a c 333 8 Sécurité
    8 Mars 2010 20:20:49

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Custom Scans/Fixes en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    O2 - BHO: (no name) - {E1AC1CF0-FA04-47AD-8515-7F4E8B93EEA2} - C:\WINDOWS\System32\geebc.dll File not found
    O2 - BHO: (no name) - {E82BF42F-D979-427D-BE10-48B14B80D861} - C:\WINDOWS\System32\ddayw.dll File not found
    O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O4 - HKLM\..\Run: [EoEngine] File not found
    O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\ELODIE\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/j [...] s-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/j [...] s-i586.cab (Java Plug-in 1.5.0_06)
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/j [...] s-i586.cab (Java Plug-in 1.6.0_03)
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/j [...] s-i586.cab (Java Plug-in 1.6.0_05)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/j [...] s-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/j [...] s-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/j [...] s-i586.cab (Java Plug-in 1.6.0_13)
    O20 - Winlogon\Notify\mljijji: DllName - mljijji.dll - File not found
    [2010/03/06 22:38:54 | 000,040,960 | ---- | M] () -- C:\WINDOWS\System32\winupdats.exe
    [2008/03/20 10:38:27 | 001,391,041 | -HS- | C] () -- C:\WINDOWS\System32\vwshrhdy.ini
    [2008/03/18 10:32:17 | 001,482,076 | -HS- | C] () -- C:\WINDOWS\System32\mselweyy.ini
    [2008/03/17 10:32:18 | 001,441,315 | -HS- | C] () -- C:\WINDOWS\System32\crgrxrbd.ini
    [2008/03/16 10:32:52 | 001,345,013 | -HS- | C] () -- C:\WINDOWS\System32\dvsgkxur.ini
    [2008/03/15 10:28:14 | 001,344,875 | -HS- | C] () -- C:\WINDOWS\System32\hahgyftx.ini
    [2008/03/14 10:31:53 | 001,366,537 | -HS- | C] () -- C:\WINDOWS\System32\rqteywqr.ini
    [2008/03/13 10:31:17 | 001,352,510 | -HS- | C] () -- C:\WINDOWS\System32\vpocuxnw.ini
    [2008/03/12 13:43:14 | 001,321,191 | -HS- | C] () -- C:\WINDOWS\System32\impjsyms.ini
    [2008/03/11 13:46:32 | 001,315,890 | -HS- | C] () -- C:\WINDOWS\System32\bbuesjhv.ini
    [2008/03/26 10:38:29 | 001,580,627 | -HS- | C] () -- C:\WINDOWS\System32\utyufleo.ini
    [2008/03/25 10:38:39 | 001,577,916 | -HS- | C] () -- C:\WINDOWS\System32\horhktfe.ini

    :files
    C:\Documents and Settings\ELODIE\Application Data\EoRezo
    C:\Program Files\SweetIM

    :commands
    [emptytemp]
    [reboot]

  • Puis clique sur le bouton Run Fix en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    8 Mars 2010 20:53:45

    All processes killed
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1AC1CF0-FA04-47AD-8515-7F4E8B93EEA2}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1AC1CF0-FA04-47AD-8515-7F4E8B93EEA2}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E82BF42F-D979-427D-BE10-48B14B80D861}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E82BF42F-D979-427D-BE10-48B14B80D861}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ not found.
    File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
    File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
    Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    File C:\Documents and Settings\ELODIE\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe not found.
    Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    File C:\Program Files\SweetIM\Messenger\SweetIM.exe not found.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljijji\ not found.
    File C:\WINDOWS\System32\winupdats.exe not found.
    File C:\WINDOWS\System32\vwshrhdy.ini not found.
    File C:\WINDOWS\System32\mselweyy.ini not found.
    File C:\WINDOWS\System32\crgrxrbd.ini not found.
    File C:\WINDOWS\System32\dvsgkxur.ini not found.
    File C:\WINDOWS\System32\hahgyftx.ini not found.
    File C:\WINDOWS\System32\rqteywqr.ini not found.
    File C:\WINDOWS\System32\vpocuxnw.ini not found.
    File C:\WINDOWS\System32\impjsyms.ini not found.
    File C:\WINDOWS\System32\bbuesjhv.ini not found.
    File C:\WINDOWS\System32\utyufleo.ini not found.
    File C:\WINDOWS\System32\horhktfe.ini not found.
    ========== FILES ==========
    File\Folder C:\Documents and Settings\ELODIE\Application Data\EoRezo not found.
    File\Folder C:\Program Files\SweetIM not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: ELODIE
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: SEBASTIEN
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Hugo
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Administrateur
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Administrateur.ACER-9DEB84EBB9
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 1370296 bytes
    ->Flash cache emptied: 434 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 664 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 1,00 mb


    OTL by OldTimer - Version 3.1.35.0 log created on 03082010_205136

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat not found!
    C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Local Settings\Temporary Internet Files\Content.IE5\WGQUJKJG\ads[1].htm moved successfully.
    C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Local Settings\Temporary Internet Files\Content.IE5\GN3VROHT\292296-11-trojan-virus-bloquant-executables[1].htm moved successfully.
    C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Local Settings\Temporary Internet Files\Content.IE5\GN3VROHT\v=4;m=3;l=10599;ts=%3Ctimestamp%3E[1].htm moved successfully.

    Registry entries deleted on Reboot...
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS