[RESOLU] Fenêtre de pub mozilla qui s'ouvre toute seule...

Bonjour

Bienvenue sur le forum

Quel genre de pub as tu ?

Bonjour

Merci de ta réponse il y a certaine pub qui concerne des mmos, mais surtout... Des pubs "jouer pour gagner de l'argent", j'aime pas du tout ce genre de pub et je ne comprend pas l'ouverture de celle ci.

 

On va regarder çà ensemble si tu veux fais ce qui suit

Télécharge OTL sur ton Bureau.

Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.

Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal de OTL s'affiche:



(1) Si ce n'est déjà fait, dans le paragraphe Registre: Approfondi, cocher le bouton-radio Avec liste blanche

(2) Coche (en haut) la case située devant Tous les utilisateurs

(3) Coche également les cases à côté de Recherche Lop et Recherche purity.

(4) Sélectionne très précisément tout ce qui est en gras avec la souris et copie/colle le contenu dans la zone Personnalisation de la fenêtre OTL


netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.dll /lockedfiles
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
iexplore.exe
/md5stop


(5) Puis cliquer sur le bouton Analyse

- Laisser l'outil travailler sans l'interrompre.

Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)

Utilise le site http://pjjoint.malekal.com/ pour envoyer tes rapports, et poste le lien dans ta prochaine réponse.

Bonjour

Je vais suivre vos instructions comme il se doit, donc voici ce que vous m'avez demandé :

http://pjjoint.malekal.com/files.php?read=f8efa7d343117 : Extra

http://pjjoint.malekal.com/files.php?read=926c5960cd116 : Otl

Je vous prie de bien vouloir m'excusez pour l'attente que je vous est causé.

Relance OTL.exe.

Fais un double clic sur l'icône pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

Sélectionne très précisément tout ce qui est dans le cadre ci dessous , avec la souris et copie le contenu dans la zone "Personnalisation" de la fenêtre OTL




Ferme toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...).
Déconnecte toi physiquement d'internet (le plus simple est de débrancher la prise téléphonique de ta box)
Branche toute tes clefs USB, disques dures externes et tout autre support de stockage externe que tu as en ta possession au pc et sans les ouvrir

Puis clique sur le bouton Correction en haut de la fenêtre.

Laisse le programme travailler sans te servir du PC!!!!!

Copie et colle le rapport dans ta réponse stp

Bonsoir

Voici le rapport que tu m'a demandé (bien qu'un peu tardif), je vous prie de m'excusez de cela.

Bonjour BloodBlack

Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour

Télécharge MalwareByte's Anti-Malware sur ton Bureau.

Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".

Afin de lancer la recherche, clic sur " Rechercher ".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.

Si des infections sont présentes, clic sur "Afficher les résultats"
puis sur "Supprimer la sélection".

Enregistre le rapport sur ton Bureau.

Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.


Télécharge Security Check by screen317 ICI ou ICI sur le bureau.
Double-clique sur SecurityCheck.exe et suis les instructions à l'écran à l'intérieur de la boîte noire.
Un document du Bloc-notes doit s'ouvrir checkup.txt
Poste moi le contenu de ce document.
Ferme Security Check

Bonjour hackinginter, j'espère que vous allez bien

Alors voici les 2 rapports que vous m'avez demandé :

MalwareByte's :



Le rapport SecurityCheck :

Oui merci et toit , tu peux me tutoyer tu sais il n'y a aucun problème!

Maintenant comment se comporte ton PC ? Toujours des pubs ?

Je doit avouer que c'est surprenant, je n'est reçu aucune pub depuis et je dirait même que mon pc et 2x plus rapide.

Je te dit un gros merci pour ton aide et ta patiente, elle a été précieuse et rapide, continue comme sa.

J'en profite aussi pour remercier toute l'équipe du forum qui aide toutes les personnes qui sont dans le besoin et avec une rapidité plus que satisfaisante.

Cordialement Bloodblack.

  BloodBlack

Ton PC n'est plus plus infecté après avoir fais ce qui suit:

Double clique sur OTL.exe et clique sur le bouton purge outils
Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

OTL va supprimer tous les logiciels qu'on a utilisés et faire redémarrer ton ordinateur.

Rends toi sur cette page : http://www.java.com/fr/download/installed.jsp

Clique sur le bouton "Vérifier l'installation" . Un message va t'avertir que ta version est dépassée et te proposer de télécharger la dernière.Installe la : c'est la version J2SE Runtime Environnement 6 Update 23puis désinstalle ton ancienne version (passe par Ajouter/Supprimer des programmes du Panneau de configuration).


Télécharge Acrobat Reader sur ton bureau!!!!!

Avant de l'installer décoche la case Inclure dans votre téléchargement


Ensuite Tu vas dans Démarrer/Paramètres/Panneau de configuration/Ajout Suppression des programmes
Et tu vas Supprimer toutes les autres versions

Il faut toujours mettre à jour Internet Explorer. : IE 8 Même si tu utilises Firefox

Il faut modifier tous les mots de passe importants.
De nos jours, la plupart des nuisibles sont créés dans le seul but de voler des informations personnelles et/ou des mots de passe.
Je te conseille de modifier tous les mots de passe importants comme ceux concernant la banque, les sites marchands, les réseaux sociaux, etc...
Il est très important de créer des mots de passe solides et d'utiliser un mot de passe différent pour chaque site.

Il faut sécuriser Firefox: Certaines extensions me semblent presque indispensables:

Adblock Plus https://addons.mozilla.org/fr/firefox/addon/1865
NoScript https://addons.mozilla.org/fr/firefox/addon/722
WOT https://addons.mozilla.org/fr/firefox/addon/3456

Proscrire l'utilisation de cracks, keygens et autres warez!
Proscrire l'utilisation de P2P illicite!
Azureus, BitTorrent, uTorrent:

BloodBlack Peux tu Ajouter [Résolu] au titre. Pour cela :
Clique, sur ton premier message, sur le bouton "Editer"
Rajoute la mention [RESOLU] à ton titre
Clique ensuite sur "Valider votre message"

Ce fut un plaisir de bosser avec toi Il ne me reste plus qu'à te souhaiter une bonne fin de journée et un bon surf!!!!

J'ai éditer mon message du début et installer tout ce que tu m'a dit Hackinginterdit, encore une fois merci.

Je te souhaite bon courage et bonne continuation ainsi qu'une bonne journée et sans doute a bientôt en cas de nouveau problème. ^^

En attendant .

Bonjour hackinginter,
Mon mozilla firefox s'ouvre aussi tout seul en m'imposant une page de put... de pub, voici mes rapports : si tu peux m'aider, merci.

OTL logfile created on: 04/08/2011 09:21:38 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\richard\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

958,48 Mb Total Physical Memory | 375,16 Mb Available Physical Memory | 39,14% Memory free
1,51 Gb Paging File | 1,06 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,30 Gb Total Space | 128,95 Gb Free Space | 69,22% Space Free | Partition Type: NTFS

Computer Name: ATHENA | User Name: richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/04 09:09:56 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\richard\Bureau\OTL.exe
PRC - [2011/07/11 15:36:20 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/14 13:40:06 | 000,663,168 | ---- | M] (PCTuto) -- C:\Documents and Settings\richard\Application Data\PCtuto\UpdatePCTuto\autoupdater.exe
PRC - [2011/04/14 13:40:04 | 000,982,656 | ---- | M] (PCTUTO) -- C:\Program Files\PCTuto\pctuto.exe
PRC - [2010/11/21 14:22:55 | 000,036,864 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008/09/19 07:30:34 | 003,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2006/06/26 11:33:32 | 000,243,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
PRC - [2006/06/26 10:46:04 | 000,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe


========== Modules (SafeList) ==========

MOD - [2011/08/04 09:09:56 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\richard\Bureau\OTL.exe
MOD - [2010/11/21 14:22:27 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\richard\Local Settings\Temp\IadHide5.dll
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/06/26 11:33:42 | 000,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2006/06/26 11:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)


========== Driver Services (SafeList) ==========

DRV - [2010/09/07 19:20:56 | 006,141,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2006/06/26 11:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006/06/26 11:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/06/26 11:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/06/23 00:29:46 | 000,038,960 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006/06/23 00:29:30 | 000,293,808 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2006/06/16 22:09:48 | 001,611,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1177238915-1078145449-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?hl=fr
IE - HKU\S-1-5-21-1177238915-1078145449-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "SearchElf 1.2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT276972...{searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "SearchElf 1.2 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {f4e6547e-325b-403c-a3bb-ad29ed37a92f}:3.3.3.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT276972..."
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\neteller.desktop@klipfolio: C:\Program Files\NETELLER app\plugins\Firefox\neteller\ [2010/12/28 12:21:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/11 15:36:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/03 09:17:41 | 000,000,000 | ---D | M]

[2010/12/21 12:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\richard\Application Data\Mozilla\Extensions
[2011/08/01 10:04:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions
[2010/12/23 11:21:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/11 15:39:52 | 000,000,000 | ---D | M] (SearchElf 1.2 Community Toolbar) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f}
[2011/03/25 11:28:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions\engine@conduit.com
[2011/08/01 10:04:20 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\extensions\plugin@yontoo.com
[2010/11/23 13:14:58 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\richard\Application Data\Mozilla\Firefox\Profiles\sv8k8bwx.default\searchplugins\conduit.xml
[2010/12/21 12:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2010/10/03 20:04:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/07/11 15:36:20 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/06 13:17:03 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/06 13:17:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/06 13:17:03 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/06 13:17:03 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/06 13:17:03 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/06 13:17:03 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/08/02 22:46:37 | 000,436,274 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15016 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Internet Explorer Form-Fill Plug-In) - {5425B4B8-87F9-4E9C-8B51-8AABA82EBA64} - C:\Program Files\NETELLER app\plugins\IE\Neteller.dll (NEOVIA Financial® Plc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKU\S-1-5-21-1177238915-1078145449-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [autoupdater] C:\Documents and Settings\richard\Application Data\PCtuto\UpdatePCTuto\autoupdater.exe (PCTuto)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [PCTuto] C:\Program Files\PCTuto\pctuto.exe (PCTUTO)
O4 - HKU\S-1-5-21-1177238915-1078145449-682003330-1004..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1177238915-1078145449-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1177238915-1078145449-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - File not found
O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/direc... (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} https://plugins.valueactive.eu/flashax/iefax.cab (Flash Casino Helper Control)
O18 - Protocol\Handler\bw+0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw+0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0 {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0s {9759971f-d5c9-4649-97f0-d0ccd3fb1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {9759971F-D5C9-4649-97F0-D0CCD3FB1691} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/03 17:51:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/08/04 09:09:49 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\richard\Bureau\OTL.exe
[2011/08/04 08:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\richard\Application Data\Systweak
[2011/08/04 08:56:31 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2011/08/03 09:17:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/08/02 12:13:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\richard\Recent
[2011/08/02 08:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/08/02 08:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/08/01 10:04:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Pool Sharks Game
[2011/08/01 10:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Runtime
[2011/08/01 10:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/08/01 10:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PCTuto
[2011/08/01 10:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\richard\Application Data\PCtuto
[2011/08/01 10:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\PCTuto
[2011/08/01 10:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\richard\Local Settings\Application Data\PCTuto
[2011/07/30 08:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\richard\Application Data\Malwarebytes
[2011/07/30 08:45:41 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/30 08:45:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/07/30 08:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/30 08:45:36 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/30 08:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/22 09:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Full Tilt Poker.Fr
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/04 09:09:56 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\richard\Bureau\OTL.exe
[2011/08/04 08:35:17 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/04 08:34:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/04 01:31:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/02 22:46:37 | 000,436,274 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/08/02 21:46:41 | 000,000,250 | -HS- | M] () -- C:\boot.ini
[2011/08/02 09:26:04 | 000,436,274 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110802-224637.backup
[2011/08/02 09:18:32 | 000,000,675 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/08/02 08:33:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/01 10:04:26 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Pool Sharks.lnk
[2011/08/01 10:04:18 | 005,587,112 | ---- | M] () -- C:\Documents and Settings\richard\Mes documents\PoolSharksInstaller.exe
[2011/07/30 10:15:26 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\richard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/30 10:00:25 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\richard\Bureau\partage.lnk
[2011/07/28 11:14:42 | 000,000,473 | ---- | M] () -- C:\Documents and Settings\richard\Bureau\Metronome.lnk
[2011/07/25 23:27:50 | 000,000,624 | ---- | M] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\adsl TV.lnk
[2011/07/22 09:18:24 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Full Tilt Poker.Fr.lnk
[2011/07/15 03:19:16 | 000,135,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/07 13:26:14 | 000,017,280 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/02 09:18:30 | 000,000,675 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/08/01 10:04:26 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Pool Sharks.lnk
[2011/08/01 10:03:58 | 005,587,112 | ---- | C] () -- C:\Documents and Settings\richard\Mes documents\PoolSharksInstaller.exe
[2011/07/28 11:14:42 | 000,000,473 | ---- | C] () -- C:\Documents and Settings\richard\Bureau\Metronome.lnk
[2011/07/22 09:18:24 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Full Tilt Poker.Fr.lnk
[2010/12/21 12:58:50 | 000,000,065 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2010/12/21 12:18:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/16 01:11:19 | 000,000,268 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010/12/16 01:11:18 | 000,001,039 | ---- | C] () -- C:\WINDOWS\_isenv31.ini
[2010/12/16 01:11:18 | 000,000,521 | ---- | C] () -- C:\WINDOWS\_iserr31.ini
[2010/12/15 13:19:32 | 000,000,026 | ---- | C] () -- C:\WINDOWS\neosetup.INI
[2010/11/21 18:28:50 | 000,022,334 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/11/21 14:22:44 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2010/11/06 18:07:34 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\UnCasinoV5_FRA.exe
[2010/11/01 19:07:46 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\richard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/28 22:48:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/10/28 22:48:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/10/28 22:48:49 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/10/28 22:48:49 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/10/28 22:48:48 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/10/03 20:05:06 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/03 19:35:47 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/03 19:34:30 | 000,135,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/03 17:54:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/10/03 17:47:57 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006/06/26 11:33:40 | 000,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2006/04/28 16:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/03/02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/03/02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/02 14:00:00 | 000,500,900 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006/03/02 14:00:00 | 000,432,492 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/03/02 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2006/03/02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/02 14:00:00 | 000,080,748 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006/03/02 14:00:00 | 000,067,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/03/02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/02 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2006/03/02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/02 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/03/02 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/03/02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010/10/03 18:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/11/17 14:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2010/11/20 11:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/11/20 11:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2011/08/01 10:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/04/15 14:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/02/02 14:06:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TeamViewer
[2011/01/12 01:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\Camfrog
[2011/04/04 18:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\gtk-2.0
[2010/11/11 18:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\MSNInstaller
[2011/02/02 13:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\NETELLER app
[2010/10/28 23:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\OpenOffice.org
[2011/08/01 10:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\PCtuto
[2011/08/04 09:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\Systweak
[2011/02/02 13:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\TeamViewer
[2011/03/31 06:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\richard\Application Data\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/10/03 17:51:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/08/02 21:46:41 | 000,000,250 | -HS- | M] () -- C:\boot.ini
[2006/03/02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010/10/03 17:51:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/11/06 18:07:50 | 000,000,132 | ---- | M] () -- C:\ICSYSINF.log
[2010/10/03 17:51:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/11/21 18:29:03 | 000,001,590 | ---- | M] () -- C:\lvcoinst.log
[2010/10/03 17:51:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/03/02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/11/02 17:31:51 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2011/08/04 08:34:35 | 704,643,072 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2010/10/03 19:33:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010/10/03 19:33:38 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010/10/03 19:33:38 | 000,421,888 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-15 01:03:19


< MD5 for: EXPLORER.EXE >
[2006/03/02 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: IEXPLORE.EXE >
[2006/03/02 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=385D1644E676C96EB07848ADA63E37FA -- C:\WINDOWS\ie8\iexplore.exe
[2008/04/14 04:34:06 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=3D3C316BD1E112F3B9C532D8B9939BDC -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe

< MD5 for: SVCHOST.EXE >
[2006/03/02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=2979B03D5382A602623C0535B16AB9C0 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 04:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2006/03/02 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006/03/02 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C946DB94
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CEFE51A

< End of report >


OTL Extras logfile created on: 04/08/2011 09:21:38 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\richard\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

958,48 Mb Total Physical Memory | 375,16 Mb Available Physical Memory | 39,14% Memory free
1,51 Gb Paging File | 1,06 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,30 Gb Total Space | 128,95 Gb Free Space | 69,22% Space Free | Partition Type: NTFS

Computer Name: ATHENA | User Name: richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1177238915-1078145449-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\adslTV\adsltv.exe" = C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsl TV (EXE) -- (adsl TV / FM)
"C:\Program Files\adslTV\VLC\vlc.exe" = C:\Program Files\adslTV\VLC\vlc.exe:*:Enabled:adsl TV (VLC) -- ()
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled innacle VideoSpin -- (Pinnacle Systems)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 23
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34785AD0-6276-11DF-A08A-0800200C9A66}" = Full Tilt Poker.Fr
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}" = UMVPLStandalone
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}" = Logitech QuickCam
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"BillardGL 1.75" = BillardGL 1.75
"bwin Poker_is1" = bwin Poker
"CCleaner" = CCleaner
"Eurosport Poker_is1" = Eurosport Poker
"Everest Poker.fr" = Everest Poker.fr (Remove Only)
"Guitar Pro 5_is1" = Guitar Pro 5.0
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NETELLER app" = NETELLER app (remove only)
"PartyPokerFr" = PartyPoker.fr
"PCTuto Avast_is1" = PCTuto Avast 2.0
"PCTuto_is1" = PCTuto 2.0
"PokerStars.fr" = PokerStars.fr
"Pool Sharks" = Pool Sharks 2.1
"QcDrv" = Programme de gestion Camera de Logitech®
"UpdatePCTuto_is1" = UpdatePCTuto 2.0
"VLC media player" = VLC media player 1.1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/01/2011 07:58:59 | Computer Name = ATHENA | Source = Windows Live Messenger | ID = 1000
Description =

Error - 07/01/2011 13:54:09 | Computer Name = ATHENA | Source = MsiInstaller | ID = 11606
Description = Produit : Win Palace Euro Casino French -- Erreur 1606. Impossible
d'accéder à l'emplacement réseau http://download.realtimegaming.com/cdn/winpalaceeurofr/....

Error - 26/01/2011 09:01:05 | Computer Name = ATHENA | Source = Application Error | ID = 1000
Description = Application défaillante pprekop.exe, version 4.2.0.172, module défaillant
ole32.dll, version 5.1.2600.2182, adresse de défaillance 0x10017bed.

Error - 27/02/2011 07:53:28 | Computer Name = ATHENA | Source = EventSystem | ID = 4614
Description = Le système d'événements de COM+ a détecté une incohérence dans son
état interne. Échec de l'assertion "GetLastError() == 122L" à la ligne 162 de d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
Contactez les services du Support Technique Microsoft pour signaler cette erreu

Error - 27/02/2011 07:53:33 | Computer Name = ATHENA | Source = EventSystem | ID = 4614
Description = Le système d'événements de COM+ a détecté une incohérence dans son
état interne. Échec de l'assertion "GetLastError() == 122L" à la ligne 162 de d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
Contactez les services du Support Technique Microsoft pour signaler cette erreu

Error - 03/04/2011 05:10:26 | Computer Name = ATHENA | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 25/04/2011 14:32:25 | Computer Name = ATHENA | Source = Application Hang | ID = 1002
Description = Application bloquée casino.exe, version 1.0.0.1, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 25/04/2011 14:32:25 | Computer Name = ATHENA | Source = Application Hang | ID = 1002
Description = Application bloquée casino.exe, version 1.0.0.1, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 18/05/2011 22:40:56 | Computer Name = ATHENA | Source = Application Hang | ID = 1002
Description = Application bloquée casino.exe, version 1.0.0.1, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 18/05/2011 22:40:57 | Computer Name = ATHENA | Source = Application Hang | ID = 1002
Description = Application bloquée casino.exe, version 1.0.0.1, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 02/08/2011 02:37:08 | Computer Name = ATHENA | Source = DCOM | ID = 10000
Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}
n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :
"C:\Program Files\Messenger\msmsgs.exe" -Embedding

Error - 02/08/2011 10:27:32 | Computer Name = ATHENA | Source = DCOM | ID = 10000
Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}
n'est pas possible. L'erreur : "%2" s'est produite lors du démarrage de la commande :
"C:\Program Files\Messenger\msmsgs.exe" -Embedding

Error - 02/08/2011 11:52:33 | Computer Name = ATHENA | Source = DCOM | ID = 10000
Description = Le démarrage d'un serveur DCOM : {FB7199AB-79BF-11D2-8D94-0000F875C541}
n'est pas possible. L'erreur : "%2" s'est produ

Bonjour,

@rory53 : merci d'ouvrir ton propre sujet, en désinfection, un seul sujet par souci.

Ok