Tuxendo

modpas

7 Août 2011 09:01:29

Bonjour, ma page d'accueil est désormais modifiée en tant que " search.tuxendo.com " - Je n'ai bien entendu pas la moindre idée d'où cela provient, et bien évidemment, impossible de s'en débarrasser, ni via "outils", ni même via le registre. Je précise avoir déjà tenté les diverses manipulations décrites sur internet pour solutionner un cas pareil. Quelqu'un est-il - ou a-t-il également été - victime de cette nouvelle m...isère ? Merci pour vos témoignages.

Autres pages sur : tuxendo

| Etre averti des réponses
| Alerter

Répondre à modpas

hyunkel30

7 Août 2011 16:55:39

Bonjour,

Pour voir :

Télécharge OTL (de Old Timer) sur ton bureau.

Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

Coche en haut la case devant "Tous les utilisateurs"

Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.

netsvcs
msconfig
drivers32
activex
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system64\*.dll /lockedfiles
%systemroot%\syswow64\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system64\drivers\*.sys /lockedfiles
%systemroot%\syswow64\drivers\*.sys /lockedfiles
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.

A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
PS : Les rapports sont aussi enregistrés sur le bureau

Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.

| Alerter

Répondre à hyunkel30

modpas

7 Août 2011 18:40:11

Bonsoir Yunkel30,

et merci déjà de te porter à mon secours.

Je suppose que tu as déjà vu mon post de ce jour " Tuxendo + HiJackThis" ?
Par souci de discrétion, j'ai remplacé les sources d'identification par " *** ".
Ci-dessous les rapports.

OTL logfile created on: 07/08/2011 19:22:56 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\***\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: fra | Date Format: dd/MM/yyyy

510,48 Mb Total Physical Memory | 227,80 Mb Available Physical Memory | 44,63% Memory free
864,77 Mb Paging File | 512,02 Mb Available in Paging File | 59,21% Paging File free
Paging file location(s): C:\pagefile.sys 384 512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,00 Gb Total Space | 1,61 Gb Free Space | 8,48% Space Free | Partition Type: FAT32

Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/07 19:19:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\***\Bureau\OTL.exe
PRC - [2011/07/20 11:32:28 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/04/21 07:55:56 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/04/21 07:55:38 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 07:55:22 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/16 17:47:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
PRC - [2010/11/16 17:46:04 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/05/03 12:22:28 | 000,073,392 | ---- | M] (FSPro Labs) -- C:\WINDOWS\SYSTEM32\fsproflt.exe
PRC - [2008/04/14 04:34:08 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\inetsrv\inetinfo.exe
PRC - [2008/04/14 04:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/30 09:37:40 | 000,516,096 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
PRC - [2007/04/23 12:04:52 | 000,159,744 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 2 Pro\NLClient.exe
PRC - [2006/10/18 00:59:40 | 001,119,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006/01/20 11:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PAStiSvc.exe

========== Modules (SafeList) ==========

MOD - [2011/08/07 19:19:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\***\Bureau\OTL.exe
MOD - [2010/08/23 17:12:40 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Microsoft Inet Service)
SRV - [2011/07/20 11:32:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/21 07:55:38 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/16 17:47:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZONELABS\vsmon.exe -- (vsmon)
SRV - [2009/05/03 12:22:28 | 000,073,392 | ---- | M] (FSPro Labs) [Auto | Running] -- C:\WINDOWS\SYSTEM32\fsproflt.exe -- (fsproflt)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/04/14 04:34:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SYSTEM32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 04:34:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SYSTEM32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/14 04:34:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SYSTEM32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/14 04:33:28 | 000,036,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SYSTEM32\iprip.dll -- (Iprip)
SRV - [2007/11/30 09:37:40 | 000,516,096 | ---- | M] (Locktime Software) [Auto | Running] -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe -- (nlsvc)
SRV - [2007/08/05 16:25:06 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/18 00:59:40 | 001,119,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/01/20 11:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\PAStiSvc.exe -- (STI Simulator)

========== Driver Services (SafeList) ==========

DRV - [2011/07/26 18:52:00 | 000,035,296 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Dvd43.sys -- (Dvd43)
DRV - [2011/07/20 11:33:08 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2011/07/20 11:33:08 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys -- (MBAMProtector)
DRV - [2011/02/06 13:00:34 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - [2011/02/06 12:24:14 | 000,611,064 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/06/17 15:28:04 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:54 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\vsdatant.sys -- (vsdatant)
DRV - [2010/02/11 14:02:16 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tcpip6.sys -- (Tcpip6)
DRV - [2010/01/12 12:59:58 | 000,033,848 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nchssvad.sys -- (NCHSSVAD) SoundTap Recorder (32 Bit)
DRV - [2009/01/03 17:52:20 | 000,023,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgfwdx.sys -- (Avgfwfd)
DRV - [2009/01/03 17:52:20 | 000,023,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgfwdx.sys -- (Avgfwdx)
DRV - [2008/11/03 09:22:04 | 000,016,896 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\VirtualAudio.sys -- (wsvad_driver)
DRV - [2008/06/05 19:37:54 | 000,043,792 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\FSPFltd.sys -- (FSProFilter)
DRV - [2008/05/08 16:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\RMCast.sys -- (RMCAST)
DRV - [2008/04/13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 20:53:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys -- (nm)
DRV - [2008/04/13 20:40:50 | 000,149,376 | ---- | M] (M-Systems) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\tffsport.sys -- (tffsport)
DRV - [2008/04/13 20:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mqac.sys -- (MQAC)
DRV - [2008/01/15 16:09:42 | 000,047,470 | ---- | M] (Silence of Troubles United Company Ltd.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\FDCENT.SYS -- (FDCENT)
DRV - [2007/04/23 12:03:04 | 000,082,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nltdi.sys -- (nltdi)
DRV - [2005/05/03 17:34:04 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005/04/12 09:41:22 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005/02/24 12:29:14 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PFC027.sys -- (PAC207)
DRV - [2005/01/12 15:32:44 | 000,051,016 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Capt9080.sys -- (SQTECH9080) MegaCam(PID_9080_00)
DRV - [2004/08/04 07:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.SYS -- (rtl8139)
DRV - [2004/08/04 07:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/04 07:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/04 07:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv10nt.sys -- (iAimTV5)
DRV - [2004/08/04 07:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/04 07:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/04 07:29:44 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv06nt.sys -- (iAimTV6)
DRV - [2004/08/04 07:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/04 07:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/04 07:29:40 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv09nt.sys -- (iAimFP7)
DRV - [2004/08/04 07:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv08nt.sys -- (iAimFP6)
DRV - [2004/08/04 07:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/04 07:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/04 07:29:38 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv07nt.sys -- (iAimFP5)
DRV - [2004/08/04 07:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wADV05NT.sys -- (iAimFP2)
DRV - [2004/08/04 07:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/01/04 22:18:00 | 000,048,052 | R--- | M] (U.S. ROBOTICS CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Usr79n5.sys -- (Usr79n5)
DRV - [2003/01/04 15:17:58 | 000,045,696 | R--- | M] (U.S. ROBOTICS CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Usr79n51.sys -- (Usr79n51)
DRV - [2002/10/02 01:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2001/08/28 12:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/28 12:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkspx.sys -- (NwlnkSpx)
DRV - [1999/01/08 14:42:06 | 000,043,880 | ---- | M] (EPPSCSI Miniport Driver) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\EPPSCSI.SYS -- (EPPSCSIx)
DRV - [1998/05/15 11:29:12 | 000,008,896 | R--- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\AEC6710D.sys -- (AEC6710D)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKU\S-1-5-19\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKU\S-1-5-20\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-682003330-842925246-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-682003330-842925246-1708537768-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-842925246-1708537768-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://search.tuxendo.com/Search.aspx?aff=62&cg=b4da7bb..."
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.8
FF - prefs.js..keyword.URL: "http://search.tuxendo.com/Search.aspx?aff=62&cg=b4da7bb..."
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files\FunWebProducts\Installr\4.bin\NPFunWeb.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\YAHOO!\COMMON\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/22 16:20:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/10 12:37:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\***\Application Data\IDM\idmmzcc5

[2010/11/10 12:39:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\***\Application Data\Mozilla\Extensions
[2011/01/20 07:44:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\***\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/11/10 12:39:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\fz51xa1q.default\extensions
[2010/11/11 08:17:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\fz51xa1q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/26 19:42:00 | 000,000,000 | ---D | M] (Html Validator) -- C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\fz51xa1q.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2011/08/04 18:15:04 | 000,000,000 | ---D | M] (SearchToolbar) -- C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\fz51xa1q.default\extensions\{3D098A34-4D9F-4873-A333-229BB80BF7F2}
[2010/11/10 12:37:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/10 14:44:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/17 15:17:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/16 06:38:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/02/14 20:19:58 | 000,000,806 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O1 - Hosts: 127.255.255.255 www.alcohol-soft.com
O1 - Hosts: 127.255.255.255 images.alcohol-soft.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\ADOBE\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {83CED28E-B96A-43FC-A276-2AD7A48EB6BE} - No CLSID value found.
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-19\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-19\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-19\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx (Microsoft Corporation)
O3 - HKU\S-1-5-20\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-20\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-20\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx (Microsoft Corporation)
O3 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NL Client] C:\Program Files\NetLimiter 2 Pro\NLClient.exe (Locktime Software)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [IETI] File not found
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\SYSTEM32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [IETI] File not found
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\SYSTEM32\tscupgrd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/direc... (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5... (Windows Genuine Advantage Validation Tool)
O16 - DPF: {26522409-8BBF-4C5B-A4D3-CF4B1D6F255B} http://www.umediaserver.net/bin/UMediaControl5.cab (UMediaPlayer Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca... (MSN Photo Upload Tool)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005111401/housecall... (HouseCall Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/curren... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-wind... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-wind... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-wind... (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\***\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files\DVD Region+CSS Free\DVDShell.dll (Fengtao Software Inc.)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/13 01:51:56 | 000,000,194 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2006/10/05 23:15:06 | 000,000,194 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ FAT32 ]
O33 - MountPoints2\{584dd962-f53f-11dd-a78c-0030bd2fe910}\Shell - "" = AutoRun
O33 - MountPoints2\{584dd962-f53f-11dd-a78c-0030bd2fe910}\Shell\AutoRun\command - "" = E:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - File not found
NetSvcs: Iprip - C:\WINDOWS\SYSTEM32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

MsConfig - Services: "CryptSvc"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Photo Express Calendar Checker SE.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe - (Ulead Systems, Inc.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: CloneCDTray - hkey= - key= - C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DVD43 - hkey= - key= - C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe (Fengtao Software Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - File not found
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: Malwarebytes Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: MsmqIntCert - hkey= - key= - C:\WINDOWS\System32\regsvr32.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: PE2CKFNT SE - hkey= - key= - C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe ()
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.CSM0 - C:\WINDOWS\System32\CSMX.DLL ()
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Fichier Lisez-moi d'Internet Explorer
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.0
ActiveX: {16f41c69-09f5-41d2-8cd8-3c08c47bc8a8} - Background copy queue manager
ActiveX: {17cbc856-6c93-4a35-b603-098eb115a59f} - Windows Millennium Edition KB896358 Update
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {2806b4d1-cadf-4568-99df-1c8836a6b4bc} - Windows Millennium Edition Q823559 Update
ActiveX: {280ad020-daec-11d2-83c7-0000f8051539} - Mise à jour pour les processeurs d'ordinateurs portables
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {28FD0F82-4A73-4453-84A6-2F4F62702A3F} - Background copy downloader
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {32b1db33-27b9-43b7-8904-d5352decc292} - Windows Millennium Edition KB891711 Update
ActiveX: {34718640-ecfa-11d2-b5da-00a0c90833e8} - Windows 98 Deuxième Édition
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {38c91f78-0b74-451c-bcc5-95e5b3131849} - Q891781
ActiveX: {3a753dda-02a0-4834-b37c-9d3470a556ce} - Windows Millennium Edition Q888113 Update
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {43564368-4375-8601-4371-458454791235 -
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP

E /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015D} - DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {47f67d00-9e55-11d1-baef-00c04fc2d130} - Fichiers de prise en charge de AOL
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {50daafc0-e217-11d2-83c7-0000f8051539} - Correction continue des opérations Windows
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - Internet Connection Wizard
ActiveX: {5b7bf89d-d196-4c32-a303-a57b8ab7f18d} - Q918439
ActiveX: {5cc28b05-024f-4194-aa40-9aaca85e93b3} - Windows Millennium Edition Q329048 Update
ActiveX: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} - Reg Error: Value error.
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6b0d63a7-bf2d-45df-877b-b22d4c0eddbd} - Q887797
ActiveX: {6bef4ffe-71f9-4ceb-83e8-fb998fdef8ec} - Windows Millennium Edition Q311311 Update
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6ddf3056-9667-4ddd-9648-388f66e6146f} - Windows Millennium Edition KB908519 Update
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {76C19B50-F0C8-11cf-87CC-0020AFEECF20} - Sélection automatique de la langue
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {893c7200-9dd-11d2-b0d6-00c04f777f0c} - Mise à jour des bibliothèques Microsoft
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4395} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8d84e56e-fbac-4e09-af5e-6cde8294b998} - Windows Millennium Edition Q273991 Update
ActiveX: {8e877e70-0313-4578-852e-4b2687a9917e} - Windows Millennium Edition Q323172 Update
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {96ff9e49-fb06-487a-8387-1104b13ac161} - Windows Millennium Edition Q329115 Update
ActiveX: {9a2e4ab0-9a7e-11d2-9da1-00c04f98bbc9} - Windows Media Player Codecs
ActiveX: {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} - %SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl
ActiveX: {A0C51F80-12E9-4434-A7DB-8EAD52104135} - Windows Millennium Edition Q323255 Update
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {b59c7da0-daea-11d2-83c7-0000f8051539} - Mise à jour de l'Assistant Inscription
ActiveX: {B9A1063C-F9CC-11D1-8E01-0020AFE53FCF} - Mise à jour Active accessibility
ActiveX: {bddca085-1928-4215-aa65-c6af5eee8ef6} - Windows Millennium Edition Q812709 Update
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C5973BFE-8891-4c24-903E-3907A15AC223} - Windows Millennium Edition Q811630 Update
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CA0A4247-44BE-11d1-A005-00805F8ABE06} - RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Flash Player 8
ActiveX: {d6234cda-9e48-4060-990e-e92872d33286} - Windows Millennium Edition Q287564 Update
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {dfb341b5-0389-4479-8b5b-6a55d363240f} - Windows Millennium Edition Q273017 Update
ActiveX: {e6efec7d-797a-45ee-8eb4-afdb90c0d644} - Windows Millennium Edition Q314757 Update
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {f502aef4-a754-4c82-9f12-a5149f71ea89} - Windows Millennium Edition Q290700 Update
ActiveX: {f54910c7-a2f3-4ca4-81b2-4a43a5e2680a} - Q916281
ActiveX: {fe70184f-3301-440c-8c82-ca43b9bcef7c} - Windows Millennium Edition KB918547 Update
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/08/07 19:19:51 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\***\Bureau\OTL.exe
[2011/08/07 12:07:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\***\Recent
[2011/08/07 11:17:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/08/06 13:25:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2011/08/04 18:18:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Xvid
[2011/08/04 18:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2011/08/04 18:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid Codec
[2011/08/03 19:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Runtime Software
[2011/08/03 19:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\Runtime Software
[2011/08/03 18:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\HDD Regenerator
[2011/08/03 17:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\Downloaded Installations
[2011/08/03 17:32:20 | 000,000,000 | -HSD | C] -- C:\FOUND.007
[2011/08/03 16:48:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Bureau\emul
[2011/08/03 16:01:31 | 000,000,000 | --SD | C] -- C:\Documents and Settings\***\Bureau\Admin
[2011/08/03 11:13:59 | 000,000,000 | --SD | C] -- C:\Documents and Settings\***\Mes documents\Licence
[2011/08/02 07:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Convar
[2011/07/27 00:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\Avira
[2011/07/27 00:02:24 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/07/27 00:02:23 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/07/27 00:02:23 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/07/27 00:02:23 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/07/27 00:02:15 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/07/27 00:02:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/07/16 08:38:14 | 002,002,424 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\***\Bureau\HousecallLauncher.exe
[2011/07/14 14:33:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
[2010/06/07 10:46:28 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HijackThis.exe
[2010/05/28 10:18:50 | 000,374,272 | ---- | C] (KaKasoft) -- C:\Program Files\lockdir.exe
[2007/11/17 16:06:07 | 000,066,560 | ---- | C] (Rekenwonder Software) -- C:\Program Files\revealer.exe
[2007/10/31 18:47:21 | 005,060,904 | ---- | C] (SmartSoft Ltd) -- C:\Program Files\SFTPMSI.exe
[2007/03/23 11:51:59 | 014,797,568 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXPlay.exe
[2007/03/05 16:59:46 | 035,246,592 | ---- | C] (Microsoft Corporation) -- C:\Program Files\directx_9c_oct05sdk_redist.exe
[2007/03/05 16:52:35 | 007,462,674 | ---- | C] (CCCP Project ) -- C:\Program Files\Combined-Community-Codec-Pack-2007-02-22.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/07 19:29:26 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/08/07 19:19:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\***\Bureau\OTL.exe
[2011/08/07 13:38:04 | 000,000,360 | ---- | M] () -- C:\Documents and Settings\***\Mes documents\spider.sav
[2011/08/07 13:29:30 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/08/07 12:01:50 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/08/07 11:43:28 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-682003330-842925246-1708537768-1003.job
[2011/08/07 11:39:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/07 11:18:28 | 000,001,464 | ---- | M] () -- C:\Documents and Settings\***\Bureau\AD-R.lnk
[2011/08/07 07:49:14 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/08/06 13:25:58 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/08/05 08:17:08 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/03 19:28:32 | 000,001,630 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\GetDataBack for NTFS.lnk
[2011/08/03 19:17:28 | 000,000,472 | ---- | M] () -- C:\Documents and Settings\***\Bureau\emule.exe.lnk
[2011/08/03 11:48:02 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-682003330-842925246-1708537768-1003.job
[2011/07/27 17:32:32 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\***\Bureau\Disque local (F).lnk
[2011/07/27 00:03:42 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2011/07/26 23:45:56 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/07/26 18:52:00 | 000,035,296 | ---- | M] (Fengtao Software Inc.) -- C:\WINDOWS\System32\drivers\Dvd43.sys
[2011/07/25 08:21:00 | 000,083,285 | ---- | M] () -- C:\Documents and Settings\***\Bureau\RCTI.JPG
[2011/07/20 11:33:08 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/07/20 11:33:08 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/07/16 08:38:28 | 002,002,424 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\***\Bureau\HousecallLauncher.exe
[2011/07/16 08:34:52 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/07 19:29:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/08/07 11:17:33 | 000,001,464 | ---- | C] () -- C:\Documents and Settings\***\Bureau\AD-R.lnk
[2011/08/06 13:25:04 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/08/04 18:18:15 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/04 18:18:15 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/08/04 18:18:14 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2011/08/03 19:28:29 | 000,001,630 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\GetDataBack for NTFS.lnk
[2011/08/03 19:17:27 | 000,000,472 | ---- | C] () -- C:\Documents and Settings\***\Bureau\emule.exe.lnk
[2011/08/03 10:29:49 | 000,002,481 | -HS- | C] () -- C:\Documents and Settings\***\Bureau\AlbumArt_{4DE68C33-6B81-459C-9AFE-C13DD4B4D257}_Small.jpg
[2011/08/03 10:28:30 | 000,010,718 | -HS- | C] () -- C:\Documents and Settings\***\Bureau\AlbumArt_{4DE68C33-6B81-459C-9AFE-C13DD4B4D257}_Large.jpg
[2011/07/27 17:32:30 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\***\Bureau\Disque local (F).lnk
[2011/07/27 00:03:39 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2011/07/25 08:20:57 | 000,083,285 | ---- | C] () -- C:\Documents and Settings\***\Bureau\RCTI.JPG
[2011/07/16 08:34:50 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/07/14 14:33:46 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2011/07/14 06:54:39 | 000,000,306 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-682003330-842925246-1708537768-1003.job
[2011/06/04 12:20:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SiRPCPrx3.dll
[2011/03/01 21:24:32 | 000,102,400 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
[2011/02/06 12:24:10 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptddrv1.sys
[2011/01/05 17:01:14 | 000,000,887 | ---- | C] () -- C:\WINDOWS\cPVAS.INI
[2010/11/10 12:38:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/17 01:32:53 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/08/18 17:42:18 | 000,160,572 | ---- | C] () -- C:\WINDOWS\QuickTime DirectShow Filter for WMP Uninstaller.exe
[2010/06/07 10:45:40 | 001,402,880 | ---- | C] () -- C:\Program Files\HiJackThis.msi
[2010/03/23 10:55:19 | 000,036,704 | ---- | C] () -- C:\WINDOWS\System32\SubtitDSuninst.exe
[2010/03/23 10:53:01 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2010/03/03 01:00:00 | 001,449,935 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/03/03 01:00:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/03/03 01:00:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/03/03 01:00:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/03/03 01:00:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/03/03 01:00:00 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/03/03 01:00:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/03/03 01:00:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/03/03 01:00:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/03/03 01:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/03/03 01:00:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/01/29 11:43:33 | 000,001,639 | ---- | C] () -- C:\Program Files\Adobe Reader 9.lnk
[2009/12/07 16:31:09 | 000,038,509 | ---- | C] () -- C:\Documents and Settings\***\Application Data\Valeurs séparées par une tabulation (DOS).ADR
[2009/12/04 23:59:07 | 000,001,697 | ---- | C] () -- C:\Program Files\MacMed F.Paper.2.lnk
[2009/12/04 23:59:07 | 000,001,641 | ---- | C] () -- C:\Program Files\MacMed Cont.3.lnk
[2009/11/27 13:03:11 | 002,594,286 | ---- | C] () -- C:\Program Files\gwave525.exe
[2009/11/15 16:53:19 | 000,272,357 | ---- | C] () -- C:\Program Files\keyfinder.exe
[2009/11/14 19:37:08 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009/11/14 19:33:40 | 000,357,888 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2009/11/14 19:33:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009/11/14 19:11:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2009/11/14 19:11:42 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009/11/14 19:11:42 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009/11/14 19:11:40 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009/11/14 19:11:40 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009/11/14 19:11:38 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2009/11/14 19:11:36 | 000,136,704 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2009/11/14 19:11:36 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2009/11/14 19:11:32 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009/11/14 19:11:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009/08/11 22:21:26 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2009/07/19 10:06:47 | 000,046,592 | ---- | C] () -- C:\WINDOWS\htmlhelp.exe
[2009/04/19 16:31:28 | 000,282,624 | ---- | C] () -- C:\Program Files\FLV-Conv.exe
[2009/01/10 23:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/06/22 16:04:59 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2008/04/08 19:59:56 | 000,000,011 | ---- | C] () -- C:\WINDOWS\egypte.ini
[2008/03/14 10:42:31 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008/03/02 17:27:47 | 000,000,893 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/02/15 19:58:46 | 015,852,952 | ---- | C] () -- C:\Program Files\jre-6u4-windows-i586-p.exe
[2008/01/26 15:08:41 | 000,000,263 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/01/20 17:45:04 | 000,000,055 | ---- | C] () -- C:\WINDOWS\wgedit.ini
[2007/11/25 12:53:10 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/11/24 01:36:04 | 000,060,366 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2007/11/24 01:36:02 | 000,015,286 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2007/11/24 01:35:54 | 000,017,538 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2007/11/24 01:35:51 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/11/24 01:32:49 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2007/10/28 09:03:03 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS12.DLL
[2007/10/21 17:31:30 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2007/10/21 17:31:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\UnDCVG2.exe
[2007/10/21 17:31:02 | 000,000,025 | ---- | C] () -- C:\WINDOWS\DCVG2.ini
[2007/10/13 10:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2007/09/15 10:52:37 | 000,002,976 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp WavPack Codec.dat
[2007/09/15 10:51:39 | 000,002,999 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
[2007/09/15 10:49:42 | 000,003,087 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat
[2007/09/15 10:47:58 | 000,003,076 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
[2007/09/15 10:47:01 | 000,002,655 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp FLAC Codec.dat
[2007/09/15 10:45:55 | 000,003,494 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Mp2 and BwfMp2 codec.dat
[2007/09/15 10:45:01 | 000,002,814 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
[2007/09/15 10:44:09 | 000,014,189 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2007/09/14 22:15:01 | 000,003,365 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2007/09/14 21:52:06 | 000,001,378 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
[2007/09/03 21:51:22 | 000,008,192 | -HS- | C] () -- C:\WINDOWS\o2cLicStore.bin
[2007/08/06 13:19:40 | 000,000,628 | ---- | C] () -- C:\Program Files\Filtre.exe.lnk
[2007/08/05 13:15:03 | 000,001,386 | ---- | C] () -- C:\Program Files\XnView.lnk
[2007/07/14 14:56:32 | 000,104,960 | ---- | C] () -- C:\WINDOWS\catchme.exe
[2007/07/14 14:56:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\vfind.exe
[2007/06/20 11:18:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/06/19 14:00:52 | 000,000,157 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2007/06/18 18:00:57 | 000,001,712 | ---- | C] () -- C:\Program Files\DFX for WMP.lnk
[2007/06/18 18:00:42 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\dfxg15.dll
[2007/05/28 21:10:37 | 000,003,590 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp m4a Codec.dat
[2007/05/25 21:46:47 | 000,000,616 | ---- | C] () -- C:\Program Files\Ripp-it_AM.lnk
[2007/05/03 00:02:28 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\SiPlugins.dll
[2007/03/28 10:30:30 | 000,001,697 | ---- | C] () -- C:\Program Files\FlashPaper 2.lnk
[2007/03/23 12:05:14 | 000,001,431 | ---- | C] () -- C:\Program Files\DivX Movies.lnk
[2007/03/23 12:05:12 | 000,000,705 | ---- | C] () -- C:\Program Files\DivX Player.lnk
[2007/03/22 11:21:04 | 000,003,283 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Musepack Codec.dat
[2007/03/21 22:14:05 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007/03/11 00:08:15 | 000,000,047 | ---- | C] () -- C:\WINDOWS\Egittini.ini
[2007/03/11 00:07:13 | 000,247,296 | ---- | C] () -- C:\WINDOWS\UN160413.EXE
[2007/03/08 16:19:02 | 000,001,514 | ---- | C] () -- C:\Program Files\QuickTime.lnk
[2007/03/05 17:02:40 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/02/12 19:12:00 | 000,001,363 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/10 21:06:29 | 000,024,340 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2007/02/10 21:06:28 | 000,001,106 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2007/01/05 14:51:06 | 000,032,768 | ---- | C] () -- C:\WINDOWS\HulaTech.exe
[2007/01/03 20:06:14 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2007/01/03 20:06:13 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2007/01/03 20:04:56 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2006/12/05 17:15:19 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\***\Application Data\.zreglib
[2006/11/26 12:45:03 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/11/26 11:12:33 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\***\Application Data\fusioncache.dat
[2006/11/25 22:16:42 | 000,044,544 | R--- | C] () -- C:\WINDOWS\System32\gif89.dll
[2006/11/17 07:41:56 | 000,000,444 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2006/11/04 11:38:07 | 000,000,862 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2006/11/04 11:34:49 | 000,166,912 | ---- | C] () -- C:\WINDOWS\UnUSBDrv.exe
[2006/11/02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/10/27 11:18:03 | 000,000,068 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2006/10/21 15:05:25 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006/10/19 05:57:34 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\***\Application Data\CDRusersDB.v12
[2006/10/18 12:40:27 | 000,000,116 | ----

| Alerter

Répondre à modpas

hyunkel30

7 Août 2011 19:50:57

Re,

Oui c'est moi qui ai signalé ton sujet en double.

Mais deux problèmes maintenant :

- Tes rapports ne sont pas complet, je demande pourtant en fin de procédure de faire ceci :

Citation :

Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.

Héberge tes rapports OTL.txt et Extra.txt sur le site indiqué et fourni-moi les liens

- Deuxième problème :

Citation :

Par souci de discrétion, j'ai remplacé les sources d'identification par " *** ".

ça fallait y penser avant de mettre son nom et prénom ou autre en tant que nom de session, sans cette information, je ne pourrais effectuer complètement les procédures, car il me manquera un nom de dossier dans les chemin d'accès.

[:_tom_:7]

| Alerter

Répondre à hyunkel30

modpas

7 Août 2011 20:25:04

Merci pour ta réponse. Bon, point de souci, à part désolé pour la perte de temps et d'énergie... Je recommencerai et je posterai comme demandé.
P.S. : j'ai pourtant utilisé " sélectionner tout / copier " ensuite " coller " et j'ai donc du mal à comprendre comment alors les rapports peuvent ne pas être complets...? Merci

| Alerter

Répondre à modpas

hyunkel30

7 Août 2011 21:05:39

Re,

Parce que le forum limite le nombre de caractères dans les réponses.

| Alerter

Répondre à hyunkel30

modpas

7 Août 2011 21:25:44

Voici Hyunkel30 le lien

http://pjjoint.malekal.com/files.php?id=c20011c8ddv6e13...

pour le seul rapport OTL obtenu, pas d'extras cette fois, alors que j'ai pourtant scrupuleusement effectué la même manoeuvre.

| Alerter

Répondre à modpas

hyunkel30

8 Août 2011 08:35:06

Re,

Il fallait me renvoyer les anciens rapport, ils ne se sont pas enregistré sur ton bureau ?
Sinon regarde ici aussi :
C:\_OTL

Dans un des dossiers, tu trouveras peut-être le extra.txt, héberge-le comme l'OTL.txt et met-le dans ta prochaine réponse.

Ensuite :

Relance OTL.exe

Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.

:OTL
SRV - [2006/10/18 00:59:40 | 001,119,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
FF - prefs.js..browser.startup.homepage: "http://search.tuxendo.com/Search.aspx?aff=62&cg=b4da7bb..."
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.tuxendo.com/Search.aspx?aff=62&cg=b4da7bb..."
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files\FunWebProducts\Installr\4.bin\NPFunWeb.dll File not found
[2011/08/04 18:15:04 | 000,000,000 | ---D | M] (SearchToolbar) -- C:\Documents and Settings\Jean-Marc Moeremans\Application Data\Mozilla\Firefox\Profiles\fz51xa1q.default\extensions\{3D098A34-4D9F-4873-A333-229BB80BF7F2}
[2010/11/10 14:44:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
O2 - BHO: (no name) - {83CED28E-B96A-43FC-A276-2AD7A48EB6BE} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-19\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-19\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-20\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-20\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-842925246-1708537768-1003\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKU\.DEFAULT..\RunOnce: [IETI] File not found
O4 - HKU\S-1-5-18..\RunOnce: [IETI] File not found
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-wind... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-wind... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... (Reg Error: Key error.)
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2006/10/16 15:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SYMANTEC
[2009/01/04 12:33:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/11/26 10:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/03/10 20:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2006/10/16 15:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Marc Moeremans\Application Data\SYMANTEC
[2008/01/27 18:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Marc Moeremans\Application Data\TrojanHunter
[2008/02/03 09:33:28 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jean-Marc Moeremans\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
[2008/10/02 17:29:08 | 002,614,136 | ---- | M] (Simply Super Software) -- C:\Documents and Settings\Jean-Marc Moeremans\Application Data\Simply Super Software\Trojan Remover\gxm2.exe
[2008/10/02 17:29:08 | 002,614,136 | ---- | M] (Simply Super Software) -- C:\Documents and Settings\Jean-Marc Moeremans\Application Data\Simply Super Software\Trojan Remover\eog5.exe
[2009/01/05 17:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jean-Marc Moeremans\Application Data\Simply Super Software

:Files
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\FunWebProducts

:Commands
[emptytemp]
[emptyflash]

Puis clique sur le bouton Correction en haut à gauche

Si le pc demande à redémarrer accepte.

Poste le rapport de suppression.

Note : le rapport est enregistré sous format ".log", il convient de changer cette extension en ".txt" si tu veux le déposer sur des sites en ligne.

| Alerter

Répondre à hyunkel30

modpas

8 Août 2011 12:49:51

Comme j'ai tenté par 2 fois déjà de l'expliquer, pour t'envoyer le rapport du " killing ", j'ai été obligé de créer un nouveau post. Pourquoi obligé ? C'est pourtant ce qui est clairement expliqué dans ce nouveau post : depuis cette opération, je n'ai plus accès à Firefox ( voir les détails dans ce même nouveau post ) et avec le seul vieil Internet Explorer 6 qui me restait pour me connecter, je n'avais pas la possibilité de simplement " répondre " à ton dernier message sur le post original. J'avais bien un formulaire de réponse, mais aucun bouton " valider ". Le seul moyen à ma disposition pour te faire parvenir ce rapport était donc de créer un nouveau post. Depuis lors, j'ai re-téléchargé Firefox et tenté de le réinstaller, sans résultat. Et j'ai re-téléchargé et installé Google Chrome, lequel me permet désormais de te répondre sur l'ancien post. CQFD.

| Alerter

Répondre à modpas

hyunkel30

8 Août 2011 15:46:52

Re,

Si tu pouvais créer un nouveau sujet, tu pouvais répondre à celui-là.

Il suffisait de te connecter à nouveau sous ton pseudo, le cookie de connexion n'était que sous Firefox.
Bref.
(en plus au besoin, et d'ailleurs ce devrait être fait automatiquement pour éviter les failles, même si tu ne l'utilises pas, Internet Explorer devrait être à jour vers IE7 ou IE8)

Aucune des corrections que j'ai faite n'aurait dû endommager le démarrage de Firefox.
On va le réinstaller correctement.

Supprime-le de ta liste des programmes.

Si tu veux sauvegarder tes marques-pages, copie le fichier :
(fait apparaitre les fichiers et dossiers cachés d'abord)

C:\Documents and Settings\Ton_Nom-D'utilisateur\Application Data\Mozilla\Firefox\Profiles\xxxxxx.default\bookmark.html

Enregistre-le sur ton Bureau.

Supprime ensuite ces dossiers :

- C:\Documents and Settings\Ton_Nom-D'utilisateur\Application Data\Mozilla
- C:\Program Files\Mozilla Firefox

Télécharge et réinstalle Firefox :
http://www.mozilla-europe.org/fr/

| Alerter

Répondre à hyunkel30

Tom's guide dans le monde