Salut, dés que j'ouvre mon explorer, j'ai une fenêtre Windows installer qui s'ouvre pour installer "search settings installer"
savez vous comment faire pour s'en débarrasser?
Edt AtOM Sujet déplacé en rubrique adéquate.
Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
vstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
OTL logfile created on: 04/12/2010 16:32:29 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fabien\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,87 Gb Total Space | 26,35 Gb Free Space | 19,11% Space Free | Partition Type: NTFS
Drive D: | 11,18 Gb Total Space | 2,35 Gb Free Space | 21,05% Space Free | Partition Type: NTFS
Drive G: | 944,67 Mb Total Space | 4,31 Mb Free Space | 0,46% Space Free | Partition Type: FAT
Computer Name: PC-DE-FABIEN | User Name: Fabien | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\Users\Fabien\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe ()
PRC - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.)
PRC - C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Neuf\Kit\9props.exe (SFR)
PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - C:\Users\Fabien\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.)
SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - (SymIMMP) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (Bdfndisf) -- C:\Windows\System32\drivers\bdfndisf.sys (BitDefender LLC)
DRV - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (bdfsfltr) -- C:\Windows\System32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (bdfm) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (BDSelfPr) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender S.R.L.)
DRV - (BDVEDISK) -- C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys (BitDefender S.R.L.)
DRV - (Trufos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (Profos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys ()
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Presario&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Presario&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Presario&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://google.mini15.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="
FF - prefs.js..network.proxy.type: 4
FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\FFToolbar\ [2009/11/16 19:58:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/31 12:11:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/20 09:57:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\tbextension\ [2009/05/08 23:58:34 | 000,000,000 | ---D | M]
[2010/03/14 11:53:23 | 000,000,000 | ---D | M] -- C:\Users\Fabien\AppData\Roaming\mozilla\Extensions
[2010/03/14 11:53:23 | 000,000,000 | ---D | M] -- C:\Users\Fabien\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010/12/03 19:02:53 | 000,000,000 | ---D | M] -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions
[2010/04/28 14:00:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/23 20:45:45 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/08/26 20:13:19 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2010/11/26 22:12:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/09/13 16:40:26 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/01/30 17:29:46 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/07/15 09:37:44 | 000,000,000 | ---D | M] -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\piclens@cooliris.com
[2010/11/01 14:23:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/01 14:23:04 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/04/20 12:08:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/20 20:50:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/20 19:07:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/11/16 18:44:45 | 000,065,536 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\FFComm.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/25 15:07:03 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/25 15:07:03 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/25 15:07:03 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/25 15:07:04 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/03/23 22:13:53 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2009/09/03 20:56:15 | 000,327,702 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 http://www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 http://www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 http://www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 http://www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 http://www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 http://www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 http://www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 http://www.100888290cs.com
O1 - Hosts: 127.0.0.1 http://www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 http://www.10sek.com
O1 - Hosts: 127.0.0.1 http://www.1-2005-search.com
O1 - Hosts: 11213 more lines...
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe (BitDefender)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\Neuf\Kit\9props.exe (SFR)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Intranet local)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Fabien\AppData\Roaming\ACD Systems\ACDSee\ACD Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Fabien\AppData\Roaming\ACD Systems\ACDSee\ACD Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/08 20:30:04 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/09/13 17:12:36 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2009/09/13 17:12:36 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{ed6b1376-d22b-11df-aa4c-001eec73d78a}\Shell - "" = AutoRun
O33 - MountPoints2\{ed6b1376-d22b-11df-aa4c-001eec73d78a}\Shell\AutoRun\command - "" = F:\DPFMate.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010/12/04 16:30:19 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Fabien\Desktop\OTL.exe
[2010/11/18 12:23:04 | 000,000,000 | ---D | C] -- C:\Users\Fabien\Desktop\Emilie Rose
[2010/11/15 21:35:42 | 000,000,000 | ---D | C] -- C:\Users\Fabien\Documents\Youcam
[2010/11/14 19:18:05 | 000,000,000 | ---D | C] -- C:\Users\Fabien\Desktop\week end du 12 novembre
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010/12/04 16:30:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Fabien\Desktop\OTL.exe
[2010/12/04 16:23:34 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{76444ECB-2AC7-4FCF-B614-BFFEBD69D8DC}.job
[2010/12/04 15:51:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 15:45:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 15:45:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 14:27:11 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/12/04 13:49:00 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010/12/04 13:46:24 | 000,000,281 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/12/04 13:45:41 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/04 13:45:37 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter.job
[2010/12/04 13:45:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/04 13:43:32 | 000,081,984 | ---- | M] () -- C:\Windows\System32\bdod.bin
[2010/11/29 19:03:45 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/27 17:41:50 | 000,000,757 | ---- | M] () -- C:\Users\Fabien\Desktop\Glary Utilities.lnk
[2010/11/27 15:47:26 | 001,081,638 | ---- | M] () -- C:\Users\Fabien\Desktop\brochure-diversification-alimentaire.pdf
[2010/11/26 18:30:52 | 000,000,827 | ---- | M] () -- C:\Windows\System32\BDUpdateV1.xml
[2010/11/21 21:05:51 | 000,000,676 | ---- | M] () -- C:\Users\Fabien\Documents\cc_20101121_210545.reg
[2010/11/20 10:04:43 | 000,119,296 | ---- | M] () -- C:\Users\Fabien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/20 10:01:14 | 003,573,808 | ---- | M] () -- C:\Users\Fabien\Desktop\Capture_20101120.wmv
[2010/11/20 09:57:34 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/16 20:02:34 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/11/16 20:02:34 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/16 20:02:34 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/11/16 20:02:34 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/08 20:33:58 | 000,038,804 | ---- | M] () -- C:\Users\Fabien\Documents\cc_20101108_203349.reg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010/11/27 15:47:23 | 001,081,638 | ---- | C] () -- C:\Users\Fabien\Desktop\brochure-diversification-alimentaire.pdf
[2010/11/21 21:05:48 | 000,000,676 | ---- | C] () -- C:\Users\Fabien\Documents\cc_20101121_210545.reg
[2010/11/20 10:00:07 | 003,573,808 | ---- | C] () -- C:\Users\Fabien\Desktop\Capture_20101120.wmv
[2010/11/08 20:33:52 | 000,038,804 | ---- | C] () -- C:\Users\Fabien\Documents\cc_20101108_203349.reg
[2010/11/01 14:27:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/13 18:10:53 | 000,000,036 | ---- | C] () -- C:\Users\Fabien\AppData\Local\housecall.guid.cache
[2010/04/05 16:28:24 | 000,327,168 | ---- | C] () -- C:\Windows\System32\cutil32.dll
[2010/02/19 18:10:36 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/10/15 16:35:47 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/27 19:06:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/18 17:15:15 | 000,005,972 | ---- | C] () -- C:\Users\Fabien\AppData\Local\d3d9caps.dat
[2009/05/11 13:45:59 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/05/11 13:45:59 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009/05/09 11:50:06 | 000,119,296 | ---- | C] () -- C:\Users\Fabien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/08 23:22:51 | 000,031,007 | ---- | C] () -- C:\Users\Fabien\AppData\Roaming\UserTile.png
[2009/05/08 23:05:38 | 000,000,000 | ---- | C] () -- C:\Users\Fabien\AppData\Local\QSwitch.txt
[2009/05/08 23:05:38 | 000,000,000 | ---- | C] () -- C:\Users\Fabien\AppData\Local\DSwitch.txt
[2009/05/08 23:05:38 | 000,000,000 | ---- | C] () -- C:\Users\Fabien\AppData\Local\AtStart.txt
[2009/05/08 21:23:42 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2008/04/23 17:34:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2008/02/11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/08/20 13:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll
[2007/08/20 13:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2008/10/01 08:29:44 | 000,966,656 | ---- | M] () -- C:\assistant.exe
[2009/12/10 11:04:42 | 005,369,856 | ---- | M] () -- C:\Logiciel de photoreflex.exe
[2008/09/15 06:58:08 | 002,723,264 | ---- | M] (Microsoft Corporation) -- C:\vcredist_x86.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2007/01/12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
[2008/07/17 12:06:54 | 000,001,536 | ---- | M] () MD5=CAA9BBBE220DDB97B81FAC66321B513B -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\lib\eventlog.dll
[color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
[2007/09/29 22:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007/09/30 13:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\SwSetup\Drivers\IMSM\Files\64\iastor.sys
[2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007/09/30 13:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\SwSetup\Drivers\IMSM\Files\32\iastor.sys
[2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
< End of report >
OTL Extras logfile created on: 04/12/2010 16:32:29 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fabien\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,87 Gb Total Space | 26,35 Gb Free Space | 19,11% Space Free | Partition Type: NTFS
Drive D: | 11,18 Gb Total Space | 2,35 Gb Free Space | 21,05% Space Free | Partition Type: NTFS
Drive G: | 944,67 Mb Total Space | 4,31 Mb Free Space | 0,46% Space Free | Partition Type: FAT
Computer Name: PC-DE-FABIEN | User Name: Fabien | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 2.5.Browse] -- "C:\Program Files\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe" "%1" (ACD Systems)
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Logiciel de photoreflex] -- "C:\Logiciel de photoreflex.exe" "%1" ()
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{150ED3BE-4E5C-4B71-A0F1-13BCFAECA4D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{2603141C-6E41-47EC-B725-73C6F0D0C7FE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{352CF0FB-66E5-4641-8173-9A9E73A900AF}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{376CAA2E-1C48-43B7-B177-F1D4F12A0786}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{3A1C72EA-D4F7-4203-9DD5-8EC13AB2E7AF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{479B19A3-AF44-482B-B63F-4739C8CB7D05}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{4B802C91-0EEE-430E-A778-B1DE048A8D98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{5931E572-B46E-4E1F-B7C4-4D026980FAF8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F68DA38-EFA8-4814-B174-8FA68F918E7D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6191F39F-7AB3-4F84-974F-C5F367164CD3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{629DB2AF-51CA-46AA-BE78-4D125A91107D}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6944C8DC-621A-4A99-A3D4-3ACCDD289216}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{9904C3E0-D418-4615-A07C-C2437EFD111C}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{A1E3D6D0-0B69-4840-8718-0B3F6B0061CF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{AB2D2F36-14FF-441A-A15C-6719E89E4637}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B7C83ACC-1FF9-40DB-BD7D-0FD9B26133EA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C061E49A-2FFD-4625-BC39-1008982EC263}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C06A3EB5-B51F-4E89-959E-7917E7A35138}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C6345188-FDF7-4C38-BE5F-AC28EA326061}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{C744B12E-7109-4665-AB87-D3910BB92E8E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D0AD75B3-F70A-40F8-B3D8-859A160AFADF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{D8C0773A-5D84-491F-9279-842F752B29ED}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{E6A01BB5-405C-4B1F-B6C8-49FA6FA94C73}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{EF66CCD4-3C09-42A8-A923-ED137EDE384F}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CC372F-DC4D-4F98-B919-B021C38F850E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0CACAC97-5EB6-4E9C-A4F0-8FD3F7AD9AC1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{19DDB0DD-24AE-4CF5-837C-BEB4A1F4EEE2}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{28EB2268-34B9-4A87-9FF0-F9B2B3B501B2}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{36A2118F-E370-4330-9FFD-2F26D5E96575}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{43949986-75F5-4385-A639-A9E601F98B1A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{44DF104C-0788-4901-8DC5-028A9BDB0463}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{555AF121-D7FB-4EE3-8244-679A441D6950}" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"{577AF669-2032-4935-BF06-15E744931D16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{637FDF51-9BEB-4A04-87F9-29F0BF2F03EF}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{65562794-0C8F-4F94-BB3E-C53B87B5A66C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{69E2CC7B-5159-4E02-BE51-E2CA08E94B98}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{74D5B957-8FFD-46B7-AC04-18F235F621BC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8AECD8F2-BAB5-417B-A4A1-6EE676E1E972}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{8C7BB814-629C-4F42-AEE9-23ACFFB70627}" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"{964EA0D4-D5A4-407B-A332-B9FAA38E967E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A3D58AFC-C5AB-44F8-825C-715180779689}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D85A666C-0777-4DCE-9842-A48D771397EE}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{DA3B4891-D5BA-465A-8554-518D2BDEB7FC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E6EAB7D0-6A92-4B98-BB44-14107150DBE5}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{EDDCDF7D-445C-44FB-B811-3E5CD244B346}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EE91A1C5-F335-4725-8266-E0A5DD519EC1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{3A04A71F-F3B7-4BAE-B924-4CC7B5890466}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{3CADDF5F-4B2A-47F9-96A2-A4B08C490280}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06BF1B44-DF6B-4EC8-BE2B-825CB989DDCC}" = Google SketchUp 8
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 22
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}" = ACDSee Pro 2.5
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 B2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{85833A03-476B-43B3-B61C-5EB946DBF6E4}" = HP User Guides 0092
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACF317C-CA66-4363-AEBF-A073B124AA1A}" = BitDefender Total Security 2009
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CCleaner" = CCleaner (remove only)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"CopyTrans Suite" = CopyTrans Suite désinstallation uniquement
"doPDF 6 printer_is1" = doPDF 6.3 printer
"eMule" = eMule
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.81
"Free Video Converter_is1" = Free Video Converter V 2.5
"Glary Utilities_is1" = Glary Utilities 2.30.0.1066
"Google Updater" = Outil de mise à jour Google
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Picasa 3" = Picasa 3
"SFR_Kit" = SFR - Kit de connexion
"TVWiz" = Intel(R) TV Wizard
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WinLiveSuite" = Windows Live
"WinRAR archiver" = WinRAR archiver
"Zapu - The Share Accelerator" = Zapu - The Share Accelerator
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 29/09/2010 07:36:18 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 29/09/2010 07:36:18 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3931
Error - 29/09/2010 07:36:18 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3931
Error - 29/09/2010 07:36:19 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 29/09/2010 07:36:19 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4992
Error - 29/09/2010 07:36:19 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4992
Error - 29/09/2010 07:36:20 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 29/09/2010 07:36:20 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6053
Error - 29/09/2010 07:36:20 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6053
Error - 29/09/2010 13:08:01 | Computer Name = PC-de-Fabien | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 20/11/2010 05:18:12 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000
Description =
Error - 25/11/2010 11:46:14 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7009
Description =
Error - 25/11/2010 11:46:14 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000
Description =
Error - 26/11/2010 11:10:33 | Computer Name = PC-de-Fabien | Source = DCOM | ID = 10005
Description =
Error - 26/11/2010 11:10:33 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7009
Description =
Error - 26/11/2010 11:10:33 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000
Description =
Error - 26/11/2010 11:11:03 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7009
Description =
Error - 26/11/2010 11:12:26 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000
Description =
Error - 02/12/2010 13:35:04 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000
Description =
Error - 04/12/2010 08:43:23 | Computer Name = PC-de-Fabien | Source = DCOM | ID = 10010
Description =
< End of report >
:OTL
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
DRV - (SymIMMP) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
:Files
C:\Program Files\Application Updater
- C:\Program Files\Search Settings
:Commands
[emptytemp]
CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse
** Rapport MyHosts.txt **
MyHosts V.1.0.0.2 de jeanmimigab
Merci à la team MH, W-T ,C_XX, Laddy et à Batch_man pour leurs aides
Résultat de l'opération:restauration du fichier hosts réussi...
** Fin du rapport **
All processes killed
========== OTL ==========
Process ApplicationUpdater.exe killed successfully!
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Service SymIMMP stopped successfully!
Service SymIMMP deleted successfully!
File C:\Windows\System32\DRIVERS\SymIM.sys File not found not found.
Service SymIM stopped successfully!
Service SymIM deleted successfully!
File C:\Windows\System32\DRIVERS\SymIM.sys File not found not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
C:\Program Files\Search Settings\SearchSettings.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
File C:\Program Files\Search Settings\SearchSettings.dll not found.
========== FILES ==========
C:\Program Files\Application Updater folder moved successfully.
File\Folder - C:\Program Files\Search Settings not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41085 bytes
User: Default User
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Fabien
->Temp folder emptied: 2024269 bytes
->Temporary Internet Files folder emptied: 5343701 bytes
->Java cache emptied: 67198311 bytes
->FireFox cache emptied: 175501087 bytes
->Flash cache emptied: 158719 bytes
User: Public
User: TEMP
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15342 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1317485570 bytes
Total Files Cleaned = 1 495,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12062010_203548
Files\Folders moved on Reboot...
C:\Users\Fabien\AppData\Local\Temp\ehmsas.txt moved successfully.
Registry entries deleted on Reboot...
======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 11/11/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:53:14 le 06/12/2010, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
Fabien@PC-DE-FABIEN (Hewlett-Packard Compaq Presario A900 Notebook PC)
============== ACTION(S) ==============
Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Fichier supprimé: C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
Dossier supprimé: C:\Users\Fabien\AppData\LocalLow\Search Settings
Dossier supprimé: C:\Program Files\Search Settings
Dossier supprimé: C:\Users\Fabien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TorrentSpeeder
Dossier supprimé: C:\Program Files\TorrentSpeeder
Dossier supprimé: C:\ProgramData\Viewpoint
Dossier supprimé: C:\Program Files\Viewpoint
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé supprimée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé supprimée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO
Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO.1
Clé supprimée: HKLM\Software\Application Updater
Clé supprimée: HKLM\Software\MetaStream
Clé supprimée: HKLM\Software\Search Settings
Clé supprimée: HKLM\Software\Viewpoint
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\TorrentSpeeder
Clé supprimée: HKLM\Software\Classes\Installer\Products\D82C50F59AED6DA47AA360145789E8BA
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\D82C50F59AED6DA47AA360145789E8BA
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E58306C6-FD73-43CC-A39C-A54DC2055342}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{E58306C6-FD73-43CC-A39C-A54DC2055342}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.12 (fr)] **
-- C:\Users\Fabien\AppData\Roaming\Mozilla\FireFox\Profiles\v8mosu4n.default\User.js --
keyword.URL, hxxp://redirecterror.sfr.fr/?q=
-- C:\Users\Fabien\AppData\Roaming\Mozilla\FireFox\Profiles\v8mosu4n.default\Prefs.js --
browser.download.lastDir, C:\\Users\\Fabien\\Desktop
browser.startup.homepage, hxxp://www.google.fr/
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://redirecterror.sfr.fr/?q=
========================================
** Internet Explorer Version [8.0.6001.18975] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 67 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 06/12/2010 (4984 Octet(s))
Fin à: 20:54:50, 06/12/2010
============== E.O.F ==============
############################## | UsbFix 7.035 | [Recherche]
Utilisateur: Fabien (Administrateur) # PC-DE-FABIEN [Hewlett-Packard Compaq Presario A900 Notebook PC]
Mis à jour le 05/12/10 par El Desaparecido / C_XX
Lancé à 21:05:24 | 06/12/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18975
Pare-feu Windows: Activé
Antivirus: BitDefender Antivirus 12.0 [Enabled | Updated]
Firewall: BitDefender Firewall 12.0 [Enabled]
RAM -> 3061 Mo
C:\ (%systemdrive%) -> Disque fixe # 138 Go (32 Go libre(s) - 23%) [] # NTFS
D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 21%) [PRESARIO_RP] # NTFS
E:\ -> CD-ROM
G:\ -> Disque amovible # 2 Go (1 Go libre(s) - 81%) [] # FAT
################## | Éléments infectieux |
################## | Registre |
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{ed6b1376-d22b-11df-aa4c-001eec73d78a}
Shell\AutoRun\Command = F:\DPFMate.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse
############################## | UsbFix 7.035 | [Suppression]
Utilisateur: Fabien (Administrateur) # PC-DE-FABIEN [Hewlett-Packard Compaq Presario A900 Notebook PC]
Mis à jour le 05/12/10 par El Desaparecido / C_XX
Lancé à 22:27:29 | 06/12/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18975
Pare-feu Windows: Activé
Antivirus: BitDefender Antivirus 12.0 [Enabled | Updated]
Firewall: BitDefender Firewall 12.0 [Enabled]
RAM -> 3061 Mo
C:\ (%systemdrive%) -> Disque fixe # 138 Go (31 Go libre(s) - 22%) [] # NTFS
D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 21%) [PRESARIO_RP] # NTFS
E:\ -> CD-ROM
G:\ -> Disque amovible # 2 Go (1 Go libre(s) - 81%) [] # FAT
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3039967825-2895691146-1922016862-1000
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3039967825-2895691146-1922016862-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3112872192-4035799025-1426558545-500
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3039967825-2895691146-1922016862-1000
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3039967825-2895691146-1922016862-500
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ed6b1376-d22b-11df-aa4c-001eec73d78a}
################## | Listing |
[06/12/2010 - 22:30:05 | SHD ] C:\$RECYCLE.BIN
[22/08/2009 - 18:51:42 | N | 421] C:\38-index-4.4.6.txt
[17/06/2010 - 15:45:13 | N | 691] C:\38-index-4.5.9.txt
[06/12/2010 - 20:54:50 | N | 5114] C:\Ad-Report-CLEAN[1].txt
[15/09/2008 - 06:57:58 | N | 24576] C:\ash_spti.dll
[01/10/2008 - 08:29:44 | N | 966656] C:\assistant.exe
[08/05/2009 - 20:30:04 | N | 74] C:\autoexec.bat
[13/09/2009 - 17:12:36 | RASHD ] C:\autorun.inf
[08/05/2009 - 23:58:55 | D ] C:\Binaries
[27/05/2009 - 19:30:12 | D ] C:\boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[15/09/2008 - 06:57:58 | N | 242475] C:\ca-bundle.crt
[18/09/2006 - 22:43:37 | N | 10] C:\config.sys
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[17/06/2010 - 16:02:30 | N | 7306] C:\faire part.mcf
[17/06/2010 - 16:02:29 | N | 0] C:\faire part.mcf~
[15/09/2008 - 06:57:58 | N | 131072] C:\fpxjpeg.dll
[14/06/2010 - 13:06:57 | D ] C:\Games
[09/05/2009 - 11:07:38 | N | 2490432] C:\HighLogging.log
[14/06/2010 - 13:57:49 | D ] C:\HP
[29/09/2009 - 15:12:10 | N | 132] C:\httpdwl.dat
[22/08/2009 - 18:54:48 | D ] C:\imageformats
[08/05/2009 - 21:22:36 | D ] C:\Intel
[04/07/2009 - 21:49:18 | N | 0] C:\IO.SYS
[08/05/2009 - 20:07:19 | N | 370] C:\IPH.PH
[16/07/2009 - 13:10:38 | N | 212992] C:\libcurl.dll
[16/07/2009 - 13:10:38 | N | 1032192] C:\libeay32.dll
[15/09/2008 - 06:58:00 | N | 319488] C:\libhunspell.dll
[15/09/2008 - 06:58:00 | N | 170496] C:\libssh2.dll
[15/09/2008 - 06:58:00 | N | 322990] C:\libssl32.dll
[10/12/2009 - 11:04:42 | N | 5369856] C:\Logiciel de photoreflex.exe
[18/07/2010 - 10:47:55 | N | 127] C:\mbam-error.txt
[04/07/2009 - 21:49:18 | N | 0] C:\MSDOS.SYS
[08/05/2009 - 20:39:54 | RHD ] C:\MSOCache
[06/12/2010 - 20:32:44 | D ] C:\MyHosts
[06/12/2010 - 20:32:45 | N | 230] C:\MyHosts.txt
[06/12/2010 - 20:56:41 | ASH | 3524546560] C:\pagefile.sys
[17/06/2010 - 15:47:27 | D ] C:\photofun
[15/09/2008 - 06:58:02 | N | 163840] C:\picn1020.dll
[15/09/2008 - 06:58:02 | N | 188416] C:\picn1120.dll
[15/09/2008 - 06:58:02 | N | 118784] C:\picn1320.dll
[15/09/2008 - 06:58:04 | N | 180224] C:\picn20.dll
[15/09/2008 - 06:58:04 | N | 159744] C:\picn2720.dll
[15/09/2008 - 06:58:06 | N | 1511424] C:\picn6620.dll
[15/09/2008 - 06:58:06 | N | 1507328] C:\picn6720.dll
[06/12/2010 - 20:54:26 | D ] C:\Program Files
[06/12/2010 - 20:54:24 | HD ] C:\ProgramData
[16/07/2009 - 13:10:20 | N | 1052672] C:\QtCLucene4.dll
[16/07/2009 - 13:10:22 | N | 2076672] C:\QtCore4.dll
[27/11/2009 - 11:48:34 | N | 7671808] C:\QtGui4.dll
[16/07/2009 - 13:10:32 | N | 413696] C:\QtHelp4.dll
[16/07/2009 - 13:10:32 | N | 921600] C:\QtNetwork4.dll
[16/07/2009 - 13:10:34 | N | 200704] C:\QtSql4.dll
[16/07/2009 - 13:10:34 | N | 270336] C:\QtSvg4.dll
[16/07/2009 - 13:10:34 | N | 9318400] C:\QtWebKit4.dll
[16/07/2009 - 13:10:38 | N | 364544] C:\QtXml4.dll
[15/09/2008 - 06:57:56 | N | 450560] C:\RecDev.dll
[15/09/2008 - 06:57:56 | N | 85504] C:\RedEye.dll
[17/06/2010 - 15:51:13 | D ] C:\resources
[15/09/2008 - 06:58:08 | N | 753664] C:\sadw.dll
[15/09/2008 - 06:58:08 | N | 380928] C:\safpx.dll
[15/09/2008 - 06:57:56 | N | 77824] C:\SAFPXLB.dll
[15/09/2008 - 06:57:56 | N | 147456] C:\SoftCore.dll
[16/07/2009 - 13:10:38 | N | 212992] C:\ssleay32.dll
[26/06/2009 - 12:13:59 | D ] C:\SwSetup
[06/12/2010 - 21:56:11 | SHD ] C:\System Volume Information
[08/05/2009 - 23:02:25 | D ] C:\System.sav
[13/09/2009 - 18:03:29 | N | 692] C:\TCleaner.txt
[16/05/2009 - 10:00:40 | N | 594] C:\updatedatfix.log
[06/12/2010 - 22:30:05 | D ] C:\UsbFix
[06/12/2010 - 22:27:36 | A | 5190] C:\UsbFix.txt
[21/03/2010 - 11:48:03 | D ] C:\Users
[15/09/2008 - 06:58:08 | N | 2723264] C:\vcredist_x86.exe
[05/12/2010 - 17:22:38 | D ] C:\Windows
[15/09/2008 - 06:58:10 | N | 77824] C:\wnaspi32.dll
[15/09/2008 - 06:57:58 | N | 299008] C:\XMPFiles.dll
[15/09/2008 - 06:57:58 | N | 327680] C:\XMPToolkit.dll
[15/09/2008 - 06:58:10 | N | 69632] C:\zlib1.dll
[15/09/2008 - 06:57:58 | N | 1053696] C:\_ISource30.dll
[04/12/2010 - 17:37:04 | D ] C:\_OTL
[15/09/2008 - 06:57:58 | N | 81920] C:\_SAFPX10.dll
[15/09/2008 - 06:57:58 | N | 368640] C:\_SAJ2K10.dll
[15/09/2008 - 06:57:58 | N | 225280] C:\_SARAW10.dll
[06/12/2010 - 22:30:05 | SHD ] D:\$RECYCLE.BIN
[11/09/2005 - 16:18:54 | N | 340] D:\AUTOMODE
[13/09/2009 - 17:12:36 | RASHD ] D:\autorun.inf
[08/05/2009 - 22:54:25 | N | 13] D:\BLOCK.RIN
[08/05/2009 - 23:46:45 | D ] D:\boot
[04/10/2006 - 00:02:44 | SH | 438328] D:\bootmgr
[06/09/2008 - 12:19:22 | SH | 891] D:\Desktop.ini
[10/09/2002 - 17:14:28 | N | 8134] D:\Folder.htt
[08/05/2009 - 23:46:45 | D ] D:\HP
[08/05/2009 - 23:05:00 | N | 828] D:\MASTER.LOG
[08/05/2009 - 23:46:45 | D ] D:\preload
[29/01/2007 - 18:59:36 | N | 109342] D:\protect.chinese hong kong
[29/01/2007 - 18:59:24 | N | 109360] D:\protect.chinese simplified
[29/01/2007 - 18:59:36 | N | 109342] D:\protect.chinese traditional
[14/02/2007 - 19:30:34 | N | 111653] D:\protect.czech
[29/01/2007 - 18:55:24 | N | 109124] D:\protect.danish
[29/01/2007 - 18:57:48 | N | 109049] D:\protect.dutch
[29/01/2007 - 18:55:48 | N | 109092] D:\protect.ed
[29/01/2007 - 18:55:48 | N | 109092] D:\protect.english
[29/01/2007 - 18:56:08 | N | 109092] D:\protect.finnish
[29/01/2007 - 18:56:20 | N | 109060] D:\protect.french
[29/01/2007 - 18:55:34 | N | 109094] D:\protect.german
[14/02/2007 - 19:38:50 | N | 112541] D:\protect.greek
[14/02/2007 - 19:40:00 | N | 112375] D:\protect.hebrew
[28/08/2007 - 15:57:46 | N | 111475] D:\protect.hungarian
[29/01/2007 - 18:56:46 | N | 108979] D:\protect.italian
[29/01/2007 - 18:57:30 | N | 109795] D:\protect.japanese
[29/01/2007 - 18:57:36 | N | 109487] D:\protect.korean
[14/02/2007 - 19:44:28 | N | 111402] D:\protect.norwegian
[14/02/2007 - 19:45:16 | N | 111585] D:\protect.polish
[14/02/2007 - 19:46:04 | N | 111448] D:\protect.portuguese
[14/02/2007 - 19:46:40 | N | 111697] D:\protect.portuguese brazilian
[29/01/2007 - 18:58:20 | N | 163804] D:\protect.russian
[29/01/2007 - 18:55:54 | N | 109016] D:\protect.spanish
[14/02/2007 - 19:48:56 | N | 111445] D:\protect.swedish
[14/02/2007 - 19:49:30 | N | 111598] D:\protect.turkish
[08/05/2009 - 23:46:46 | RD ] D:\RECOVERY
[08/05/2009 - 23:46:45 | D ] D:\SOURCES
[08/05/2009 - 23:46:45 | SHD ] D:\System Volume Information
[08/05/2009 - 23:46:46 | D ] D:\Tools
[08/05/2009 - 21:48:16 | N | 0] D:\USER
[08/05/2009 - 23:46:45 | D ] D:\WINDOWS
[01/01/1601 - 01:00:00 | D ] G:\DCIM
[01/01/1601 - 01:00:00 | D ] G:\MISC
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-FABIEN.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.
################## | E.O.F |
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 14 invités
.: Nous contacter :: Flux RSS :: Données personnelles :. |