Quel ligne supprimé sur Hijack ? • page 2

[bernard53]

fait ceci a la place alors.

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

Code: Tout sélectionner

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
 viasraid.sys
AGP440.sys
 vaxscsi.sys
 nvatabus.sys
 viamraid.sys
 nvata.sys
 nvgts.sys
 iastorv.sys
 ViPrt.sys
 eNetHook.dll
 ahcix86.sys
 KR10N.sys
 vstor32.sys
 ahcix86s.sys
 nvrd32.sys
 /md5stop
 %systemroot%\*. /mp /s
 %systemroot%\system32\*.dll /lockedfiles
 %systemroot%\Tasks\*.job /lockedfiles




* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

[dz.malek]

OTL.txt

Code: Tout sélectionner

OTL logfile created on: 27/05/2010 14:07:37 - Run 1
OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\Mouzaoui\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,03 Gb Total Space | 22,83 Gb Free Space | 16,19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 141,06 Gb Total Space | 140,96 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-MOUZAOUI
Current User Name: Mouzaoui
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Mouzaoui\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files\bin32\nSvcAppFlt.exe ()
PRC - C:\Program Files\bin32\nSvcIp.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Mouzaoui\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
MOD - C:\Windows\System32\powrprof.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wtsapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (NTIBackupSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Program Files\bin32\nSvcIp.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (klbg) -- C:\Windows\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (LVUVC) Logitech Webcam 300(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.myheritage.com/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.5.2.106
FF - prefs.js..extensions.enabledItems: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB}:1.0.3
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="
 
FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/02 01:22:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/12 14:14:24 | 000,000,000 | ---D | M]
 
[2009/10/20 23:41:36 | 000,000,000 | ---D | M] -- C:\Users\Mouzaoui\AppData\Roaming\mozilla\Extensions
[2010/05/26 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions
[2009/10/20 23:47:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/15 22:48:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/10 17:16:17 | 000,000,000 | ---D | M] -- C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com
[2010/01/10 17:16:17 | 000,002,256 | ---- | M] () -- C:\Users\Mouzaoui\AppData\Roaming\Mozilla\FireFox\Profiles\9dh9mpaw.default\searchplugins\askcom.xml
[2009/11/01 22:18:10 | 000,005,413 | ---- | M] () -- C:\Users\Mouzaoui\AppData\Roaming\Mozilla\FireFox\Profiles\9dh9mpaw.default\searchplugins\fast-browser-search.xml
[2010/05/12 14:14:27 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/05/12 14:14:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/02/06 22:22:05 | 000,000,000 | ---D | M] (Celebrity Toolbar) -- C:\Program Files\mozilla firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
[2009/12/02 22:21:00 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2009/12/06 14:59:08 | 000,192,512 | ---- | M] () -- C:\Program Files\mozilla firefox\components\mhxpcom.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/18 17:57:37 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/18 17:57:37 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/18 17:57:37 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/02/06 22:21:52 | 000,003,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MyHeritage.xml
[2010/01/18 17:57:38 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/18 17:57:38 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MHTBPos00 Class) - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Celebrity Toolbar\tbcore3.dll ()
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (CMySite Class) - {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Celebrity Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Celebrity Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Celebrity Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Celebrity Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Lau File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe (CamfrogWEB Advanced Unicode Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mhtb {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll ()
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\Mouzaoui\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mouzaoui\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{14b063db-c4c9-11de-a03f-001d72b240fb}\Shell - "" = AutoRun
O33 - MountPoints2\{14b063db-c4c9-11de-a03f-001d72b240fb}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/01/21 04:46:39 | 000,000,000 | ---D | M]
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/05/27 14:06:37 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\Mouzaoui\Desktop\OTL.exe
[2010/05/26 12:07:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/05/25 11:36:53 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/05/25 11:36:51 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/05/24 23:05:17 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/05/24 23:04:10 | 000,518,656 | ---- | C] (OldTimer Tools) -- C:\Users\Mouzaoui\Desktop\OTM.exe
[2010/05/24 14:38:42 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/05/24 14:38:42 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/05/24 14:38:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/05/24 14:38:41 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/05/24 14:38:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/05/24 14:38:41 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/05/24 14:38:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/05/24 14:38:41 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/05/24 14:38:40 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/05/24 14:38:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/05/24 14:38:40 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/05/24 14:38:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/05/24 14:38:39 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/05/24 14:38:39 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/05/24 14:38:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/05/24 14:37:24 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/05/24 14:37:24 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/05/24 14:37:24 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/05/24 14:37:24 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/05/24 14:37:23 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/05/24 14:37:23 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/05/24 14:37:23 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/05/24 14:37:23 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/05/24 14:37:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/05/24 14:37:23 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/05/24 14:37:23 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/05/24 14:37:22 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/05/24 14:37:22 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/05/24 14:37:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/05/24 14:37:22 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/05/24 14:37:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/05/24 14:37:21 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/05/24 14:37:21 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/05/24 14:37:20 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/05/24 14:37:20 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/05/24 14:37:20 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/05/24 14:37:20 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/05/24 14:37:20 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/05/24 14:37:20 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010/05/24 14:37:19 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/05/24 14:23:36 | 000,000,000 | ---D | C] -- C:\ToolBar SD
[2010/05/24 14:22:43 | 000,000,000 | ---D | C] -- C:\Users\Mouzaoui\Desktop\backups
[2010/05/21 17:12:30 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/05/21 17:12:29 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CF4802.exe
[2010/05/21 17:12:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\swsc.exe
[2010/05/20 23:26:16 | 000,198,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCI32.OCX
[2010/05/20 23:26:12 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2010/05/14 14:37:09 | 000,000,000 | ---D | C] -- C:\Users\Mouzaoui\AppData\Roaming\OpenOffice.org
[2010/05/14 14:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/05/14 14:29:56 | 000,000,000 | ---D | C] -- C:\Users\Mouzaoui\Desktop\OpenOffice.org 3.2 (fr) Installation Files
[2010/05/12 14:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/12 14:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/05/12 14:14:24 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/05/12 14:14:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/05/12 14:14:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/05/12 14:14:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/05/02 21:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/04/27 23:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/04/27 23:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010/04/27 23:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2008/07/22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/05/27 14:10:50 | 021,233,664 | -HS- | M] () -- C:\Users\Mouzaoui\ntuser.dat
[2010/05/27 14:06:39 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Mouzaoui\Desktop\OTL.exe
[2010/05/27 13:54:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/27 13:33:12 | 001,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/27 13:33:12 | 000,669,328 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/05/27 13:33:12 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/27 13:33:12 | 000,123,350 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/05/27 13:33:12 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/27 13:26:51 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/05/27 13:26:47 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/27 13:26:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/27 13:26:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/27 13:26:39 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/27 13:26:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/27 13:25:48 | 3219,603,456 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/27 13:25:46 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010/05/27 03:06:17 | 000,524,288 | -HS- | M] () -- C:\Users\Mouzaoui\ntuser.dat{2c48a3a1-43ed-11df-b3cb-001d72b240fb}.TMContainer00000000000000000001.regtrans-ms
[2010/05/27 03:06:17 | 000,065,536 | -HS- | M] () -- C:\Users\Mouzaoui\ntuser.dat{2c48a3a1-43ed-11df-b3cb-001d72b240fb}.TM.blf
[2010/05/27 03:06:09 | 002,754,998 | -H-- | M] () -- C:\Users\Mouzaoui\AppData\Local\IconCache.db
[2010/05/26 14:29:40 | 000,049,152 | ---- | M] () -- C:\Users\Mouzaoui\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/26 12:55:16 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/05/24 23:04:13 | 000,518,656 | ---- | M] (OldTimer Tools) -- C:\Users\Mouzaoui\Desktop\OTM.exe
[2010/05/24 20:59:08 | 466,329,980 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/05/21 17:12:11 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CF4802.exe
[2010/05/16 20:32:39 | 000,724,648 | ---- | M] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 024.jpg
[2010/05/16 20:27:05 | 000,797,077 | ---- | M] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 061.jpg
[2010/05/16 20:23:12 | 000,755,854 | ---- | M] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 056.jpg
[2010/05/16 20:16:53 | 000,805,730 | ---- | M] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 053.jpg
[2010/05/16 20:16:43 | 000,855,904 | ---- | M] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 058.jpg
[2010/05/15 12:50:14 | 000,077,240 | ---- | M] () -- C:\Users\Mouzaoui\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/15 12:49:10 | 000,321,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/05/14 14:32:14 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010/05/13 18:43:59 | 000,000,032 | ---- | M] () -- C:\Windows\go
[2010/05/12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/05/09 17:07:03 | 000,000,498 | ---- | M] () -- C:\Users\Mouzaoui\AppData\Roaming\wklnhst.dat
[2010/05/09 17:06:29 | 000,071,168 | ---- | M] () -- C:\Users\Mouzaoui\Documents\DossierBelinda.wps
[2010/05/05 16:38:26 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010/05/05 16:38:26 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010/04/30 12:51:50 | 000,002,487 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/04/30 12:51:44 | 000,002,463 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/04/30 12:50:59 | 000,002,413 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/05/24 14:38:40 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/05/16 20:31:40 | 000,724,648 | ---- | C] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 024.jpg
[2010/05/16 20:26:01 | 000,797,077 | ---- | C] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 061.jpg
[2010/05/16 20:20:38 | 000,755,854 | ---- | C] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 056.jpg
[2010/05/16 20:14:38 | 000,805,730 | ---- | C] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 053.jpg
[2010/05/16 20:14:24 | 000,855,904 | ---- | C] () -- C:\Users\Mouzaoui\Desktop\ouahiba maison et mariage 058.jpg
[2010/05/14 14:32:14 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010/05/13 18:43:59 | 000,000,032 | ---- | C] () -- C:\Windows\go
[2009/10/29 20:25:21 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/10/22 17:56:30 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/05/12 19:53:39 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/05/12 19:53:39 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/05/12 19:16:21 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/05/12 19:07:28 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/11 00:32:33 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2006/10/11 00:32:33 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]<     %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2007/01/12 22:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\Cyberlink\PowerDirector\EventLog.dll
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\ERDNT\cache\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVRD32.SYS  >[/color]
[2008/01/25 14:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) MD5=0D15327134E5871C922760ACD7449E84 -- C:\ACER\Preload\Autorun\DRV\nVidia Chipset MCP78PV\IDE\WinVista\sataraid\nvrd32.sys
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\ERDNT\cache\scecli.dll
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]<     %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]<     %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/01/21 04:33:49 | 001,386,496 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\msvbvm60.dll
[2008/01/21 04:34:26 | 000,242,744 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2008/01/21 04:34:22 | 000,225,792 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
 
[color=#A23BEC]<     %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
< End of report >


Extras.txt

Code: Tout sélectionner

OTL Extras logfile created on: 27/05/2010 14:07:37 - Run 1
OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\Mouzaoui\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,03 Gb Total Space | 22,83 Gb Free Space | 16,19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 141,06 Gb Total Space | 140,96 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-MOUZAOUI
Current User Name: Mouzaoui
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15446741-62DD-4CBF-9EA1-947D4042C672}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{191D9921-9D56-4FF3-AF06-1F6CE8B8D9BF}" = rport=445 | protocol=6 | dir=out | app=system |
"{3B2A71E6-6D76-4FE0-8489-A3EA02754C5D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{453E9B3A-21C6-4786-A3AC-144EB8A0B054}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47A7526B-9D06-4142-BB69-0C3931EBE555}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{66E7C9A9-B475-4381-89FC-66207068DDFE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{87156997-6A47-4689-81B8-7AC457474A7A}" = rport=137 | protocol=17 | dir=out | app=system |
"{927158E9-A5EB-439E-A46C-4DE5277C9051}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{92FD5C76-968D-42A0-AFE6-4513E4C19041}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5463713-9B65-44F0-9BAE-BA35B5B50EE3}" = lport=138 | protocol=17 | dir=in | app=system |
"{AC660BDA-A28D-4BA1-A80E-A439CEB6ADE5}" = lport=137 | protocol=17 | dir=in | app=system |
"{B1262E8F-8B6A-47E0-BD04-D8697ADFFE4A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B7690D6D-7BBD-4383-A20B-721C8CC14C8A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B8FA4A87-48A3-4101-A1DD-E2D99A1247C0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CBCF6BE5-00AC-4830-A516-B122D926ADD4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CE13111F-18A2-4E8F-979B-6D0B18CF1D76}" = lport=445 | protocol=6 | dir=in | app=system |
"{DD73F1A7-6C60-4D2D-963C-F992BEEF8B35}" = lport=139 | protocol=6 | dir=in | app=system |
"{E2C2F56D-2787-4E45-8009-41CAD1055EE5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E60DADA3-B64D-4386-BB8D-3554B099B860}" = rport=138 | protocol=17 | dir=out | app=system |
"{FDE70B10-3559-42BB-AF1B-336D24214AE8}" = rport=139 | protocol=6 | dir=out | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1943FF54-432F-4B28-A117-1BD686B22B0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1BA571C0-E388-4486-BAA6-7417C35119EB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2E67B348-332B-4693-B35A-B881D17C637C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{449A640D-46EA-41E4-8D0B-DA82B135B22E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{514999C6-0ACD-41F3-9C36-59FF44C1BAE0}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{575DCBD0-F1DA-4515-A789-543EF1E64F87}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5891FE6D-92DE-46DD-A10D-A664C91BBA60}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5CFAD744-915B-4F15-8DEA-B7244EC4EBD8}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{65A8A8B1-A094-40E7-8C71-39660035F563}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{726EBDFD-BD05-4FBD-8217-24BE7CD31641}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8275CD3F-1453-4C44-A1F3-8C90FF18ED20}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{95A5B6F1-AB4A-4C0F-B316-3D358944C376}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{96094FA4-2F4F-48CF-BC74-EF42C5F6461C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9773C304-2055-4323-B6F9-58F8A64358B0}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{A2833FA7-F393-4028-90D9-94D8954EB299}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{A3381893-2AA0-4938-A355-21044CC1FD38}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AA097394-2D5A-4B89-A22C-D684290F69B8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{C3B20FE4-45DD-42B1-B4A0-9F9D26D864E1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CB9E5854-5318-40EB-8830-D80F130B6A84}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{CEF014E1-D37F-43B2-AEAB-C17DF9D9C4E6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D524B666-426E-4355-A20B-3E0CCE69D1E2}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2010\fm.exe |
"{D6ADAA43-FB47-4EE8-B085-ECF97F8CB172}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{E6598C06-23F9-45A7-AA87-F69F70F6DE5D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{EC0EF314-8E96-4A11-A92C-E9C4A7EC89AF}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{EDB33866-A0F7-45A4-B124-A98EBB3C4029}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2010\fm.exe |
"TCP Query User{D089B0B7-3C57-4D79-9FE8-FD3FA6529B6D}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{DE3C1BD4-EF46-4096-9491-A821543FDF9C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{EBE9C9A2-192C-4FAA-A0F5-1C83638D9409}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3047F385-0704-4408-92B7-D3F2BD6AB931}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{31184A6B-08EE-4148-B1ED-904E7C6DF0E3}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{414FBEA5-A0E6-411F-94EC-4441CF69F339}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 7.0 with 5.1ch
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81baadb6-33ba-453d-b566-74b8d159dada}" = Nero 9 Trial
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97B3824E-B2D2-4C49-A860-BCA56F10B040}" = OpenOffice.org 3.2
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.3 - Français
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector (Acer DT)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D9267488-4DC9-4D6B-866D-40E19A23CC04}_is1" = 9Giga Synchro v2.9.2
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F429ED71-4A8B-457A-85E4-F6398CE73E58}" = AV Input Selection
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ares" = Ares 2.1.1
"Ask.com Search Assistant" = Ask.com Search Assistant 1.0.2
"AviSynth" = AviSynth 2.5
"BlingeeTb.BlingeeTbToolbar" = Blingee Toolbar
"Celebrity Toolbar" = Celebrity Toolbar
"CFWebAdvancedU" = CamfrogWEB Advanced ActiveX Plugin (remove only)
"Football Manager 2010" = Football Manager 2010
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector (Acer DT)
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"lvdrivers_12.0" = Coffret de pilotes Logitech Webcam Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"NVIDIA Drivers" = NVIDIA Drivers
"SFR_Kit" = SFR - Kit de connexion
"Uninstall_is1" = Uninstall 1.0.0.0
"Veetle TV" = Veetle TV 0.9.15
"Videora iPhone Converter" = Videora iPhone Converter 5.03
"VLC media player" = VLC media player 1.0.2
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Logiciel d'archivage WinRAR
"YouTube Downloader App" = YouTube Downloader App 2.03
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 12/05/2010 07:47:03 | Computer Name = PC-de-Mouzaoui | Source = WinMgmt | ID = 10
Description =
 
Error - 12/05/2010 10:23:57 | Computer Name = PC-de-Mouzaoui | Source = WinMgmt | ID = 10
Description =
 
Error - 13/05/2010 05:37:18 | Computer Name = PC-de-Mouzaoui | Source = WinMgmt | ID = 10
Description =
 
Error - 13/05/2010 12:44:05 | Computer Name = PC-de-Mouzaoui | Source = Application Error | ID = 1000
Description = Application défaillante hideippla.exe, version 3.5.0.0, horodatage
 0x2a425e19, module défaillant kernel32.dll, version 6.0.6001.18215, horodatage
0x49953395, code d’exception 0xc0000005, décalage d’erreur 0x000bf395,  ID du processus
 0x13d0, heure de début de l’application 0x01caf2bb7bf57350.
 
Error - 13/05/2010 15:14:48 | Computer Name = PC-de-Mouzaoui | Source = Application Error | ID = 1000
Description = Application défaillante Skype.exe, version 4.1.0.179, horodatage 0x4acf0be1,
 module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception
 0xc0000005, décalage d’erreur 0x000000c0,  ID du processus 0x584, heure de début
de l’application 0x01caf27fb311fd3f.
 
Error - 14/05/2010 06:40:06 | Computer Name = PC-de-Mouzaoui | Source = WinMgmt | ID = 10
Description =
 
Error - 14/05/2010 18:57:32 | Computer Name = PC-de-Mouzaoui | Source = Application Error | ID = 1000
Description = Application défaillante firefox.exe, version 1.9.1.3726, horodatage
 0x4b9e5a0c, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x00000000,  ID du processus 0x1448,
 heure de début de l’application 0x01caf39614537c20.
 
Error - 14/05/2010 18:57:34 | Computer Name = PC-de-Mouzaoui | Source = Application Error | ID = 1000
Description = Application défaillante firefox.exe, version 1.9.1.3726, horodatage
 0x4b9e5a0c, module défaillant NPSWF32.dll, version 10.0.42.34, horodatage 0x4ae7bd0e,
 code d’exception 0xc0000005, décalage d’erreur 0x002e8b21,  ID du processus 0x1448,
 heure de début de l’application 0x01caf39614537c20.
 
Error - 15/05/2010 06:50:34 | Computer Name = PC-de-Mouzaoui | Source = WinMgmt | ID = 10
Description =
 
Error - 15/05/2010 10:03:03 | Computer Name = PC-de-Mouzaoui | Source = Application Error | ID = 1000
Description = Application défaillante firefox.exe, version 1.9.1.3726, horodatage
 0x4b9e5a0c, module défaillant xul.dll, version 1.9.1.3726, horodatage 0x4b9e59d7,
 code d’exception 0xc0000005, décalage d’erreur 0x001c8f1f,  ID du processus 0x14bc,
 heure de début de l’application 0x01caf430e910cb80.
 
[ System Events ]
Error - 24/05/2010 15:00:03 | Computer Name = PC-de-Mouzaoui | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 20:56:58 le 24/05/2010 n'était pas prévu.
 
Error - 24/05/2010 15:00:06 | Computer Name = PC-de-Mouzaoui | Source = HTTP | ID = 15016
Description =
 
Error - 24/05/2010 17:02:10 | Computer Name = PC-de-Mouzaoui | Source = Service Control Manager | ID = 7011
Description =
 
Error - 24/05/2010 17:05:18 | Computer Name = PC-de-Mouzaoui | Source = Service Control Manager | ID = 7034
Description =
 
Error - 24/05/2010 17:09:27 | Computer Name = PC-de-Mouzaoui | Source = HTTP | ID = 15016
Description =
 
Error - 25/05/2010 05:26:13 | Computer Name = PC-de-Mouzaoui | Source = HTTP | ID = 15016
Description =
 
Error - 25/05/2010 06:56:33 | Computer Name = PC-de-Mouzaoui | Source = Service Control Manager | ID = 7034
Description =
 
Error - 25/05/2010 06:59:13 | Computer Name = PC-de-Mouzaoui | Source = HTTP | ID = 15016
Description =
 
Error - 26/05/2010 05:57:10 | Computer Name = PC-de-Mouzaoui | Source = HTTP | ID = 15016
Description =
 
Error - 27/05/2010 07:26:39 | Computer Name = PC-de-Mouzaoui | Source = HTTP | ID = 15016
Description =
 
 
< End of report >


[bernard53]

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

Code: Tout sélectionner

:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"   
FF - prefs.js..browser.search.order.1: "Ask.com"
[2010/01/10 17:16:17 | 000,000,000 | ---D | M] -- C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com   
[2010/01/10 17:16:17 | 000,002,256 | ---- | M] () -- C:\Users\Mouzaoui\AppData\Roaming\Mozilla\FireFox\Profiles\9dh9mpaw.default\searchplugins\askcom.xml 
O2 - BHO: (MHTBPos00 Class) - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Celebrity Toolbar\tbcore3.dll () 
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (CMySite Class) - {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll ()
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (Celebrity Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Celebrity Toolbar\tbcore3.dll () 
O3 - HKCU\..\Toolbar\WebBrowser: (Celebrity Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Celebrity Toolbar\tbcore3.dll ()
O18 - Protocol\Handler\mhtb {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll ()   

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}"=-
"Ask.com Search Assistant"=-
"Celebrity Toolbar"=-

 :Files
C:\Program Files\mozilla firefox\components\mhxpcom.dll     
:Commands
[emptytemp]
 


* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

[dz.malek]

Code: Tout sélectionner

All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-10-Jan-2010-15-16-17-GMT folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\mozilla\Firefox\Profiles\9dh9mpaw.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\Mouzaoui\AppData\Roaming\Mozilla\FireFox\Profiles\9dh9mpaw.default\searchplugins\askcom.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C37B053-FD68-456a-82E1-D788EE342E6F}\ deleted successfully.
C:\Program Files\Celebrity Toolbar\tbcore3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E}\ deleted successfully.
C:\Program Files\Celebrity Toolbar\mhxpcomi.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}\ deleted successfully.
File C:\Program Files\Celebrity Toolbar\tbcore3.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}\ not found.
File C:\Program Files\Celebrity Toolbar\tbcore3.dll not found.
File C:\Program Files\Celebrity Toolbar\mhxpcomi.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mhtb\ deleted successfully.
Invalid CLSID key: C:\Program Files\Celebrity Toolbar\mhxpcomi.dll
File C:\Program Files\Celebrity Toolbar\mhxpcomi.dll not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] not found.
File ptytemp] not found.
 
OTL by OldTimer - Version 3.2.5.0 log created on 05292010_140723

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


[bernard53]

Très bien

fait juste ceci pour terminer et après dis moi si tout va bien.


Télécharge CCLEANER

TUTO

Fait un nettoyage comme cela :

**Décoche la case dans Options –avancé- Effacer uniquement les fichiers, du dossier temp de Windows : plus vieux que 24 Heures

Recocher cette case une fois le premier nettoyage effectué

1-Élimine les fichiers temporaires et les traces ( onglet nettoyeur ) que vous laissez en naviguant sur Internet ou bien en ouvrant simplement des fichiers avec n'importe quel logiciel sous Windows : le Lecteur Windows Media, Emule, Office, Nero, Adobe Reader, etc.


Puis::


Installe Malewarebytes' Antimalware,
Téléchargement

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.