Il y a actuellement 451 visiteurs
Jeudi 21 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

[Réglé] [Virus] Antivirus Action bloquant les programmes

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
Répondre

[Réglé] [Virus] Antivirus Action bloquant les programmes

Message le 04 Déc 2010 23:33

Bonsoir à tous,

Je viens d'avoir un soucis de virus sur mon pc fixe, après avoir télécharger un wallpaper.

Il s'agit d'un virus qui bloque le lancement des programmes, et qui m'empêche d'aller sur internet: En effet, lorsque Chrome ou Firefox, la seule page qui s'affiche c'est une page qui me propose un anti-virus, mais bon je ne suis pas un lapin de 6 semaines... :-?

Après une recherche sur google je suis tombé sur ce forum qui a l'air d'avoir une communauté active et qui s'entraide, c'est pourquoi je me suis inscrit.
Je suis tombé sur un topic de quelqu'un qui a eu le même problème que moi, c'est pourquoi je vais vous poster les informations nécessaires. (virus-antivirus-action-bloque-vt-53644.html)

Merci pour l'aide que vous m'apporterez ! :)

Code: Tout sélectionner
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:28:06, on 04/12/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Safe mode

Running processes:
C:\Users\Jonathan\Desktop\Sniffle.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:43902
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files (x86)\OrangeHSS\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Menu Orange IE - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files (x86)\OrangeHSS\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [Echovoice Gamer Statistics] C:\Program Files (x86)\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [orangeinside] C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [BA2Config] "C:\Program Files (x86)\BeAnywhere Personal Edition\Server\BA2ServCnfg.exe" -silent
O4 - HKCU\..\Run: [iycgcfai] C:\Users\Jonathan\AppData\Local\Temp\grlpamxpu\thuhvplaffm.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html
O8 - Extra context menu item: envoyer par sms - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html
O8 - Extra context menu item: envoyer un mail - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html
O8 - Extra context menu item: orange.fr - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html
O8 - Extra context menu item: traduire la page - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://logicielsgratuits.orange.fr
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: BeAnyWhere Personal Edition Server (BA2Server) - MN - C:\Program Files (x86)\BeAnywhere Personal Edition\Server\BA2Serv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\x64\maconfservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Orange update Core Service - Unknown owner - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files (x86)\SigmaTel\C-Major Audio\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11848 bytes


J'ai aussi effectué un malwarebyte, il y avait 13 fichiers infectés que j'ai retiré, mais j'ai oublié d'en copier le rapport. Sachant que le problème est resté même après avoir supprimé ces 13 éléments..

J'en relance un au moment où j'écris ce topic, pour voir s'il en reste, si oui je posterais le nouveau rapport malwarebyte.

Merci encore,

Pichouille
pichouille
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 20
Inscription: 04 Déc 2010 23:13
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 04 Déc 2010 23:53

hello,

refais un scan Malwarebyte, mais en mode sans échec et poste le rapport stp... :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 00:04

Je l'avais fais en mode sans echec :wink: et je viens de me rendre compte que le rapport de toute à l'heure était enregistré dans les logs, ce qui me permet de vous le montrer (la deuxième analyse n'a rien donné, 0 fichier infecté)

pour le 1er rapport malwarebyte, le voici

Code: Tout sélectionner
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5214

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

04/12/2010 22:43:08
mbam-log-2010-12-04 (22-43-08).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 287519
Temps écoulé: 27 minute(s), 18 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{90A52F08-64AC-4DC6-9D7D-4516670275D3} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6C51F7E9-8542-4F25-A30F-2060157752E1} (Trojan.Downloader) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{B922D405-6D13-4A2B-AE89-08A030DA4402} (Adware.WidgiToolbar) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} (Adware.WidgiToolbar) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\program files (x86)\pdfforge toolbar\IE\4.1\pdfforgetoolbarie.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\program files (x86)\pdfforge toolbar\widgihelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully.


Ce sont ces éléments là que j'ai supprimé tout à l'heure

merci
pichouille
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 20
Inscription: 04 Déc 2010 23:13
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 00:22

mouai,

il en reste une pelleté, sans parler du proxi installé qui redirige tes recherches internet :roll:

fais cela stp...


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

Si otl ne se lance pas, copie la citation à utiliser dans un fichier.txt et fait cette manip en mode sans échec :wink:


* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
userinit.exe
winlogon.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles


* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 00:46

Voici le rapport OTL:

Code: Tout sélectionner
OTL logfile created on: 05/12/2010 00:34:27 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Jonathan\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 31,85 Gb Free Space | 13,68% Space Free | Partition Type: NTFS
Drive E: | 994,02 Mb Total Space | 204,49 Mb Free Space | 20,57% Space Free | Partition Type: FAT32
 
Computer Name: JONATHAN-PC | User Name: Jonathan | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Jonathan\Desktop\OTL.exe (OldTimer Tools)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Jonathan\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (maconfservice) -- C:\Program Files\ma-config.com\x64\maconfservice.exe (CybelSoft)
SRV:[b]64bit:[/b] - (LVPrcS64) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:[b]64bit:[/b] - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:[b]64bit:[/b] - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Orange update Core Service) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FTRTSVC) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
SRV - (STacSV) -- C:\Program Files (x86)\SigmaTel\C-Major Audio\WDM\stacsv64.exe (SigmaTel, Inc.)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (driverhardwarev2x64) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (CybelSoft)
DRV:[b]64bit:[/b] - (LVUVC64) Logitech Webcam 200(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:[b]64bit:[/b] - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:[b]64bit:[/b] - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:[b]64bit:[/b] - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:[b]64bit:[/b] - (e1express) Pilote de la connexion réseau Intel(R) -- C:\Windows\SysNative\drivers\e1e6032e.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (WPN111) -- C:\Windows\SysNative\drivers\WPN111vx.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (STHDA) SigmaTel High Definition Audio CODEC (for 64-bit Windows) -- C:\Windows\SysNative\drivers\stwrt64.sys (SigmaTel, Inc.)
DRV:[b]64bit:[/b] - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:[b]64bit:[/b] - (PCAMp50a64) -- C:\Windows\SysNative\drivers\PCAMp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:[b]64bit:[/b] - (PCASp50a64) -- C:\Windows\SysNative\drivers\PCASp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
IE - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files (x86)\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:43902
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.startup.homepage: "www.google.fr"
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: menu_contextuel_orange@orange.fr:1.0
FF - prefs.js..extensions.enabledItems: {4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}:1.2.1.0
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1
FF - prefs.js..keyword.URL: "http://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata="
 
FF - user.js..keyword.URL: "http://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/03 21:59:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/18 19:18:50 | 000,000,000 | ---D | M]
 
[2010/01/05 14:46:59 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\mozilla\Extensions
[2010/12/03 19:18:05 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\mozilla\Firefox\Profiles\me4oefk1.default\extensions
[2010/09/29 19:19:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonathan\AppData\Roaming\mozilla\Firefox\Profiles\me4oefk1.default\extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}
[2010/12/04 22:45:09 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\mozilla\Firefox\Profiles\me4oefk1.default\extensions\menu_contextuel_orange@orange.fr
[2010/10/01 00:20:40 | 000,001,132 | ---- | M] () -- C:\Users\Jonathan\AppData\Roaming\Mozilla\FireFox\Profiles\me4oefk1.default\searchplugins\orange.xml
[2010/11/22 23:50:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/01 00:43:27 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/10/01 00:43:27 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/01 00:43:27 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/10/01 00:43:27 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/10/01 00:43:27 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2010/01/21 12:35:24 | 000,373,677 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.1-2005-search.com
O1 - Hosts: 127.0.0.1   1-2005-search.com
O1 - Hosts: 127.0.0.1   123fporn.info
O1 - Hosts: 12875 more lines...
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray64.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Echovoice Gamer Statistics] C:\Program Files (x86)\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe (Echovoice)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files (x86)\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000..\Run: [BA2Config] C:\Program Files (x86)\BeAnywhere Personal Edition\Server\BA2ServCnfg.exe (MN)
O4 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000..\Run: [iycgcfai] C:\Users\Jonathan\AppData\Local\Temp\grlpamxpu\thuhvplaffm.exe ()
O4 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000..\Run: [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe ()
O4 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000..\Run: [orangeinside] C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (Orange)
O4 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html ()
O8:[b]64bit:[/b] - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()
O8:[b]64bit:[/b] - Extra context menu item: envoyer par sms - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html ()
O8:[b]64bit:[/b] - Extra context menu item: envoyer un mail - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html ()
O8:[b]64bit:[/b] - Extra context menu item: orange.fr - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html ()
O8:[b]64bit:[/b] - Extra context menu item: rechercher le texte sélectionné - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()
O8:[b]64bit:[/b] - Extra context menu item: traduire la page - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html ()
O8:[b]64bit:[/b] - Extra context menu item: traduire le texte sélectionné - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html ()
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()
O8 - Extra context menu item: envoyer par sms - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html ()
O8 - Extra context menu item: envoyer un mail - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html ()
O8 - Extra context menu item: orange.fr - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html ()
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()
O8 - Extra context menu item: traduire la page - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html ()
O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\..Trusted Domains: mappy.com ([]http in Sites de confiance)
O15 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\..Trusted Domains: orange.fr ([]http in Sites de confiance)
O15 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\..Trusted Domains: orange.fr ([logicielsgratuits] http in Sites de confiance)
O15 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\..Trusted Domains: voila.fr ([rw.search.ke] http in Sites de confiance)
O15 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\..Trusted Domains: weborama.fr ([orange] http in Sites de confiance)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
 
SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
 
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/12/05 00:32:27 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jonathan\Desktop\OTL.exe
[2010/12/04 23:26:55 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jonathan\Desktop\Sniffle.exe
[2010/12/04 20:58:31 | 000,000,000 | ---D | C] -- C:\Users\Jonathan\AppData\Roaming\Malwarebytes
[2010/12/04 20:58:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/04 20:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/04 20:58:24 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/12/04 20:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/12/04 20:58:07 | 007,622,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Jonathan\Desktop\mbam-setup.exe
[2010/12/04 11:53:07 | 000,000,000 | ---D | C] -- C:\Users\Jonathan\Desktop\Visual Boy Advance 1.8.0-beta
[2010/11/29 20:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/29 20:01:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/29 20:01:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/11/22 19:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2010/11/22 19:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2010/11/22 19:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2010/11/17 23:28:54 | 000,000,000 | ---D | C] -- C:\Users\Jonathan\Desktop\Eve_-_Scorpion
[2010/11/15 20:29:31 | 020,284,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2010/11/15 20:29:31 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2010/11/15 20:29:31 | 012,788,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2010/11/15 20:29:31 | 010,023,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2010/11/15 20:29:31 | 006,471,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2010/11/15 20:29:31 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2010/11/15 20:29:31 | 003,112,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2010/11/15 20:29:31 | 002,934,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2010/11/15 20:29:31 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2010/11/15 20:29:31 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2010/11/15 20:29:31 | 001,500,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642050.dll
[2010/11/15 20:29:31 | 001,308,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642030.dll
[2010/11/15 20:29:31 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/11/15 20:29:31 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/11/15 20:29:28 | 018,597,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2010/11/15 20:29:28 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2010/11/15 20:29:28 | 000,386,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2010/11/15 20:29:28 | 000,319,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2010/11/15 20:29:28 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2010/11/14 14:11:53 | 000,000,000 | ---D | C] -- C:\Users\Jonathan\Desktop\AAX
[2010/11/08 18:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!
[2010/11/07 20:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Messenger Plus! Live
[2010/11/06 03:22:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mumble
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/12/05 00:28:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jonathan\Desktop\OTL.exe
[2010/12/04 23:25:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/04 23:25:54 | 3166,666,752 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/04 23:15:50 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jonathan\Desktop\Sniffle.exe
[2010/12/04 22:55:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1826348875-3878325811-1754474202-1000UA.job
[2010/12/04 22:52:27 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 22:52:27 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 22:44:23 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2010/12/04 21:01:39 | 001,557,478 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/04 21:01:39 | 000,706,998 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2010/12/04 21:01:39 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/04 21:01:39 | 000,131,426 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2010/12/04 21:01:39 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/04 20:58:27 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/04 20:57:30 | 007,622,120 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Jonathan\Desktop\mbam-setup.exe
[2010/12/04 18:55:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1826348875-3878325811-1754474202-1000Core.job
[2010/12/04 13:22:16 | 000,131,072 | ---- | M] () -- C:\Users\Jonathan\Desktop\Pokémon Version Rouge Feu.sav
[2010/12/04 12:19:46 | 000,001,346 | ---- | M] () -- C:\Users\Jonathan\Desktop\GBA.lnk
[2010/12/04 11:52:51 | 016,777,216 | ---- | M] () -- C:\Users\Jonathan\Desktop\Pokémon Version Rouge Feu.gba
[2010/12/03 18:44:24 | 000,018,052 | ---- | M] () -- C:\Users\Jonathan\Desktop\leçon de paint pour manu.png
[2010/11/30 21:12:38 | 000,068,137 | ---- | M] () -- C:\Users\Jonathan\Desktop\154751_1676238033343_1459255029_3496822_1903111_n.jpg
[2010/11/29 23:08:40 | 000,007,219 | ---- | M] () -- C:\Users\Jonathan\Desktop\FDSF.png
[2010/11/29 22:42:40 | 000,016,469 | ---- | M] () -- C:\Users\Jonathan\Desktop\mail.docx
[2010/11/29 20:02:08 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/22 23:40:08 | 003,325,788 | ---- | M] () -- C:\Users\Jonathan\Desktop\CODIR 1 - 23 NOVEMBRE 2010 v2.docx
[2010/11/22 23:13:36 | 000,624,939 | ---- | M] () -- C:\Users\Jonathan\Desktop\demande tupperware.pdf
[2010/11/22 23:12:06 | 002,219,008 | ---- | M] () -- C:\Users\Jonathan\Desktop\demande tupperware.pub
[2010/11/22 22:58:15 | 004,645,393 | ---- | M] () -- C:\Users\Jonathan\Desktop\Codir Version Finale - Copie.pptx
[2010/11/22 21:38:24 | 000,010,677 | ---- | M] () -- C:\Users\Jonathan\Desktop\pj.docx
[2010/11/22 21:24:44 | 004,478,913 | ---- | M] () -- C:\Users\Jonathan\Desktop\Codir Version Finale.pptx
[2010/11/20 15:07:41 | 003,253,993 | ---- | M] () -- C:\Users\Jonathan\Desktop\Codir.pptx
[2010/11/20 15:07:41 | 003,253,993 | ---- | M] () -- C:\Users\Jonathan\Desktop\Codir - Copie.pptx
[2010/11/20 14:33:46 | 003,322,437 | ---- | M] () -- C:\Users\Jonathan\Desktop\CODIR 1 - 23 NOVEMBRE 2010 (vf).docx
[2010/11/19 00:25:17 | 000,614,384 | ---- | M] () -- C:\Users\Jonathan\Desktop\demande tup.pdf
[2010/11/18 22:56:39 | 000,004,654 | ---- | M] () -- C:\Users\Jonathan\.recently-used.xbel
[2010/11/18 22:09:59 | 000,305,664 | ---- | M] () -- C:\Users\Jonathan\Desktop\Emilie Royer - Cofiroute CV.doc
[2010/11/16 20:18:54 | 000,000,050 | ---- | M] () -- C:\Windows\MegaManager.INI
[2010/11/15 16:07:29 | 000,002,753 | ---- | M] () -- C:\Users\Jonathan\Desktop\Microsoft Office Word 2007.lnk
[2010/11/15 11:56:25 | 000,010,521 | ---- | M] () -- C:\Users\Jonathan\Desktop\Classeur1.xlsx
[2010/11/15 11:30:42 | 000,010,949 | ---- | M] () -- C:\Users\Jonathan\Desktop\allergy.docx
[2010/11/14 13:09:32 | 000,065,804 | ---- | M] () -- C:\Users\Jonathan\Desktop\ffd.jpg
[2010/11/14 00:37:32 | 001,966,144 | ---- | M] () -- C:\Users\Jonathan\Desktop\IMG_0363.JPG
[2010/11/12 13:32:37 | 000,070,144 | ---- | M] () -- C:\Users\Jonathan\Desktop\projet_de_stage_jonathan_pichon.doc
[2010/11/12 13:21:15 | 000,067,584 | ---- | M] () -- C:\Users\Jonathan\Desktop\dfinir mon projet de stage EGC3 2010-11 (1).doc
[2010/11/09 19:29:56 | 000,423,854 | ---- | M] () -- C:\Users\Jonathan\Desktop\loll.png
[2010/11/08 19:28:03 | 000,052,910 | ---- | M] () -- C:\Users\Jonathan\Desktop\sdfdsf.png
[2010/11/07 20:23:32 | 000,050,176 | ---- | M] () -- C:\Users\Jonathan\Desktop\CV actualisé.doc
[2010/11/07 15:57:49 | 000,030,720 | ---- | M] () -- C:\Users\Jonathan\Documents\Pichon 22 Ans Jonathan.doc
[2010/11/06 03:22:43 | 000,002,391 | ---- | M] () -- C:\Users\Jonathan\Documents\MumbleAutomaticCertificateBackup.p12
[2010/11/06 03:22:39 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Mumble.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/12/04 20:58:27 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/04 12:19:46 | 000,001,346 | ---- | C] () -- C:\Users\Jonathan\Desktop\GBA.lnk
[2010/12/04 12:00:21 | 000,131,072 | ---- | C] () -- C:\Users\Jonathan\Desktop\Pokémon Version Rouge Feu.sav
[2010/12/04 11:50:42 | 016,777,216 | ---- | C] () -- C:\Users\Jonathan\Desktop\Pokémon Version Rouge Feu.gba
[2010/12/03 18:44:23 | 000,018,052 | ---- | C] () -- C:\Users\Jonathan\Desktop\leçon de paint pour manu.png
[2010/11/30 21:12:42 | 000,068,137 | ---- | C] () -- C:\Users\Jonathan\Desktop\154751_1676238033343_1459255029_3496822_1903111_n.jpg
[2010/11/29 23:08:40 | 000,007,219 | ---- | C] () -- C:\Users\Jonathan\Desktop\FDSF.png
[2010/11/29 20:27:13 | 000,016,469 | ---- | C] () -- C:\Users\Jonathan\Desktop\mail.docx
[2010/11/29 20:02:08 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/22 23:13:35 | 000,624,939 | ---- | C] () -- C:\Users\Jonathan\Desktop\demande tupperware.pdf
[2010/11/22 22:00:58 | 004,645,393 | ---- | C] () -- C:\Users\Jonathan\Desktop\Codir Version Finale - Copie.pptx
[2010/11/22 21:38:24 | 000,010,677 | ---- | C] () -- C:\Users\Jonathan\Desktop\pj.docx
[2010/11/22 21:23:41 | 004,478,913 | ---- | C] () -- C:\Users\Jonathan\Desktop\Codir Version Finale.pptx
[2010/11/22 19:55:49 | 003,325,788 | ---- | C] () -- C:\Users\Jonathan\Desktop\CODIR 1 - 23 NOVEMBRE 2010 v2.docx
[2010/11/21 20:08:36 | 003,253,993 | ---- | C] () -- C:\Users\Jonathan\Desktop\Codir - Copie.pptx
[2010/11/21 19:19:41 | 003,322,437 | ---- | C] () -- C:\Users\Jonathan\Desktop\CODIR 1 - 23 NOVEMBRE 2010 (vf).docx
[2010/11/20 15:01:12 | 003,253,993 | ---- | C] () -- C:\Users\Jonathan\Desktop\Codir.pptx
[2010/11/18 23:27:09 | 000,614,384 | ---- | C] () -- C:\Users\Jonathan\Desktop\demande tup.pdf
[2010/11/18 22:56:39 | 000,004,654 | ---- | C] () -- C:\Users\Jonathan\.recently-used.xbel
[2010/11/18 22:09:53 | 000,305,664 | ---- | C] () -- C:\Users\Jonathan\Desktop\Emilie Royer - Cofiroute CV.doc
[2010/11/18 20:20:26 | 002,219,008 | ---- | C] () -- C:\Users\Jonathan\Desktop\demande tupperware.pub
[2010/11/16 23:08:54 | 001,966,144 | ---- | C] () -- C:\Users\Jonathan\Desktop\IMG_0363.JPG
[2010/11/15 16:07:29 | 000,002,753 | ---- | C] () -- C:\Users\Jonathan\Desktop\Microsoft Office Word 2007.lnk
[2010/11/15 11:56:25 | 000,010,521 | ---- | C] () -- C:\Users\Jonathan\Desktop\Classeur1.xlsx
[2010/11/15 11:30:42 | 000,010,949 | ---- | C] () -- C:\Users\Jonathan\Desktop\allergy.docx
[2010/11/14 13:09:36 | 000,065,804 | ---- | C] () -- C:\Users\Jonathan\Desktop\ffd.jpg
[2010/11/12 13:21:32 | 000,070,144 | ---- | C] () -- C:\Users\Jonathan\Desktop\projet_de_stage_jonathan_pichon.doc
[2010/11/12 00:15:49 | 000,067,584 | ---- | C] () -- C:\Users\Jonathan\Desktop\dfinir mon projet de stage EGC3 2010-11 (1).doc
[2010/11/11 20:42:16 | 733,571,072 | ---- | C] () -- C:\Users\Jonathan\Desktop\Coach Carter.avi
[2010/11/11 20:40:10 | 734,621,696 | ---- | C] () -- C:\Users\Jonathan\Desktop\John Q.avi
[2010/11/11 20:34:33 | 733,753,344 | ---- | C] () -- C:\Users\Jonathan\Desktop\Push.avi
[2010/11/11 20:33:33 | 735,027,200 | ---- | C] () -- C:\Users\Jonathan\Desktop\Ladykillers.avi
[2010/11/09 19:26:54 | 000,423,854 | ---- | C] () -- C:\Users\Jonathan\Desktop\loll.png
[2010/11/08 19:28:03 | 000,052,910 | ---- | C] () -- C:\Users\Jonathan\Desktop\sdfdsf.png
[2010/11/07 15:59:46 | 000,050,176 | ---- | C] () -- C:\Users\Jonathan\Desktop\CV actualisé.doc
[2010/11/06 03:22:43 | 000,002,391 | ---- | C] () -- C:\Users\Jonathan\Documents\MumbleAutomaticCertificateBackup.p12
[2010/11/06 03:22:39 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Mumble.lnk
[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/09/27 18:32:09 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/09/27 18:30:29 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/07/27 07:03:20 | 010,829,656 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010/07/27 07:03:18 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010/02/24 11:46:22 | 000,000,017 | ---- | C] () -- C:\Users\Jonathan\AppData\Local\resmon.resmoncfg
[2010/01/07 10:14:33 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2010/01/02 12:25:09 | 001,551,984 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2000/01/20 09:42:08 | 000,334,848 | ---- | C] () -- C:\Windows\SysWow64\PCONVERTOR.DLL
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/04/08 19:01:09 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Audacity
[2010/11/07 15:25:14 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\CVitae
[2010/11/18 22:56:39 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\gtk-2.0
[2010/01/12 18:26:07 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Leadertech
[2010/01/06 19:25:09 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Megaupload
[2010/12/04 16:03:35 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Mumble
[2010/09/29 19:19:56 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Orange
[2010/09/03 15:37:01 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\runic games
[2010/09/27 19:46:57 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Samsung
[2010/10/04 07:12:24 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2010/10/07 18:44:24 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Adobe
[2010/05/04 10:21:26 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Apple Computer
[2010/04/08 19:01:09 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Audacity
[2010/11/07 15:25:14 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\CVitae
[2010/09/04 00:26:02 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\dvdcss
[2010/11/18 22:56:39 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\gtk-2.0
[2009/12/23 16:56:39 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Identities
[2009/12/23 18:05:16 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\InstallShield
[2010/01/12 18:26:07 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Leadertech
[2010/03/20 16:53:56 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Logishrd
[2010/03/20 16:53:36 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Logitech
[2009/12/23 17:28:15 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Macromedia
[2010/12/04 20:58:31 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Malwarebytes
[2009/07/14 16:35:18 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Media Center Programs
[2010/01/06 19:25:09 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Megaupload
[2010/05/03 10:41:00 | 000,000,000 | --SD | M] -- C:\Users\Jonathan\AppData\Roaming\Microsoft
[2010/12/02 00:08:59 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\mIRC
[2010/01/05 14:46:59 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Mozilla
[2010/12/04 16:03:35 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Mumble
[2010/09/29 19:19:56 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Orange
[2010/09/03 15:37:01 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\runic games
[2010/09/27 19:46:57 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Samsung
[2009/12/28 11:43:05 | 000,000,000 | RH-D | M] -- C:\Users\Jonathan\AppData\Roaming\SecuROM
[2010/12/01 23:33:09 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\Skype
[2010/12/01 20:19:32 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\skypePM
[2010/05/11 21:30:31 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\teamspeak2
[2010/10/07 17:22:58 | 000,000,000 | ---D | M] -- C:\Users\Jonathan\AppData\Roaming\vlc
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2010/05/04 22:17:11 | 000,319,488 | ---- | M] (Octoshape ApS) -- C:\Users\Jonathan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
[2010/01/12 18:26:00 | 000,010,134 | R--- | M] () -- C:\Users\Jonathan\AppData\Roaming\Microsoft\Installer\{2C4A5877-21D1-4A15-9D20-24BA54A24093}\ARPPRODUCTICON.exe
[2010/01/12 18:26:00 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\Jonathan\AppData\Roaming\Microsoft\Installer\{2C4A5877-21D1-4A15-9D20-24BA54A24093}\NewShortcut1_37AAFC8E02884C139BF635C30B25DC6C.exe
[2010/11/01 11:50:47 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Jonathan\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010/01/12 18:25:48 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Jonathan\AppData\Roaming\Microsoft\Installer\{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}\ARPPRODUCTICON.exe
[2010/10/03 17:28:03 | 000,010,134 | R--- | M] () -- C:\Users\Jonathan\AppData\Roaming\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\ARPPRODUCTICON.exe
[2010/10/03 17:28:03 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Jonathan\AppData\Roaming\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut1_EDA1C1F7F27E4B20B9BC39964452DBB1.exe
[2010/10/03 17:28:03 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Jonathan\AppData\Roaming\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut2_EDA1C1F7F27E4B20B9BC39964452DBB1.exe
[2010/09/29 19:19:49 | 000,155,932 | ---- | M] () -- C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\uninstall.exe
[2009/11/13 14:03:38 | 000,152,576 | ---- | M] () -- C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\install\Launch.exe
[2010/08/17 14:32:00 | 000,201,728 | ---- | M] () -- C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\install\Uninstall.exe
[2010/08/17 14:32:04 | 000,858,624 | ---- | M] (Orange) -- C:\Users\Jonathan\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2009/07/14 01:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysWow64\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys
[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysWow64\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys
[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysWow64\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys
[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]

< End of report >


et voici le rapport Extra:

Code: Tout sélectionner
OTL Extras logfile created on: 05/12/2010 00:34:27 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Jonathan\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 31,85 Gb Free Space | 13,68% Space Free | Partition Type: NTFS
Drive E: | 994,02 Mb Total Space | 204,49 Mb Free Space | 20,57% Space Free | Partition Type: FAT32
 
Computer Name: JONATHAN-PC | User Name: Jonathan | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1826348875-3878325811-1754474202-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files (x86)\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"C:\Program Files (x86)\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files (x86)\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9EA21438-935A-48F9-88D4-A0341406E12A}" = Ma-Config.com (64 bits)
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}" = Microsoft Antimalware Service FR-FR Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B6EFD9A5-2ECE-4C22-BAEC-D16E73EA2013}" = iTunes
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"lvdrivers_12.10" = Coffret de pilotes Logitech Webcam Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft Security Essentials" = Microsoft Security Essentials
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SP6" = Logitech SetPoint 6.15
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17
"{2C4A5877-21D1-4A15-9D20-24BA54A24093}" = Playlist tool
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{41BB38A4-ED84-4682-8329-042FEBD8C30B}" = Mega Manager
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{582E9125-32B6-4CBA-AB48-3E33CE3DB389}" = NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}" = Iomega Product Registration
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}" = pdfforge Toolbar v4.1
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.1.0" = Orange Installeur version 1.2.1.0
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}" = Montpellier Business Plan Classic
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AlerteGPS G200" = AlerteGPS G200
"AviSynth" = AviSynth 2.5
"BeAnyWhere Personal Edition Server" = BeAnyWhere Personal Edition Server
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"HijackThis" = HijackThis 2.0.2
"MailNotifier" = Notification Mail
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"mIRC" = mIRC
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mumble" = Mumble and Murmur
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OrangeUpdateManager" = Orange update
"PROPLUS" = Microsoft Office Professional Plus 2007
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Steam App 260" = Counter-Strike: Source Beta
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VLC media player" = VLC media player 1.1.4
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9C
"WinLiveSuite" = Windows Live
"WinRAR archiver" = Archiveur WinRAR
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-1826348875-3878325811-1754474202-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CVitaeV4" = CVitaeV4
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Orange Inside" = Orange Inside
"UnityWebPlayer" = Unity Web Player
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 04/12/2010 12:33:57 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
Error - 04/12/2010 12:43:23 | Computer Name = Jonathan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
 la vérification par rapport à l’horloge système en cours ou le tampon daté dans
 le fichier signé.  .
 
[ OSession Events ]
Error - 18/08/2010 07:23:39 | Computer Name = Jonathan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06/09/2010 13:36:53 | Computer Name = Jonathan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 12/09/2010 14:41:56 | Computer Name = Jonathan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 26/09/2010 11:28:50 | Computer Name = Jonathan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 03/10/2010 11:34:50 | Computer Name = Jonathan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 18/11/2010 18:04:34 | Computer Name = Jonathan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 04/12/2010 18:26:23 | Computer Name = Jonathan-PC | Source = Service Control Manager | ID = 7001
Description = Le service Service Liste des réseaux dépend du service Connaissance
 des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur :   %%1068
 
Error - 04/12/2010 18:26:23 | Computer Name = Jonathan-PC | Source = DCOM | ID = 10005
Description =
 
Error - 04/12/2010 18:26:23 | Computer Name = Jonathan-PC | Source = DCOM | ID = 10005
Description =
 
Error - 04/12/2010 18:26:24 | Computer Name = Jonathan-PC | Source = Service Control Manager | ID = 7001
Description = Le service Service Liste des réseaux dépend du service Connaissance
 des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur :   %%1068
 
Error - 04/12/2010 18:26:24 | Computer Name = Jonathan-PC | Source = Service Control Manager | ID = 7001
Description = Le service Service Liste des réseaux dépend du service Connaissance
 des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur :   %%1068
 
Error - 04/12/2010 18:26:24 | Computer Name = Jonathan-PC | Source = Service Control Manager | ID = 7001
Description = Le service Service Liste des réseaux dépend du service Connaissance
 des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur :   %%1068
 
Error - 04/12/2010 18:26:24 | Computer Name = Jonathan-PC | Source = Service Control Manager | ID = 7001
Description = Le service Service Liste des réseaux dépend du service Connaissance
 des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur :   %%1068
 
Error - 04/12/2010 18:26:24 | Computer Name = Jonathan-PC | Source = Service Control Manager | ID = 7001
Description = Le service Service Liste des réseaux dépend du service Connaissance
 des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur :   %%1068
 
Error - 04/12/2010 18:26:24 | Computer Name = Jonathan-PC | Source = Service Control Manager | ID = 7001
Description = Le service Service Liste des réseaux dépend du service Connaissance
 des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur :   %%1068
 
Error - 04/12/2010 18:26:54 | Computer Name = Jonathan-PC | Source = DCOM | ID = 10005
Description =
 
 
< End of report >
pichouille
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 20
Inscription: 04 Déc 2010 23:13
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 03:04

Je me suis rendu compte que je n'avais pas fais la mise à jour du Malwarebyte avant de faire l'analyse, du coup il vient de trouver 4 autres infections, et en voici le rapport :

Code: Tout sélectionner
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5245

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

05/12/2010 03:01:41
mbam-log-2010-12-05 (03-01-41).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 288155
Temps écoulé: 27 minute(s), 2 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iycgcfai (Trojan.FakeAV) -> Value: iycgcfai -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\Jonathan\AppData\Local\Temp\grlpamxpu\thuhvplaffm.exe (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\Jonathan\AppData\Local\Temp\jv2v1d5i.exe (Trojan.Lukisel) -> Quarantined and deleted successfully.
c:\Users\Jonathan\AppData\Local\Temp\_686F.tmp (Trojan.FakeAV) -> Quarantined and deleted successfully.


merci :wink:
pichouille
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 20
Inscription: 04 Déc 2010 23:13
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 11:16

hello,

J'ai un gros doute sur un fichier système servant au démarrage de Windows.

N'éteint ou ne redémarre surtout pas ton pc stp

je revient bientôt :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 11:33

bon, c'est OK, le doute est levé

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"


:files
C:\Program Files (x86)\Application Updater
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\Users\Jonathan\AppData\Local\Temp\grlpamxpu
C:\Program Files (x86)\pdfforge Toolbar

:OTL
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
IE - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:43902
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\S-1-5-21-1826348875-3878325811-1754474202-1000..\Run: [iycgcfai] C:\Users\Jonathan\AppData\Local\Temp\grlpamxpu\thuhvplaffm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

:Commands
[emptytemp]
[EMPTYFLASH]
[PURITY]
[RESETHOSTS]





* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir "OTL.Txt"
* Copie et colle le rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés




Ensuite...vérifie deux choses stp...

o Dans Firefox Menu "outils" > "options".
o Cliques sur en haut à droite sur "Avancé" > "onglet "réseau" > à la rubrique "connexions",cliques sur paramètres.
o Vérifie que "pas de proxy" soit bien cochée.
o Fermes les fenêtre en cliquant sur "OK".
Image

ensuite...

o Ouvres Internet Explorer,cliques sur le menu "Outils" > "Options Internet".
o A l'onglet "Connexions" > cliques en bas à droite sur "paramètres réseaux".
o Si la case "utiliser un serveur proxi pour votre réseau local" est cochée,décoches la...
o Quittes les fenêtre par "OK" et "Appliquer".

@++
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 12:16

Salut,

hier soir j'ai du coupé mon pc car il est dans ma chambre et vu la lumière/bruit qu'il fait, je l'ai rallumer ce matin. Après avoir fait la mise à jour de Malwarebyte, il a donc retrouver 4 fichiers infectés. Quand je les ait supprimé, j'ai redémarrer l'ordi, et le virus avait disparu.

Mais j'ai quand même effectué les actions que tu m'as décrites, et en voici les résultats:

Code: Tout sélectionner
All processes killed
========== FILES ==========
C:\Program Files (x86)\Application Updater folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
c:\Users\Jonathan\AppData\Local\Temp\grlpamxpu folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\Res folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\IE\4.1 folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\IE folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome\skin folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome\locale\EN-US folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome\locale folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome\content folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF\chrome folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar\FF folder moved successfully.
C:\Program Files (x86)\pdfforge Toolbar folder moved successfully.
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
File  C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe  not found.
HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
File C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe not found.
Registry value HKEY_USERS\S-1-5-21-1826348875-3878325811-1754474202-1000\Software\Microsoft\Windows\CurrentVersion\Run\\iycgcfai not found.
File C:\Users\Jonathan\AppData\Local\Temp\grlpamxpu\thuhvplaffm.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
C:\Windows\048298C9A4D3490B9FF9AB023A9238F3.TMP\WiseCustomCalla2.exe deleted successfully.
C:\Windows\048298C9A4D3490B9FF9AB023A9238F3.TMP folder deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Jonathan
->Temp folder emptied: 374838 bytes
->Temporary Internet Files folder emptied: 444738 bytes
->Java cache emptied: 17752000 bytes
->FireFox cache emptied: 48576007 bytes
->Google Chrome cache emptied: 58136276 bytes
->Flash cache emptied: 330615 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7373305 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68044 bytes
RecycleBin emptied: 2084326 bytes
 
Total Files Cleaned = 129,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Jonathan
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.17.3 log created on 12052010_120243

Files\Folders moved on Reboot...
C:\Users\Jonathan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


Concernant Firefox, j'ai du modifié car c'était coché "utiliser les paramètres proxy du système", j'ai donc cliqué sur "pas de proxy"

Sur internet explorer, pas de soucis c'était déjà décoché.

Merci de m'accorder du temps :wink:
pichouille
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 20
Inscription: 04 Déc 2010 23:13
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 12:31

ok, c'est cool, tout a viré :wink:

Lance OTL et clique sur "purge outil" , accèpte le redémarrage du pc si OTL te le demande...

ensuite...Très important

Utilise OneClick2RP (De laddy) pour créer un point de restauration et purger les points de restaurations infecté (fais bien attention à la méthode de lancement "Exécuter en tant qu'administrateur")
Tutoriel OneClick2RP

ensuite...

Pour nettoyer les fichiers temporaires,souvent source de problèmes divers et nettoyer la base de registre Windows fais cela...


  • Télécharge et installe Ccleaner en te rendant sur >> cette page <<
  • Clique en haut à droite de la page sur "Download Lastest Version" pour lancer le téléchargement.
  • Installe le et lance le...
  • Dans la barre d'outil à gauche, clique sur "Nettoyer" (en bas à droite)
  • Recommence cette opération jusqu'à ce que le message "0 octets supprimés" apparaisse dans la fenêtre de résultat.
  • Pour info ce nettoyage peu aussi s'effectuer de manière transparente collant Ccleaner /auto dans la commande "Exécuter" du menu démarrer.

    Nettoyer aussi ton registre en cliquant sur "Registre" dans la barre d'outils à gauche.
  • Clique ensuite sur "chercher des erreurs" en bas de la fenêtre, puis clique sur "corriger les erreurs sélectionnées".
  • Accepte la sauvegarde du registre proposée et suis les instructions de Ccleaner.
  • Pour info tu peux ouvrir Ccleaner directement à la rubrique "Registre" en collant Ccleaner /registry dans la fenêtre de commande "Exécuter" du menu démarrer.
  • Si tu as besoin tu as un tutoriel >> ici <<



=====================================================================================================

Pense à mettre à jours Windows:

  • La méthode la plus simple et l'utilisation de "Windows Update" qui se trouve dans ton menu démarrer


Pense à mettre à jours Java:


Pense à mettre à jour Acrobat reader si il est installé sur ton PC de cette manière:

  • Ouvre Acrobat reader, clique sur "aide" et choisis "rechercher des mises à jours..."

=====================================================================================================

un peu de lecture sur la manière de protéger ton surf et ton ordinateur:


Passe un bon dimanche, et attention aux wallpaper :lol:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 13:35

Voilà tout est fait !

Un grand merci pour tout tes conseils et le temps que tu m'as accordé, c'est vraiment génial que des gens prennent le temps de mettre leur compétences aux services des autres.

Passe un bon dimanche aussi, et pour le wallpaper, je vais mettre la jolie colline windows... ;)
pichouille
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 20
Inscription: 04 Déc 2010 23:13
 
Haut

Re: [Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 13:43

:wink:
si un gentil modo passe par là [résolu]
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: [Réglé][Virus] Antivirus Action bloquant les programmes

Message le 05 Déc 2010 14:36

j'édite le titre du sujet ;)
pichouille
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 20
Inscription: 04 Déc 2010 23:13
 
Haut
Répondre

Sujets similaires

Message [Réglé] Mauvaise performance SSD NVME
Bonjour, j'ai un WDC PC SN530 SDBPNPZ-512G, et quand je fais des benchmark où je ne comprends rien, ils m'indiquent dès résultat pas terrible, y a t'il moyen d'arranger ça ?https://www.userbenchmark.com/UserRun/68904129Merci de votre aide.
Réponses: 9

Message [Réglé] Mini PC pour la 4k HDR
Bonjour (et bonne année a tous ),Actuellement, j'ai mon bon vieux mini PC (I5-4210U) , fonctionnel mais hélas devenu trop limité en performance pour la 4K (j'arrive à lire des fichiers en H264 avec très peu voir pas de lags tout dépend le lecteur) et on parle même pas avec du H265 (saccadé à mort) ...
Réponses: 6

Message [Réglé] android auto
Bonjour Je possede un tel. samsung S7 . Je viens d'intaller android auto et chaque fois que je branche mon tel. sur mon vehicule , mon telephone me dit de mettre android à jour. En fouillant un peu sur le net j'ai cru voir que samsung avait arreté les mises à jour sur les S7 . Est ce vrai , sinon co ...
Réponses: 3

Message [Réglè] HELP
Bonjour a tous,j'ai voulu désinstaller les pilotes AMD high définition audio device dans le gestionnaire croyant que les pilotes realtek prendraient la place j'ai redémarré mon PC et depuis je n'ai plus de son l?icône est affublée d'une belle croix rouge (aucun haut parleur ou casque n'est branché) ...
Réponses: 7

Message Son 5.1 [Réglé]
Bonjour,J'ouvre un autre post concernant mon souci de sortie son qui est désespérément figé sur "Stéréo". Mon PC Assemblé par mes soins possède une Carte Mère Gigabyte B550M DS3H "affublée" d'une carte Graphique AMD RX6600 Pulse. Mon PC est relié de ma carte graphique à mon TV à ...
Réponses: 3

Message [Réglé] Fenêtre intempestive Powershell au démarrage
Bonjour,Je m'ajoute à la longue liste des victimes de la fenêtre pop-up bleue qui s'ouvre et qui se ferme à chaque connexion de session, et quelques fois après.J'ai passé les antimalware et ESET... mais rien à faire.Je possède un Lenovo TrigKey AZW S3 en AMD Ryzen 7 qui tourne sur W11 64bits.je vous ...
Réponses: 11

Message [Réglé] Suite de mon sujet Démarrage PC parfois difficile
Bonjour,j'avais ouvert un sujet suite au démarrage très lent de mon PC. Votre aide m'a permis d'améliorer la situation mais ce n'est pas parfait (plus de 2 minutes avant la fenêtre de saisie du code d'accès Windows).On m'a conseillé de demander une désinfection. J'ai suivi la procédure et je joins l ...
Réponses: 12

Haut

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 111 invités

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.