Probleme virus
Résolu/Fermé
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
-
13 juil. 2009 à 15:42
Utilisateur anonyme - 14 juil. 2009 à 12:54
Utilisateur anonyme - 14 juil. 2009 à 12:54
A voir également:
- Probleme virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Virus mcafee - Accueil - Piratage
- Faux message virus ordinateur - Accueil - Arnaque
- Faux message virus iphone ✓ - Forum Virus
47 réponses
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
13 juil. 2009 à 21:49
13 juil. 2009 à 21:49
Ce qui doit correspondre a "clean " je suppose ,,?? attend ton autorisation pour le lancement
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
13 juil. 2009 à 21:51
13 juil. 2009 à 21:51
ok tres bien je te remercie encore pour ton aide
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
13 juil. 2009 à 21:53
13 juil. 2009 à 21:53
forcément vu que je n'ai jamais eu d'infections s'y rapportant
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
13 juil. 2009 à 22:31
13 juil. 2009 à 22:31
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:02:49, 13/07/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: ACER-3FAFADAADF | Utilisateur actuel: leclere guillaume
.
Administrateur: Administrateur
N'est pas administrateur: ASPNET
N'est pas administrateur: HelpAssistant *Desactive*
N'est pas administrateur: Invité *Desactive*
Administrateur: leclere guillaume
N'est pas administrateur: SUPPORT_388945a0 *Desactive*
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
.
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
* Mozilla FireFox Version 2.0.0.2 *
Nom du profil: 9gdmd4ki.default (leclere guillaume)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Winamp Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Winamp Search");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://go.microsoft.com/fwlink/?LinkId=69157");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.1.2");
.
.
* Internet Explorer Version 8.0.6001.18702 *
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
2499 Octet(s) - C:\Ad-Report-CLEAN.log
.
3 Fichier(s) - C:\DOCUME~1\LECLER~1\LOCALS~1\Temp
1 Fichier(s) - C:\WINDOWS\Temp
.
17 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 22:25:46 | 13/07/2009
.
============== E.O.F ==============
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:02:49, 13/07/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: ACER-3FAFADAADF | Utilisateur actuel: leclere guillaume
.
Administrateur: Administrateur
N'est pas administrateur: ASPNET
N'est pas administrateur: HelpAssistant *Desactive*
N'est pas administrateur: Invité *Desactive*
Administrateur: leclere guillaume
N'est pas administrateur: SUPPORT_388945a0 *Desactive*
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
.
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
* Mozilla FireFox Version 2.0.0.2 *
Nom du profil: 9gdmd4ki.default (leclere guillaume)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Winamp Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Winamp Search");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://go.microsoft.com/fwlink/?LinkId=69157");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.1.2");
.
.
* Internet Explorer Version 8.0.6001.18702 *
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
2499 Octet(s) - C:\Ad-Report-CLEAN.log
.
3 Fichier(s) - C:\DOCUME~1\LECLER~1\LOCALS~1\Temp
1 Fichier(s) - C:\WINDOWS\Temp
.
17 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 22:25:46 | 13/07/2009
.
============== E.O.F ==============
.
Utilisateur anonyme
13 juil. 2009 à 23:20
13 juil. 2009 à 23:20
je pensais que ceci du rapport Combo aurait sauté :
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
ok dernier scan de finition , dernier controle et on ferme avec le nettoyage
Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
Télécharges :
Malwarebytes
ou :
Malwarebytes
* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX
* Potasses le Tuto pour te familiariser avec le prg :
( cela dit, il est très simple d'utilisation ).
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's .
Fais un examen dit "Complet" .
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
ok dernier scan de finition , dernier controle et on ferme avec le nettoyage
Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
Télécharges :
Malwarebytes
ou :
Malwarebytes
* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX
* Potasses le Tuto pour te familiariser avec le prg :
( cela dit, il est très simple d'utilisation ).
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's .
Fais un examen dit "Complet" .
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
14 juil. 2009 à 09:58
14 juil. 2009 à 09:58
voila ce que m' a donner le scan de MBAM:
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2421
Windows 5.1.2600 Service Pack 3
14/07/2009 09:55:33
mbam-log-2009-07-14 (09-55-33).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 160807
Temps écoulé: 39 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP485\A0099026.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP485\A0099180.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP485\A0099187.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP486\A0099279.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP486\A0099280.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2421
Windows 5.1.2600 Service Pack 3
14/07/2009 09:55:33
mbam-log-2009-07-14 (09-55-33).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 160807
Temps écoulé: 39 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP485\A0099026.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP485\A0099180.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP485\A0099187.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP486\A0099279.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2db37729-7e03-4f82-adef-4057c22a22c7}\RP486\A0099280.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
Utilisateur anonyme
14 juil. 2009 à 10:24
14 juil. 2009 à 10:24
lol hello
tu peux me refaire ce que tu m'as fait en premier avec OTL ?
tu peux me refaire ce que tu m'as fait en premier avec OTL ?
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
14 juil. 2009 à 10:27
14 juil. 2009 à 10:27
sans aucun soucis je te fais ca sur le champs
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
14 juil. 2009 à 10:32
14 juil. 2009 à 10:32
voila:
OTL logfile created on: 14/07/2009 10:29:53 - Run 2
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Documents and Settings\leclere guillaume\Mes documents\Guillaume LECLERE
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
894,10 Mb Total Physical Memory | 388,38 Mb Available Physical Memory | 43,44% Memory free
2,12 Gb Paging File | 1,44 Gb Available in Paging File | 68,27% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,88 Gb Total Space | 12,36 Gb Free Space | 28,17% Space Free | Partition Type: FAT32
Drive D: | 44,37 Gb Total Space | 13,53 Gb Free Space | 30,49% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-3FAFADAADF
Current User Name: leclere guillaume
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/08/27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008/04/14 04:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/10/15 13:31:26 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2006/03/29 20:53:34 | 00,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007/08/08 15:53:16 | 00,088,024 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
PRC - [2008/10/15 13:29:30 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2005/04/30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2009/02/06 18:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
PRC - [2009/03/09 16:49:18 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008/06/12 13:28:42 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2004/10/05 17:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\TaskBarIcon.exe
PRC - [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2009/06/23 11:01:38 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2006/08/18 15:32:00 | 00,294,912 | ---- | M] (FUJIFILM Corporation.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
PRC - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe
PRC - [2005/12/06 14:53:30 | 00,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\GestionnaireInternet.exe
PRC - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2005/11/28 16:41:40 | 00,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\ComComp.exe
PRC - [2004/11/02 15:31:20 | 00,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\Wanadoo\Toaster.exe
PRC - [2004/10/27 11:30:44 | 00,032,768 | ---- | M] () -- C:\Program Files\Wanadoo\Inactivity.exe
PRC - [2004/10/27 11:07:06 | 00,069,632 | ---- | M] () -- C:\Program Files\Wanadoo\PollingModule.exe
PRC - [2004/10/21 08:50:52 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\AlertModule\AlertModule.exe
PRC - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2004/08/23 14:49:56 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\Watch.exe
PRC - [2004/11/15 17:58:56 | 00,344,064 | ---- | M] () -- C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/07/13 15:45:42 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\leclere guillaume\Mes documents\Guillaume LECLERE\otl.exe
PRC - [2008/04/14 04:34:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - [2007/08/27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2006/03/29 20:53:34 | 00,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService [Auto | Running])
SRV - [2008/10/15 13:31:26 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
SRV - [2008/10/15 13:29:30 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2005/04/30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
SRV - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/04/14 04:33:28 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/01/22 15:29:04 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - [2004/08/10 20:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 20:36:40 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2006/05/10 11:27:00 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2004/08/10 20:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2006/07/18 07:58:16 | 01,621,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009/07/13 19:01:40 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
DRV - [2009/07/13 19:01:52 | 00,052,056 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
DRV - [2009/07/13 19:06:52 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2005/11/02 13:24:24 | 00,424,320 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Running])
DRV - [2006/05/12 13:49:38 | 00,806,272 | ---- | M] (Bison Electronics. Inc. ) -- C:\WINDOWS\System32\Drivers\BisonCam.sys -- (Cam5603D [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2004/12/07 23:10:00 | 00,016,896 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2005/12/23 01:13:06 | 00,013,184 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO [Auto | Running])
DRV - [2006/05/24 19:19:40 | 00,061,056 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\EMS7SK.sys -- (EMSCR [On_Demand | Running])
DRV - [2006/05/24 19:19:48 | 00,040,064 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESD7SK.sys -- (ESDCR [On_Demand | Running])
DRV - [2006/05/24 19:19:44 | 00,074,752 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESM7SK.sys -- (ESMCR [On_Demand | Running])
DRV - [2008/12/08 17:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006/06/12 01:59:52 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2006/06/12 02:00:42 | 00,990,592 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/01/11 16:12:54 | 00,194,048 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Stopped])
DRV - [2006/06/02 13:59:50 | 00,069,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\int15.sys -- (int15 [Auto | Running])
DRV - [2006/06/28 01:25:24 | 04,304,384 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2001/08/17 21:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\irsir.sys -- (irsir [On_Demand | Stopped])
DRV - [2006/02/14 20:57:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2004/08/10 20:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2006/06/21 12:16:08 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2003/08/04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/08/20 18:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2006/06/16 04:56:38 | 00,083,968 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2005/07/07 13:00:32 | 00,173,568 | R--- | M] (Saitek) -- C:\WINDOWS\System32\DRIVERS\SaiH040B.sys -- (SaiH040B [On_Demand | Stopped])
DRV - [2005/07/07 13:00:32 | 00,026,496 | R--- | M] (Saitek) -- C:\WINDOWS\System32\DRIVERS\SaiU040B.sys -- (SaiU040B [On_Demand | Stopped])
DRV - [2009/06/23 11:01:40 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/06/23 11:01:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/06/23 11:01:40 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 20:36:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2004/12/09 14:54:12 | 00,046,592 | ---- | M] (SMSC) -- C:\WINDOWS\System32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Stopped])
DRV - [2004/08/10 20:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2007/11/08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2004/08/10 20:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2006/03/03 12:52:30 | 00,192,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/06/02 13:59:54 | 00,014,544 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\tvicport.sys -- (tvicport [Auto | Running])
DRV - [2004/12/17 16:14:44 | 00,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2006/06/12 01:59:46 | 00,727,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2006/06/02 13:59:52 | 00,006,080 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys -- (zntport [Auto | Running])
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/..."
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.msn.com/fr-fr/?ocid=iehp"
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/..."
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/12/15 19:22:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/05/03 13:55:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007/12/22 20:32:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007/12/16 10:51:38 | 00,000,000 | ---D | M]
[2007/12/15 19:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions
[2009/03/13 01:50:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/03/12 22:58:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/04/29 21:34:12 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Application Data\Mozilla\FireFox\Profiles\9gdmd4ki.default\searchplugins\live-search.xml
[2009/05/03 13:19:22 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Application Data\Mozilla\FireFox\Profiles\9gdmd4ki.default\searchplugins\winamp-search.xml
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\divx@partners.mozilla.com
[2007/12/22 20:32:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org
[2007/02/21 23:13:26 | 00,066,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2007/02/21 23:13:26 | 00,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2007/02/21 23:13:26 | 00,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2007/02/21 23:13:26 | 00,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2007/02/21 23:13:26 | 00,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2007/09/06 19:02:22 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/02/21 23:13:26 | 00,022,664 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/09/06 19:27:54 | 00,001,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2006/06/03 21:11:44 | 00,001,072 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2007/01/17 23:05:32 | 00,002,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2006/09/06 21:56:54 | 00,000,760 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2006/09/13 22:56:36 | 00,001,203 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006/09/11 20:46:50 | 00,000,664 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] \Program Files\Malwarebytes' Anti-Malware\mbamgui.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Exif Launcher 2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 0
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/03 16:57:06 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/06/21 12:16:46 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/05/03 16:57:06 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[1 C:\WINDOWS\*.tmp files]
[2009/07/14 09:56:03 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\odbnipzt.sys
[2009/07/14 09:15:21 | 00,000,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/07/14 09:15:18 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/14 09:15:14 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/14 09:15:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/13 22:02:19 | 00,001,456 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\Ad-remover.lnk
[2009/07/13 20:09:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/07/13 20:08:52 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/07/13 20:08:45 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/07/13 20:08:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\leclere guillaume\Application Data\SUPERAntiSpyware.com
[2009/07/13 18:59:31 | 00,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/07/13 18:59:21 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/07/13 18:59:21 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/07/13 18:59:20 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/07/13 18:59:18 | 00,075,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/13 18:59:15 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/07/13 18:59:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/07/13 17:54:45 | 00,001,296 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\FindyKill.lnk
[2009/07/13 17:54:40 | 00,000,000 | ---D | C] -- C:\FindyKill
[2009/07/13 17:18:56 | 93,760,3072 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/13 17:18:50 | 00,000,000 | -HSD | C] -- C:\FOUND.009
[2009/07/13 16:51:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/07/13 16:46:28 | 00,000,000 | -HSD | C] -- C:\Recycled
[2009/07/13 16:31:14 | 01,571,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfcfiles.dll
[2009/07/13 16:31:14 | 01,054,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kernel32.dll
[2009/07/13 16:31:14 | 01,037,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\explorer.exe
[2009/07/13 16:31:14 | 00,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mfc40u.dll
[2009/07/13 16:31:14 | 00,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comres.dll
[2009/07/13 16:31:14 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comctl32.dll
[2009/07/13 16:31:14 | 00,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntmssvc.dll
[2009/07/13 16:31:14 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rpcss.dll
[2009/07/13 16:31:14 | 00,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\termsrv.dll
[2009/07/13 16:31:14 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\appmgmts.dll
[2009/07/13 16:31:14 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\services.exe
[2009/07/13 16:31:14 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\imm32.dll
[2009/07/13 16:31:14 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\spoolsv.exe
[2009/07/13 16:31:14 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wuauclt.exe
[2009/07/13 16:31:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\msgsvc.dll
[2009/07/13 16:31:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\userinit.exe
[2009/07/13 16:31:14 | 00,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kbdclass.sys
[2009/07/13 16:31:14 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lpk.dll
[2009/07/13 16:31:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\powrprof.dll
[2009/07/13 16:31:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ctfmon.exe
[2009/07/13 16:31:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lsass.exe
[2009/07/13 16:31:14 | 00,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\acpiec.sys
[2009/07/13 16:31:14 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfc.dll
[2009/07/13 16:31:14 | 00,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\beep.sys
[2009/07/13 16:31:14 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\null.sys
[2009/07/13 16:31:13 | 02,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntoskrnl.exe
[2009/07/13 16:31:13 | 02,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntkrnlpa.exe
[2009/07/13 16:31:13 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wininet.dll
[2009/07/13 16:31:13 | 00,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\user32.dll
[2009/07/13 16:31:13 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\winlogon.exe
[2009/07/13 16:31:13 | 00,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\tcpip.sys
[2009/07/13 16:31:13 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ndis.sys
[2009/07/13 16:31:13 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ws2_32.dll
[2009/07/13 16:31:13 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ip6fw.sys
[2009/07/13 16:31:13 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\svchost.exe
[2009/07/13 16:31:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009/07/13 16:22:11 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/07/13 16:22:11 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/07/13 16:22:11 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/07/13 16:22:11 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/07/13 16:22:11 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/07/13 16:22:11 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/07/13 16:22:11 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/07/13 16:22:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/07/13 16:22:00 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/07/13 16:05:12 | 00,000,166 | ---- | C] () -- C:\WINDOWS\System32\Compress.res
[2009/07/13 16:05:05 | 00,000,230 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009/07/13 16:05:03 | 00,000,000 | ---D | C] -- C:\ReimageTmp
[2009/07/13 16:04:36 | 00,001,623 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\Reimage Repair.lnk
[2009/07/13 16:04:35 | 00,000,000 | ---D | C] -- C:\rei
[2009/07/13 16:04:27 | 00,000,000 | ---D | C] -- C:\Program Files\Reimage
[2009/07/10 17:42:26 | 00,000,000 | -HSD | C] -- C:\FOUND.008
[2009/07/07 12:24:38 | 00,000,000 | -HSD | C] -- C:\FOUND.007
[2009/07/04 19:48:42 | 00,000,000 | -HSD | C] -- C:\FOUND.006
[2009/07/01 20:09:38 | 00,000,000 | -HSD | C] -- C:\FOUND.005
[2009/06/30 18:19:48 | 00,000,000 | -HSD | C] -- C:\FOUND.004
[2009/06/28 16:38:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\leclere guillaume\Bureau\BisonCam
[2009/06/20 23:14:13 | 00,000,000 | ---D | C] -- C:\Program Files\PokerStars.NET
[2009/06/14 17:46:22 | 00,000,000 | -HSD | C] -- C:\FOUND.003
[2009/05/19 15:05:14 | 01,380,403 | ---- | C] () -- C:\WINDOWS\System32\avgsdk.dll
[2008/03/28 18:41:32 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/01/22 15:57:31 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2007/09/07 19:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/07 19:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/06 19:04:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/06 19:01:52 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/17 20:08:33 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/07/10 17:10:12 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006/12/29 11:09:30 | 00,000,018 | ---- | C] () -- C:\WINDOWS\podiomlive.ini
[2006/12/25 18:12:41 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/11 00:09:23 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/06/21 15:17:46 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 12:17:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/06/21 11:45:34 | 00,000,774 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/06/21 11:36:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/05/12 13:50:28 | 00,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2006/04/20 20:03:42 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2006/04/20 20:03:42 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2006/03/10 14:15:44 | 00,036,404 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/02/22 11:20:14 | 00,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2006/02/22 11:20:14 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2005/12/14 20:59:52 | 00,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005/08/05 15:38:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/12/17 16:14:44 | 00,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/10 20:00:00 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001/12/26 15:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[1 C:\WINDOWS\*.tmp files]
[2009/07/14 09:56:04 | 00,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\odbnipzt.sys
[2009/07/14 09:15:22 | 00,000,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/07/14 09:08:32 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/14 09:08:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/14 09:07:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/14 09:07:52 | 93,760,3072 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/14 01:37:18 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/07/13 22:02:20 | 00,001,456 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\Ad-remover.lnk
[2009/07/13 20:08:54 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/07/13 19:06:52 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/13 18:59:32 | 00,001,759 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/07/13 18:55:28 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/07/13 17:55:18 | 00,001,296 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\FindyKill.lnk
[2009/07/13 16:29:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/07/13 16:05:14 | 00,000,166 | ---- | M] () -- C:\WINDOWS\System32\Compress.res
[2009/07/13 16:05:08 | 00,000,230 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2009/07/13 16:04:38 | 00,001,623 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\Reimage Repair.lnk
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/13 12:15:28 | 00,110,080 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/10 17:30:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/06/28 16:47:06 | 00,000,774 | ---- | M] () -- C:\WINDOWS\win.ini
< End of report >
OTL logfile created on: 14/07/2009 10:29:53 - Run 2
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Documents and Settings\leclere guillaume\Mes documents\Guillaume LECLERE
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
894,10 Mb Total Physical Memory | 388,38 Mb Available Physical Memory | 43,44% Memory free
2,12 Gb Paging File | 1,44 Gb Available in Paging File | 68,27% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,88 Gb Total Space | 12,36 Gb Free Space | 28,17% Space Free | Partition Type: FAT32
Drive D: | 44,37 Gb Total Space | 13,53 Gb Free Space | 30,49% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-3FAFADAADF
Current User Name: leclere guillaume
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/08/27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008/04/14 04:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/10/15 13:31:26 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2006/03/29 20:53:34 | 00,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007/08/08 15:53:16 | 00,088,024 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
PRC - [2008/10/15 13:29:30 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2005/04/30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2009/02/06 18:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
PRC - [2009/03/09 16:49:18 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008/06/12 13:28:42 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2004/10/05 17:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\TaskBarIcon.exe
PRC - [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2009/06/23 11:01:38 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2006/08/18 15:32:00 | 00,294,912 | ---- | M] (FUJIFILM Corporation.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
PRC - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe
PRC - [2005/12/06 14:53:30 | 00,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\GestionnaireInternet.exe
PRC - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2005/11/28 16:41:40 | 00,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\ComComp.exe
PRC - [2004/11/02 15:31:20 | 00,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\Wanadoo\Toaster.exe
PRC - [2004/10/27 11:30:44 | 00,032,768 | ---- | M] () -- C:\Program Files\Wanadoo\Inactivity.exe
PRC - [2004/10/27 11:07:06 | 00,069,632 | ---- | M] () -- C:\Program Files\Wanadoo\PollingModule.exe
PRC - [2004/10/21 08:50:52 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\AlertModule\AlertModule.exe
PRC - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2004/08/23 14:49:56 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\Watch.exe
PRC - [2004/11/15 17:58:56 | 00,344,064 | ---- | M] () -- C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/07/13 15:45:42 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\leclere guillaume\Mes documents\Guillaume LECLERE\otl.exe
PRC - [2008/04/14 04:34:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - [2007/08/27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2006/03/29 20:53:34 | 00,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService [Auto | Running])
SRV - [2008/10/15 13:31:26 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
SRV - [2008/10/15 13:29:30 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2005/04/30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
SRV - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/04/14 04:33:28 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/01/22 15:29:04 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - [2004/08/10 20:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 20:36:40 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2006/05/10 11:27:00 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2004/08/10 20:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2006/07/18 07:58:16 | 01,621,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009/07/13 19:01:40 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
DRV - [2009/07/13 19:01:52 | 00,052,056 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
DRV - [2009/07/13 19:06:52 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2005/11/02 13:24:24 | 00,424,320 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Running])
DRV - [2006/05/12 13:49:38 | 00,806,272 | ---- | M] (Bison Electronics. Inc. ) -- C:\WINDOWS\System32\Drivers\BisonCam.sys -- (Cam5603D [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2004/12/07 23:10:00 | 00,016,896 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2005/12/23 01:13:06 | 00,013,184 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO [Auto | Running])
DRV - [2006/05/24 19:19:40 | 00,061,056 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\EMS7SK.sys -- (EMSCR [On_Demand | Running])
DRV - [2006/05/24 19:19:48 | 00,040,064 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESD7SK.sys -- (ESDCR [On_Demand | Running])
DRV - [2006/05/24 19:19:44 | 00,074,752 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESM7SK.sys -- (ESMCR [On_Demand | Running])
DRV - [2008/12/08 17:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006/06/12 01:59:52 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2006/06/12 02:00:42 | 00,990,592 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/01/11 16:12:54 | 00,194,048 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Stopped])
DRV - [2006/06/02 13:59:50 | 00,069,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\int15.sys -- (int15 [Auto | Running])
DRV - [2006/06/28 01:25:24 | 04,304,384 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2001/08/17 21:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\irsir.sys -- (irsir [On_Demand | Stopped])
DRV - [2006/02/14 20:57:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2004/08/10 20:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2006/06/21 12:16:08 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2003/08/04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/08/20 18:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2006/06/16 04:56:38 | 00,083,968 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2005/07/07 13:00:32 | 00,173,568 | R--- | M] (Saitek) -- C:\WINDOWS\System32\DRIVERS\SaiH040B.sys -- (SaiH040B [On_Demand | Stopped])
DRV - [2005/07/07 13:00:32 | 00,026,496 | R--- | M] (Saitek) -- C:\WINDOWS\System32\DRIVERS\SaiU040B.sys -- (SaiU040B [On_Demand | Stopped])
DRV - [2009/06/23 11:01:40 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/06/23 11:01:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/06/23 11:01:40 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 20:36:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2004/12/09 14:54:12 | 00,046,592 | ---- | M] (SMSC) -- C:\WINDOWS\System32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Stopped])
DRV - [2004/08/10 20:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2007/11/08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2004/08/10 20:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2006/03/03 12:52:30 | 00,192,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/06/02 13:59:54 | 00,014,544 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\tvicport.sys -- (tvicport [Auto | Running])
DRV - [2004/12/17 16:14:44 | 00,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2006/06/12 01:59:46 | 00,727,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2006/06/02 13:59:52 | 00,006,080 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys -- (zntport [Auto | Running])
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/..."
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.msn.com/fr-fr/?ocid=iehp"
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/..."
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/12/15 19:22:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/05/03 13:55:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007/12/22 20:32:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007/12/16 10:51:38 | 00,000,000 | ---D | M]
[2007/12/15 19:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions
[2009/03/13 01:50:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/03/12 22:58:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/04/29 21:34:12 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Application Data\Mozilla\FireFox\Profiles\9gdmd4ki.default\searchplugins\live-search.xml
[2009/05/03 13:19:22 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Application Data\Mozilla\FireFox\Profiles\9gdmd4ki.default\searchplugins\winamp-search.xml
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\divx@partners.mozilla.com
[2007/12/22 20:32:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org
[2007/02/21 23:13:26 | 00,066,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2007/02/21 23:13:26 | 00,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2007/02/21 23:13:26 | 00,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2007/02/21 23:13:26 | 00,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2007/02/21 23:13:26 | 00,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2007/09/06 19:02:22 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/02/21 23:13:26 | 00,022,664 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/09/06 19:27:54 | 00,001,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2006/06/03 21:11:44 | 00,001,072 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2007/01/17 23:05:32 | 00,002,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2006/09/06 21:56:54 | 00,000,760 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2006/09/13 22:56:36 | 00,001,203 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006/09/11 20:46:50 | 00,000,664 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] \Program Files\Malwarebytes' Anti-Malware\mbamgui.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Exif Launcher 2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 0
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/03 16:57:06 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/06/21 12:16:46 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/05/03 16:57:06 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[1 C:\WINDOWS\*.tmp files]
[2009/07/14 09:56:03 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\odbnipzt.sys
[2009/07/14 09:15:21 | 00,000,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/07/14 09:15:18 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/14 09:15:14 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/14 09:15:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/13 22:02:19 | 00,001,456 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\Ad-remover.lnk
[2009/07/13 20:09:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/07/13 20:08:52 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/07/13 20:08:45 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/07/13 20:08:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\leclere guillaume\Application Data\SUPERAntiSpyware.com
[2009/07/13 18:59:31 | 00,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/07/13 18:59:21 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/07/13 18:59:21 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/07/13 18:59:20 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/07/13 18:59:18 | 00,075,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/13 18:59:15 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/07/13 18:59:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/07/13 17:54:45 | 00,001,296 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\FindyKill.lnk
[2009/07/13 17:54:40 | 00,000,000 | ---D | C] -- C:\FindyKill
[2009/07/13 17:18:56 | 93,760,3072 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/13 17:18:50 | 00,000,000 | -HSD | C] -- C:\FOUND.009
[2009/07/13 16:51:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/07/13 16:46:28 | 00,000,000 | -HSD | C] -- C:\Recycled
[2009/07/13 16:31:14 | 01,571,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfcfiles.dll
[2009/07/13 16:31:14 | 01,054,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kernel32.dll
[2009/07/13 16:31:14 | 01,037,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\explorer.exe
[2009/07/13 16:31:14 | 00,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mfc40u.dll
[2009/07/13 16:31:14 | 00,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comres.dll
[2009/07/13 16:31:14 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comctl32.dll
[2009/07/13 16:31:14 | 00,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntmssvc.dll
[2009/07/13 16:31:14 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rpcss.dll
[2009/07/13 16:31:14 | 00,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\termsrv.dll
[2009/07/13 16:31:14 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\appmgmts.dll
[2009/07/13 16:31:14 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\services.exe
[2009/07/13 16:31:14 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\imm32.dll
[2009/07/13 16:31:14 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\spoolsv.exe
[2009/07/13 16:31:14 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wuauclt.exe
[2009/07/13 16:31:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\msgsvc.dll
[2009/07/13 16:31:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\userinit.exe
[2009/07/13 16:31:14 | 00,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kbdclass.sys
[2009/07/13 16:31:14 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lpk.dll
[2009/07/13 16:31:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\powrprof.dll
[2009/07/13 16:31:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ctfmon.exe
[2009/07/13 16:31:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lsass.exe
[2009/07/13 16:31:14 | 00,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\acpiec.sys
[2009/07/13 16:31:14 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfc.dll
[2009/07/13 16:31:14 | 00,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\beep.sys
[2009/07/13 16:31:14 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\null.sys
[2009/07/13 16:31:13 | 02,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntoskrnl.exe
[2009/07/13 16:31:13 | 02,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntkrnlpa.exe
[2009/07/13 16:31:13 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wininet.dll
[2009/07/13 16:31:13 | 00,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\user32.dll
[2009/07/13 16:31:13 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\winlogon.exe
[2009/07/13 16:31:13 | 00,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\tcpip.sys
[2009/07/13 16:31:13 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ndis.sys
[2009/07/13 16:31:13 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ws2_32.dll
[2009/07/13 16:31:13 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ip6fw.sys
[2009/07/13 16:31:13 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\svchost.exe
[2009/07/13 16:31:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009/07/13 16:22:11 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/07/13 16:22:11 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/07/13 16:22:11 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/07/13 16:22:11 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/07/13 16:22:11 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/07/13 16:22:11 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/07/13 16:22:11 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/07/13 16:22:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/07/13 16:22:00 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/07/13 16:05:12 | 00,000,166 | ---- | C] () -- C:\WINDOWS\System32\Compress.res
[2009/07/13 16:05:05 | 00,000,230 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009/07/13 16:05:03 | 00,000,000 | ---D | C] -- C:\ReimageTmp
[2009/07/13 16:04:36 | 00,001,623 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\Reimage Repair.lnk
[2009/07/13 16:04:35 | 00,000,000 | ---D | C] -- C:\rei
[2009/07/13 16:04:27 | 00,000,000 | ---D | C] -- C:\Program Files\Reimage
[2009/07/10 17:42:26 | 00,000,000 | -HSD | C] -- C:\FOUND.008
[2009/07/07 12:24:38 | 00,000,000 | -HSD | C] -- C:\FOUND.007
[2009/07/04 19:48:42 | 00,000,000 | -HSD | C] -- C:\FOUND.006
[2009/07/01 20:09:38 | 00,000,000 | -HSD | C] -- C:\FOUND.005
[2009/06/30 18:19:48 | 00,000,000 | -HSD | C] -- C:\FOUND.004
[2009/06/28 16:38:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\leclere guillaume\Bureau\BisonCam
[2009/06/20 23:14:13 | 00,000,000 | ---D | C] -- C:\Program Files\PokerStars.NET
[2009/06/14 17:46:22 | 00,000,000 | -HSD | C] -- C:\FOUND.003
[2009/05/19 15:05:14 | 01,380,403 | ---- | C] () -- C:\WINDOWS\System32\avgsdk.dll
[2008/03/28 18:41:32 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/01/22 15:57:31 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2007/09/07 19:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/07 19:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/06 19:04:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/06 19:01:52 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/17 20:08:33 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/07/10 17:10:12 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006/12/29 11:09:30 | 00,000,018 | ---- | C] () -- C:\WINDOWS\podiomlive.ini
[2006/12/25 18:12:41 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/11 00:09:23 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/06/21 15:17:46 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 12:17:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/06/21 11:45:34 | 00,000,774 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/06/21 11:36:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/05/12 13:50:28 | 00,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2006/04/20 20:03:42 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2006/04/20 20:03:42 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2006/03/10 14:15:44 | 00,036,404 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/02/22 11:20:14 | 00,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2006/02/22 11:20:14 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2005/12/14 20:59:52 | 00,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005/08/05 15:38:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/12/17 16:14:44 | 00,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/10 20:00:00 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001/12/26 15:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[1 C:\WINDOWS\*.tmp files]
[2009/07/14 09:56:04 | 00,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\odbnipzt.sys
[2009/07/14 09:15:22 | 00,000,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/07/14 09:08:32 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/14 09:08:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/14 09:07:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/14 09:07:52 | 93,760,3072 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/14 01:37:18 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/07/13 22:02:20 | 00,001,456 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\Ad-remover.lnk
[2009/07/13 20:08:54 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/07/13 19:06:52 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/13 18:59:32 | 00,001,759 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/07/13 18:55:28 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/07/13 17:55:18 | 00,001,296 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\FindyKill.lnk
[2009/07/13 16:29:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/07/13 16:05:14 | 00,000,166 | ---- | M] () -- C:\WINDOWS\System32\Compress.res
[2009/07/13 16:05:08 | 00,000,230 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2009/07/13 16:04:38 | 00,001,623 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\Reimage Repair.lnk
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/13 12:15:28 | 00,110,080 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/10 17:30:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/06/28 16:47:06 | 00,000,774 | ---- | M] () -- C:\WINDOWS\win.ini
< End of report >
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
14 juil. 2009 à 10:32
14 juil. 2009 à 10:32
voila:
OTL logfile created on: 14/07/2009 10:29:53 - Run 2
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Documents and Settings\leclere guillaume\Mes documents\Guillaume LECLERE
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
894,10 Mb Total Physical Memory | 388,38 Mb Available Physical Memory | 43,44% Memory free
2,12 Gb Paging File | 1,44 Gb Available in Paging File | 68,27% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,88 Gb Total Space | 12,36 Gb Free Space | 28,17% Space Free | Partition Type: FAT32
Drive D: | 44,37 Gb Total Space | 13,53 Gb Free Space | 30,49% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-3FAFADAADF
Current User Name: leclere guillaume
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/08/27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008/04/14 04:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/10/15 13:31:26 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2006/03/29 20:53:34 | 00,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007/08/08 15:53:16 | 00,088,024 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
PRC - [2008/10/15 13:29:30 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2005/04/30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2009/02/06 18:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
PRC - [2009/03/09 16:49:18 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008/06/12 13:28:42 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2004/10/05 17:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\TaskBarIcon.exe
PRC - [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2009/06/23 11:01:38 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2006/08/18 15:32:00 | 00,294,912 | ---- | M] (FUJIFILM Corporation.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
PRC - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe
PRC - [2005/12/06 14:53:30 | 00,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\GestionnaireInternet.exe
PRC - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2005/11/28 16:41:40 | 00,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\ComComp.exe
PRC - [2004/11/02 15:31:20 | 00,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\Wanadoo\Toaster.exe
PRC - [2004/10/27 11:30:44 | 00,032,768 | ---- | M] () -- C:\Program Files\Wanadoo\Inactivity.exe
PRC - [2004/10/27 11:07:06 | 00,069,632 | ---- | M] () -- C:\Program Files\Wanadoo\PollingModule.exe
PRC - [2004/10/21 08:50:52 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\AlertModule\AlertModule.exe
PRC - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2004/08/23 14:49:56 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\Watch.exe
PRC - [2004/11/15 17:58:56 | 00,344,064 | ---- | M] () -- C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/07/13 15:45:42 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\leclere guillaume\Mes documents\Guillaume LECLERE\otl.exe
PRC - [2008/04/14 04:34:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2007/08/27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2006/03/29 20:53:34 | 00,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService [Auto | Running])
SRV - [2008/10/15 13:31:26 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
SRV - [2008/10/15 13:29:30 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2005/04/30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
SRV - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/04/14 04:33:28 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/01/22 15:29:04 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2004/08/10 20:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 20:36:40 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2006/05/10 11:27:00 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2004/08/10 20:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2006/07/18 07:58:16 | 01,621,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009/07/13 19:01:40 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
DRV - [2009/07/13 19:01:52 | 00,052,056 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
DRV - [2009/07/13 19:06:52 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2005/11/02 13:24:24 | 00,424,320 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Running])
DRV - [2006/05/12 13:49:38 | 00,806,272 | ---- | M] (Bison Electronics. Inc. ) -- C:\WINDOWS\System32\Drivers\BisonCam.sys -- (Cam5603D [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2004/12/07 23:10:00 | 00,016,896 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2005/12/23 01:13:06 | 00,013,184 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO [Auto | Running])
DRV - [2006/05/24 19:19:40 | 00,061,056 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\EMS7SK.sys -- (EMSCR [On_Demand | Running])
DRV - [2006/05/24 19:19:48 | 00,040,064 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESD7SK.sys -- (ESDCR [On_Demand | Running])
DRV - [2006/05/24 19:19:44 | 00,074,752 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESM7SK.sys -- (ESMCR [On_Demand | Running])
DRV - [2008/12/08 17:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006/06/12 01:59:52 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2006/06/12 02:00:42 | 00,990,592 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/01/11 16:12:54 | 00,194,048 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Stopped])
DRV - [2006/06/02 13:59:50 | 00,069,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\int15.sys -- (int15 [Auto | Running])
DRV - [2006/06/28 01:25:24 | 04,304,384 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2001/08/17 21:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\irsir.sys -- (irsir [On_Demand | Stopped])
DRV - [2006/02/14 20:57:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2004/08/10 20:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2006/06/21 12:16:08 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2003/08/04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/08/20 18:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2006/06/16 04:56:38 | 00,083,968 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2005/07/07 13:00:32 | 00,173,568 | R--- | M] (Saitek) -- C:\WINDOWS\System32\DRIVERS\SaiH040B.sys -- (SaiH040B [On_Demand | Stopped])
DRV - [2005/07/07 13:00:32 | 00,026,496 | R--- | M] (Saitek) -- C:\WINDOWS\System32\DRIVERS\SaiU040B.sys -- (SaiU040B [On_Demand | Stopped])
DRV - [2009/06/23 11:01:40 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/06/23 11:01:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/06/23 11:01:40 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 20:36:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2004/12/09 14:54:12 | 00,046,592 | ---- | M] (SMSC) -- C:\WINDOWS\System32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Stopped])
DRV - [2004/08/10 20:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2007/11/08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2004/08/10 20:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2006/03/03 12:52:30 | 00,192,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/06/02 13:59:54 | 00,014,544 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\tvicport.sys -- (tvicport [Auto | Running])
DRV - [2004/12/17 16:14:44 | 00,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2006/06/12 01:59:46 | 00,727,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2006/06/02 13:59:52 | 00,006,080 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys -- (zntport [Auto | Running])
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/..."
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.msn.com/fr-fr/?ocid=iehp"
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/..."
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/12/15 19:22:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/05/03 13:55:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007/12/22 20:32:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007/12/16 10:51:38 | 00,000,000 | ---D | M]
[2007/12/15 19:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions
[2009/03/13 01:50:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/03/12 22:58:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/04/29 21:34:12 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Application Data\Mozilla\FireFox\Profiles\9gdmd4ki.default\searchplugins\live-search.xml
[2009/05/03 13:19:22 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Application Data\Mozilla\FireFox\Profiles\9gdmd4ki.default\searchplugins\winamp-search.xml
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\divx@partners.mozilla.com
[2007/12/22 20:32:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org
[2007/02/21 23:13:26 | 00,066,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2007/02/21 23:13:26 | 00,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2007/02/21 23:13:26 | 00,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2007/02/21 23:13:26 | 00,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2007/02/21 23:13:26 | 00,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2007/09/06 19:02:22 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/02/21 23:13:26 | 00,022,664 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/09/06 19:27:54 | 00,001,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2006/06/03 21:11:44 | 00,001,072 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2007/01/17 23:05:32 | 00,002,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2006/09/06 21:56:54 | 00,000,760 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2006/09/13 22:56:36 | 00,001,203 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006/09/11 20:46:50 | 00,000,664 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] \Program Files\Malwarebytes' Anti-Malware\mbamgui.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Exif Launcher 2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 0
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/03 16:57:06 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/06/21 12:16:46 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/05/03 16:57:06 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[1 C:\WINDOWS\*.tmp files]
[2009/07/14 09:56:03 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\odbnipzt.sys
[2009/07/14 09:15:21 | 00,000,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/07/14 09:15:18 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/14 09:15:14 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/14 09:15:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/13 22:02:19 | 00,001,456 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\Ad-remover.lnk
[2009/07/13 20:09:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/07/13 20:08:52 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/07/13 20:08:45 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/07/13 20:08:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\leclere guillaume\Application Data\SUPERAntiSpyware.com
[2009/07/13 18:59:31 | 00,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/07/13 18:59:21 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/07/13 18:59:21 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/07/13 18:59:20 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/07/13 18:59:18 | 00,075,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/13 18:59:15 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/07/13 18:59:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/07/13 17:54:45 | 00,001,296 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\FindyKill.lnk
[2009/07/13 17:54:40 | 00,000,000 | ---D | C] -- C:\FindyKill
[2009/07/13 17:18:56 | 93,760,3072 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/13 17:18:50 | 00,000,000 | -HSD | C] -- C:\FOUND.009
[2009/07/13 16:51:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/07/13 16:46:28 | 00,000,000 | -HSD | C] -- C:\Recycled
[2009/07/13 16:31:14 | 01,571,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfcfiles.dll
[2009/07/13 16:31:14 | 01,054,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kernel32.dll
[2009/07/13 16:31:14 | 01,037,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\explorer.exe
[2009/07/13 16:31:14 | 00,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mfc40u.dll
[2009/07/13 16:31:14 | 00,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comres.dll
[2009/07/13 16:31:14 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comctl32.dll
[2009/07/13 16:31:14 | 00,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntmssvc.dll
[2009/07/13 16:31:14 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rpcss.dll
[2009/07/13 16:31:14 | 00,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\termsrv.dll
[2009/07/13 16:31:14 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\appmgmts.dll
[2009/07/13 16:31:14 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\services.exe
[2009/07/13 16:31:14 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\imm32.dll
[2009/07/13 16:31:14 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\spoolsv.exe
[2009/07/13 16:31:14 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wuauclt.exe
[2009/07/13 16:31:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\msgsvc.dll
[2009/07/13 16:31:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\userinit.exe
[2009/07/13 16:31:14 | 00,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kbdclass.sys
[2009/07/13 16:31:14 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lpk.dll
[2009/07/13 16:31:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\powrprof.dll
[2009/07/13 16:31:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ctfmon.exe
[2009/07/13 16:31:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lsass.exe
[2009/07/13 16:31:14 | 00,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\acpiec.sys
[2009/07/13 16:31:14 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfc.dll
[2009/07/13 16:31:14 | 00,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\beep.sys
[2009/07/13 16:31:14 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\null.sys
[2009/07/13 16:31:13 | 02,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntoskrnl.exe
[2009/07/13 16:31:13 | 02,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntkrnlpa.exe
[2009/07/13 16:31:13 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wininet.dll
[2009/07/13 16:31:13 | 00,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\user32.dll
[2009/07/13 16:31:13 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\winlogon.exe
[2009/07/13 16:31:13 | 00,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\tcpip.sys
[2009/07/13 16:31:13 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ndis.sys
[2009/07/13 16:31:13 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ws2_32.dll
[2009/07/13 16:31:13 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ip6fw.sys
[2009/07/13 16:31:13 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\svchost.exe
[2009/07/13 16:31:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009/07/13 16:22:11 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/07/13 16:22:11 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/07/13 16:22:11 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/07/13 16:22:11 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/07/13 16:22:11 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/07/13 16:22:11 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/07/13 16:22:11 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/07/13 16:22:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/07/13 16:22:00 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/07/13 16:05:12 | 00,000,166 | ---- | C] () -- C:\WINDOWS\System32\Compress.res
[2009/07/13 16:05:05 | 00,000,230 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009/07/13 16:05:03 | 00,000,000 | ---D | C] -- C:\ReimageTmp
[2009/07/13 16:04:36 | 00,001,623 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\Reimage Repair.lnk
[2009/07/13 16:04:35 | 00,000,000 | ---D | C] -- C:\rei
[2009/07/13 16:04:27 | 00,000,000 | ---D | C] -- C:\Program Files\Reimage
[2009/07/10 17:42:26 | 00,000,000 | -HSD | C] -- C:\FOUND.008
[2009/07/07 12:24:38 | 00,000,000 | -HSD | C] -- C:\FOUND.007
[2009/07/04 19:48:42 | 00,000,000 | -HSD | C] -- C:\FOUND.006
[2009/07/01 20:09:38 | 00,000,000 | -HSD | C] -- C:\FOUND.005
[2009/06/30 18:19:48 | 00,000,000 | -HSD | C] -- C:\FOUND.004
[2009/06/28 16:38:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\leclere guillaume\Bureau\BisonCam
[2009/06/20 23:14:13 | 00,000,000 | ---D | C] -- C:\Program Files\PokerStars.NET
[2009/06/14 17:46:22 | 00,000,000 | -HSD | C] -- C:\FOUND.003
[2009/05/19 15:05:14 | 01,380,403 | ---- | C] () -- C:\WINDOWS\System32\avgsdk.dll
[2008/03/28 18:41:32 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/01/22 15:57:31 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2007/09/07 19:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/07 19:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/06 19:04:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/06 19:01:52 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/17 20:08:33 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/07/10 17:10:12 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006/12/29 11:09:30 | 00,000,018 | ---- | C] () -- C:\WINDOWS\podiomlive.ini
[2006/12/25 18:12:41 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/11 00:09:23 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/06/21 15:17:46 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 12:17:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/06/21 11:45:34 | 00,000,774 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/06/21 11:36:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/05/12 13:50:28 | 00,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2006/04/20 20:03:42 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2006/04/20 20:03:42 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2006/03/10 14:15:44 | 00,036,404 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/02/22 11:20:14 | 00,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2006/02/22 11:20:14 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2005/12/14 20:59:52 | 00,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005/08/05 15:38:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/12/17 16:14:44 | 00,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/10 20:00:00 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001/12/26 15:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[1 C:\WINDOWS\*.tmp files]
[2009/07/14 09:56:04 | 00,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\odbnipzt.sys
[2009/07/14 09:15:22 | 00,000,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/07/14 09:08:32 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/14 09:08:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/14 09:07:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/14 09:07:52 | 93,760,3072 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/14 01:37:18 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/07/13 22:02:20 | 00,001,456 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\Ad-remover.lnk
[2009/07/13 20:08:54 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/07/13 19:06:52 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/13 18:59:32 | 00,001,759 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/07/13 18:55:28 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/07/13 17:55:18 | 00,001,296 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\FindyKill.lnk
[2009/07/13 16:29:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/07/13 16:05:14 | 00,000,166 | ---- | M] () -- C:\WINDOWS\System32\Compress.res
[2009/07/13 16:05:08 | 00,000,230 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2009/07/13 16:04:38 | 00,001,623 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\Reimage Repair.lnk
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/13 12:15:28 | 00,110,080 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/10 17:30:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/06/28 16:47:06 | 00,000,774 | ---- | M] () -- C:\WINDOWS\win.ini
< End of report >
OTL logfile created on: 14/07/2009 10:29:53 - Run 2
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Documents and Settings\leclere guillaume\Mes documents\Guillaume LECLERE
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
894,10 Mb Total Physical Memory | 388,38 Mb Available Physical Memory | 43,44% Memory free
2,12 Gb Paging File | 1,44 Gb Available in Paging File | 68,27% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,88 Gb Total Space | 12,36 Gb Free Space | 28,17% Space Free | Partition Type: FAT32
Drive D: | 44,37 Gb Total Space | 13,53 Gb Free Space | 30,49% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-3FAFADAADF
Current User Name: leclere guillaume
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/08/27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008/04/14 04:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/10/15 13:31:26 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2006/03/29 20:53:34 | 00,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007/08/08 15:53:16 | 00,088,024 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
PRC - [2008/10/15 13:29:30 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2005/04/30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2009/02/06 18:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
PRC - [2009/03/09 16:49:18 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008/06/12 13:28:42 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2004/10/05 17:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\TaskBarIcon.exe
PRC - [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2009/06/23 11:01:38 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2006/08/18 15:32:00 | 00,294,912 | ---- | M] (FUJIFILM Corporation.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
PRC - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
PRC - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe
PRC - [2005/12/06 14:53:30 | 00,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\GestionnaireInternet.exe
PRC - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2005/11/28 16:41:40 | 00,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\ComComp.exe
PRC - [2004/11/02 15:31:20 | 00,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\Wanadoo\Toaster.exe
PRC - [2004/10/27 11:30:44 | 00,032,768 | ---- | M] () -- C:\Program Files\Wanadoo\Inactivity.exe
PRC - [2004/10/27 11:07:06 | 00,069,632 | ---- | M] () -- C:\Program Files\Wanadoo\PollingModule.exe
PRC - [2004/10/21 08:50:52 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\AlertModule\AlertModule.exe
PRC - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2004/08/23 14:49:56 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\Watch.exe
PRC - [2004/11/15 17:58:56 | 00,344,064 | ---- | M] () -- C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/07/13 15:45:42 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\leclere guillaume\Mes documents\Guillaume LECLERE\otl.exe
PRC - [2008/04/14 04:34:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2007/08/27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2006/03/29 20:53:34 | 00,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService [Auto | Running])
SRV - [2008/10/15 13:31:26 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
SRV - [2008/10/15 13:29:30 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/07/18 07:51:44 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2005/04/30 17:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 15:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
SRV - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/04/14 04:33:28 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2005/08/05 13:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/01/22 15:29:04 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2004/08/10 20:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 20:36:40 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2006/05/10 11:27:00 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2004/08/10 20:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2006/07/18 07:58:16 | 01,621,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009/07/13 19:01:40 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
DRV - [2009/07/13 19:01:52 | 00,052,056 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
DRV - [2009/07/13 19:06:52 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2005/11/02 13:24:24 | 00,424,320 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Running])
DRV - [2006/05/12 13:49:38 | 00,806,272 | ---- | M] (Bison Electronics. Inc. ) -- C:\WINDOWS\System32\Drivers\BisonCam.sys -- (Cam5603D [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2004/12/07 23:10:00 | 00,016,896 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2005/12/23 01:13:06 | 00,013,184 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO [Auto | Running])
DRV - [2006/05/24 19:19:40 | 00,061,056 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\EMS7SK.sys -- (EMSCR [On_Demand | Running])
DRV - [2006/05/24 19:19:48 | 00,040,064 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESD7SK.sys -- (ESDCR [On_Demand | Running])
DRV - [2006/05/24 19:19:44 | 00,074,752 | ---- | M] (ENE Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\ESM7SK.sys -- (ESMCR [On_Demand | Running])
DRV - [2008/12/08 17:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006/06/12 01:59:52 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2006/06/12 02:00:42 | 00,990,592 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/01/11 16:12:54 | 00,194,048 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Stopped])
DRV - [2006/06/02 13:59:50 | 00,069,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\int15.sys -- (int15 [Auto | Running])
DRV - [2006/06/28 01:25:24 | 04,304,384 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2001/08/17 21:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\irsir.sys -- (irsir [On_Demand | Stopped])
DRV - [2006/02/14 20:57:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2004/08/10 20:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2006/06/21 12:16:08 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2003/08/04 14:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Running])
DRV - [2004/08/10 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/08/20 18:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2006/06/16 04:56:38 | 00,083,968 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2005/07/07 13:00:32 | 00,173,568 | R--- | M] (Saitek) -- C:\WINDOWS\System32\DRIVERS\SaiH040B.sys -- (SaiH040B [On_Demand | Stopped])
DRV - [2005/07/07 13:00:32 | 00,026,496 | R--- | M] (Saitek) -- C:\WINDOWS\System32\DRIVERS\SaiU040B.sys -- (SaiU040B [On_Demand | Stopped])
DRV - [2009/06/23 11:01:40 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/06/23 11:01:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/06/23 11:01:40 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 20:36:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2004/12/09 14:54:12 | 00,046,592 | ---- | M] (SMSC) -- C:\WINDOWS\System32\DRIVERS\smcirda.sys -- (SMCIRDA [On_Demand | Stopped])
DRV - [2004/08/10 20:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2007/11/08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2004/08/10 20:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2006/03/03 12:52:30 | 00,192,672 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/06/02 13:59:54 | 00,014,544 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\tvicport.sys -- (tvicport [Auto | Running])
DRV - [2004/12/17 16:14:44 | 00,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2004/08/10 20:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2006/06/12 01:59:46 | 00,727,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2006/06/02 13:59:52 | 00,006,080 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys -- (zntport [Auto | Running])
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/..."
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.msn.com/fr-fr/?ocid=iehp"
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/..."
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/12/15 19:22:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/05/03 13:55:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007/12/22 20:32:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007/12/16 10:51:38 | 00,000,000 | ---D | M]
[2007/12/15 19:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions
[2009/03/13 01:50:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/03/12 22:58:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\leclere guillaume\Application Data\mozilla\Firefox\Profiles\9gdmd4ki.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/04/29 21:34:12 | 00,001,775 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Application Data\Mozilla\FireFox\Profiles\9gdmd4ki.default\searchplugins\live-search.xml
[2009/05/03 13:19:22 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Application Data\Mozilla\FireFox\Profiles\9gdmd4ki.default\searchplugins\winamp-search.xml
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/12/22 20:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\divx@partners.mozilla.com
[2007/12/22 20:32:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org
[2007/02/21 23:13:26 | 00,066,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2007/02/21 23:13:26 | 00,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2007/02/21 23:13:26 | 00,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2007/02/21 23:13:26 | 00,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2007/02/21 23:13:26 | 00,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2007/09/06 19:02:22 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/02/21 23:13:26 | 00,022,664 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/09/06 19:27:54 | 00,001,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2006/06/03 21:11:44 | 00,001,072 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2007/01/17 23:05:32 | 00,002,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2006/09/06 21:56:54 | 00,000,760 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2006/09/13 22:56:36 | 00,001,203 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006/09/11 20:46:50 | 00,000,664 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] \Program Files\Malwarebytes' Anti-Malware\mbamgui.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Exif Launcher 2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 0
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3845184513-808281945-3233116468-1005\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/03 16:57:06 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/06/21 12:16:46 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/05/03 16:57:06 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[1 C:\WINDOWS\*.tmp files]
[2009/07/14 09:56:03 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\odbnipzt.sys
[2009/07/14 09:15:21 | 00,000,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/07/14 09:15:18 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/14 09:15:14 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/14 09:15:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/13 22:02:19 | 00,001,456 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\Ad-remover.lnk
[2009/07/13 20:09:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/07/13 20:08:52 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/07/13 20:08:45 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/07/13 20:08:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\leclere guillaume\Application Data\SUPERAntiSpyware.com
[2009/07/13 18:59:31 | 00,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/07/13 18:59:21 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/07/13 18:59:21 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/07/13 18:59:20 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/07/13 18:59:18 | 00,075,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/13 18:59:15 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/07/13 18:59:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/07/13 17:54:45 | 00,001,296 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\FindyKill.lnk
[2009/07/13 17:54:40 | 00,000,000 | ---D | C] -- C:\FindyKill
[2009/07/13 17:18:56 | 93,760,3072 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/13 17:18:50 | 00,000,000 | -HSD | C] -- C:\FOUND.009
[2009/07/13 16:51:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/07/13 16:46:28 | 00,000,000 | -HSD | C] -- C:\Recycled
[2009/07/13 16:31:14 | 01,571,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfcfiles.dll
[2009/07/13 16:31:14 | 01,054,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kernel32.dll
[2009/07/13 16:31:14 | 01,037,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\explorer.exe
[2009/07/13 16:31:14 | 00,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\mfc40u.dll
[2009/07/13 16:31:14 | 00,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comres.dll
[2009/07/13 16:31:14 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\comctl32.dll
[2009/07/13 16:31:14 | 00,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntmssvc.dll
[2009/07/13 16:31:14 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\rpcss.dll
[2009/07/13 16:31:14 | 00,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\termsrv.dll
[2009/07/13 16:31:14 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\appmgmts.dll
[2009/07/13 16:31:14 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\services.exe
[2009/07/13 16:31:14 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\imm32.dll
[2009/07/13 16:31:14 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\spoolsv.exe
[2009/07/13 16:31:14 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wuauclt.exe
[2009/07/13 16:31:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\msgsvc.dll
[2009/07/13 16:31:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\userinit.exe
[2009/07/13 16:31:14 | 00,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\kbdclass.sys
[2009/07/13 16:31:14 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lpk.dll
[2009/07/13 16:31:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\powrprof.dll
[2009/07/13 16:31:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ctfmon.exe
[2009/07/13 16:31:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\lsass.exe
[2009/07/13 16:31:14 | 00,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\acpiec.sys
[2009/07/13 16:31:14 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\sfc.dll
[2009/07/13 16:31:14 | 00,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\beep.sys
[2009/07/13 16:31:14 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\null.sys
[2009/07/13 16:31:13 | 02,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntoskrnl.exe
[2009/07/13 16:31:13 | 02,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ntkrnlpa.exe
[2009/07/13 16:31:13 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\wininet.dll
[2009/07/13 16:31:13 | 00,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\user32.dll
[2009/07/13 16:31:13 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\winlogon.exe
[2009/07/13 16:31:13 | 00,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\tcpip.sys
[2009/07/13 16:31:13 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ndis.sys
[2009/07/13 16:31:13 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ws2_32.dll
[2009/07/13 16:31:13 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\ip6fw.sys
[2009/07/13 16:31:13 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cache\svchost.exe
[2009/07/13 16:31:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009/07/13 16:22:11 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/07/13 16:22:11 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/07/13 16:22:11 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/07/13 16:22:11 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/07/13 16:22:11 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/07/13 16:22:11 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/07/13 16:22:11 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/07/13 16:22:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/07/13 16:22:00 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/07/13 16:05:12 | 00,000,166 | ---- | C] () -- C:\WINDOWS\System32\Compress.res
[2009/07/13 16:05:05 | 00,000,230 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009/07/13 16:05:03 | 00,000,000 | ---D | C] -- C:\ReimageTmp
[2009/07/13 16:04:36 | 00,001,623 | ---- | C] () -- C:\Documents and Settings\leclere guillaume\Bureau\Reimage Repair.lnk
[2009/07/13 16:04:35 | 00,000,000 | ---D | C] -- C:\rei
[2009/07/13 16:04:27 | 00,000,000 | ---D | C] -- C:\Program Files\Reimage
[2009/07/10 17:42:26 | 00,000,000 | -HSD | C] -- C:\FOUND.008
[2009/07/07 12:24:38 | 00,000,000 | -HSD | C] -- C:\FOUND.007
[2009/07/04 19:48:42 | 00,000,000 | -HSD | C] -- C:\FOUND.006
[2009/07/01 20:09:38 | 00,000,000 | -HSD | C] -- C:\FOUND.005
[2009/06/30 18:19:48 | 00,000,000 | -HSD | C] -- C:\FOUND.004
[2009/06/28 16:38:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\leclere guillaume\Bureau\BisonCam
[2009/06/20 23:14:13 | 00,000,000 | ---D | C] -- C:\Program Files\PokerStars.NET
[2009/06/14 17:46:22 | 00,000,000 | -HSD | C] -- C:\FOUND.003
[2009/05/19 15:05:14 | 01,380,403 | ---- | C] () -- C:\WINDOWS\System32\avgsdk.dll
[2008/03/28 18:41:32 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/01/22 15:57:31 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2007/09/07 19:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/07 19:40:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/06 19:04:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/06 19:01:52 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/17 20:08:33 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/07/10 17:10:12 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006/12/29 11:09:30 | 00,000,018 | ---- | C] () -- C:\WINDOWS\podiomlive.ini
[2006/12/25 18:12:41 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/11 00:09:23 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/06/21 15:17:46 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 12:17:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/06/21 12:16:12 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/06/21 11:45:34 | 00,000,774 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/06/21 11:36:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/05/12 13:50:28 | 00,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2006/04/20 20:03:42 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2006/04/20 20:03:42 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2006/03/10 14:15:44 | 00,036,404 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/02/22 11:20:14 | 00,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2006/02/22 11:20:14 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2005/12/14 20:59:52 | 00,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005/08/05 15:38:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/12/17 16:14:44 | 00,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/10 20:00:00 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001/12/26 15:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[1 C:\WINDOWS\*.tmp files]
[2009/07/14 09:56:04 | 00,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\odbnipzt.sys
[2009/07/14 09:15:22 | 00,000,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/07/14 09:08:32 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/14 09:08:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/14 09:07:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/14 09:07:52 | 93,760,3072 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/14 01:37:18 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/07/13 22:02:20 | 00,001,456 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\Ad-remover.lnk
[2009/07/13 20:08:54 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\SUPERAntiSpyware Free Edition.lnk
[2009/07/13 19:06:52 | 00,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/07/13 18:59:32 | 00,001,759 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk
[2009/07/13 18:55:28 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/07/13 17:55:18 | 00,001,296 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\FindyKill.lnk
[2009/07/13 16:29:52 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/07/13 16:05:14 | 00,000,166 | ---- | M] () -- C:\WINDOWS\System32\Compress.res
[2009/07/13 16:05:08 | 00,000,230 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2009/07/13 16:04:38 | 00,001,623 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Bureau\Reimage Repair.lnk
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/13 12:15:28 | 00,110,080 | ---- | M] () -- C:\Documents and Settings\leclere guillaume\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/10 17:30:58 | 00,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/06/28 16:47:06 | 00,000,774 | ---- | M] () -- C:\WINDOWS\win.ini
< End of report >
Utilisateur anonyme
14 juil. 2009 à 10:35
14 juil. 2009 à 10:35
tu n'as pas coché les cases
fais le passer par cijoint.fr stp
fais le passer par cijoint.fr stp
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
14 juil. 2009 à 10:36
14 juil. 2009 à 10:36
ok je refais ca ,il serait possible que tu me revoit les étapes a suivre
Utilisateur anonyme
14 juil. 2009 à 10:37
14 juil. 2009 à 10:37
bien sur y'a qu'a demander ;)
http://www.commentcamarche.net/forum/affich 13338169 probleme virus?entiere#1
http://www.commentcamarche.net/forum/affich 13338169 probleme virus?entiere#1
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
14 juil. 2009 à 10:43
14 juil. 2009 à 10:43
voila:
http://www.cijoint.fr/cjlink.php?file=cj200907/cijAvzXvpa.txt
http://www.cijoint.fr/cjlink.php?file=cj200907/cijAvzXvpa.txt
Utilisateur anonyme
14 juil. 2009 à 10:57
14 juil. 2009 à 10:57
Télécharge Zeb-Restore http://telechargement.zebulon.fr/zeb-restore.html enregistre ce fichier sur le bureau.
-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.
-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe
- Coche la case devant :sites de confiance
- Ne coche aucune autre case
-Clique sur Restaurer
-Redémarre ton PC
ensuite :
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :
C:\WINDOWS\System32\drivers\odbnipzt.sys
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.
-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe
- Coche la case devant :sites de confiance
- Ne coche aucune autre case
-Clique sur Restaurer
-Redémarre ton PC
ensuite :
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :
C:\WINDOWS\System32\drivers\odbnipzt.sys
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
14 juil. 2009 à 11:21
14 juil. 2009 à 11:21
je ne trouve pas le fichier "odbnipzt.sys" ???
guyyzmo
Messages postés
60
Date d'inscription
dimanche 3 mai 2009
Statut
Membre
Dernière intervention
22 février 2010
14 juil. 2009 à 11:26
14 juil. 2009 à 11:26
oui et dans le doute je vien meme de recommnercer et je ne le trouve tjr pas
