Virus Desktop security 2010
Fermé
gege89
Messages postés
286
Date d'inscription
vendredi 7 novembre 2008
Statut
Membre
Dernière intervention
8 novembre 2013
-
4 mai 2010 à 22:57
wallphone - 6 sept. 2010 à 14:31
wallphone - 6 sept. 2010 à 14:31
A voir également:
- Virus Desktop security 2010
- Security health systray ✓ - Forum Windows 10
- Microsoft security essentials - Télécharger - Antivirus & Antimalwares
- Instagram desktop - Télécharger - Divers Communication
- Clé activation office 2010 gratuit - Télécharger - Sécurité
- Account-security-noreply@ accountprotection.microsoft.com fake ✓ - Forum Hotmail / Outlook.com
8 réponses
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
4 mai 2010 à 23:07
4 mai 2010 à 23:07
Bonsoir
Ton rapport n'est pas complet
Mais commence tout de m^me par ceci
◊◊◊ Télécharge Malwarebytes ◊◊◊
Une aide pour l'installation
http://www.swl1f.net/viewtopic.php?f=14&t=68
♦ Installe le
♦ Lance malwarebytes
♦ Coche "Exécuter un examen complet"
♦ Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
♦ Clique sur Supprimer la sélection
♦ Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
♦ Fait copier coller et poste le rapport
Utiliser https://www.cjoint.com/ pour poster les rapports.
Merci
Ensuite
◊◊◊ Télécharge OTL sur ton Bureau. ◊◊◊
♦ Double-clique sur l'icône pour le lancer. Assure toi que toutes les autres fenêtres de Windows soient fermées et de le laisser travailler.
♦ Lorsque la fenêtre apparaît, cochez Rapport minimal sous Rapport en haut de la fenêtre.
♦ Coche les cases Recherche Lop et Recherche purity. en bas de la fenêtre:
♦ Sous la zone Personnalisation, copie/colle ceci :
♦Clique sur le bouton Run Scan. Ne chance aucun paramètre si on ne te l'a pas demandé. L'analyse prendra peu de temps.
♦ Une fois l'analyse terminée, cela ouvrira deux fenêtres du Bloc-notes Windows : OTL.txt et Extras.txt. Ils sont sauvegardés au même endroit que OtL.
♦ Copie/colle (Éditer -> Sélectionner Tout, Éditer -> Copier) le contenu des deux fichiers ici, un par message stp.
Ton rapport n'est pas complet
Mais commence tout de m^me par ceci
◊◊◊ Télécharge Malwarebytes ◊◊◊
Une aide pour l'installation
http://www.swl1f.net/viewtopic.php?f=14&t=68
♦ Installe le
♦ Lance malwarebytes
♦ Coche "Exécuter un examen complet"
♦ Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
♦ Clique sur Supprimer la sélection
♦ Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
♦ Fait copier coller et poste le rapport
Utiliser https://www.cjoint.com/ pour poster les rapports.
Merci
Ensuite
◊◊◊ Télécharge OTL sur ton Bureau. ◊◊◊
♦ Double-clique sur l'icône pour le lancer. Assure toi que toutes les autres fenêtres de Windows soient fermées et de le laisser travailler.
♦ Lorsque la fenêtre apparaît, cochez Rapport minimal sous Rapport en haut de la fenêtre.
♦ Coche les cases Recherche Lop et Recherche purity. en bas de la fenêtre:
♦ Sous la zone Personnalisation, copie/colle ceci :
netsvcs %SYSTEMDRIVE%\*.exe /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys cdrom.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\*. /mp /s CREATERESTOREPOINT
♦Clique sur le bouton Run Scan. Ne chance aucun paramètre si on ne te l'a pas demandé. L'analyse prendra peu de temps.
♦ Une fois l'analyse terminée, cela ouvrira deux fenêtres du Bloc-notes Windows : OTL.txt et Extras.txt. Ils sont sauvegardés au même endroit que OtL.
♦ Copie/colle (Éditer -> Sélectionner Tout, Éditer -> Copier) le contenu des deux fichiers ici, un par message stp.
gege89
Messages postés
286
Date d'inscription
vendredi 7 novembre 2008
Statut
Membre
Dernière intervention
8 novembre 2013
104
4 mai 2010 à 23:17
4 mai 2010 à 23:17
J'ai supprimé
" O4 - HKCU\..\Run: [Desktop Security 2010] "D:\Documents and Settings\JEANNETFOOT\Application Data\Desktop Security 2010\Desktop Security 2010.exe" /STARTUP
O4 - HKCU\..\Run: [SecurityCenter] D:\Documents and Settings\JEANNETFOOT\Application Data\Desktop Security 2010\securitycenter.exe "
j'ai plus le pb, mais je vais faire tes tests, ça va prendre du temps malwarebytes, pas avant minuit
" O4 - HKCU\..\Run: [Desktop Security 2010] "D:\Documents and Settings\JEANNETFOOT\Application Data\Desktop Security 2010\Desktop Security 2010.exe" /STARTUP
O4 - HKCU\..\Run: [SecurityCenter] D:\Documents and Settings\JEANNETFOOT\Application Data\Desktop Security 2010\securitycenter.exe "
j'ai plus le pb, mais je vais faire tes tests, ça va prendre du temps malwarebytes, pas avant minuit
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
4 mai 2010 à 23:53
4 mai 2010 à 23:53
Si tu veux que t'aide je te déconseille de supprimer des choses toi même car je ne serais plus ou j'en suis et cela va devenir très difficile.
Malwarebytes va faire un premier ménages mais ils faudra bien évidemment le rapport pour surveiller ce qui vire, ensuite le diag de ton PC pour le reste des infections.
@+ :)
Malwarebytes va faire un premier ménages mais ils faudra bien évidemment le rapport pour surveiller ce qui vire, ensuite le diag de ton PC pour le reste des infections.
@+ :)
gege89
Messages postés
286
Date d'inscription
vendredi 7 novembre 2008
Statut
Membre
Dernière intervention
8 novembre 2013
104
5 mai 2010 à 00:01
5 mai 2010 à 00:01
je l'ai fait avant que tu me reponds, mais la ça scan malwarebytes
gege89
Messages postés
286
Date d'inscription
vendredi 7 novembre 2008
Statut
Membre
Dernière intervention
8 novembre 2013
104
5 mai 2010 à 02:41
5 mai 2010 à 02:41
http://cjoint.com/data/ffcOWp68Ha.htm
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
5 mai 2010 à 21:16
5 mai 2010 à 21:16
Bonjour,
Il faut le rapport de OTL
Il faut le rapport de OTL
j'ai reussi avec ad-aware, il faut trouver ou se trouve le dossier,
C:\Documents and Settings\propriaitaire\Application Data\desktop security 2010
clic droit, analyse avec ad-aware, ensuite mettre le tout a la corbeille.
bon surf bye!
C:\Documents and Settings\propriaitaire\Application Data\desktop security 2010
clic droit, analyse avec ad-aware, ensuite mettre le tout a la corbeille.
bon surf bye!
OTL logfile created on: 06/09/2010 13:59:20 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
991,00 Mb Total Physical Memory | 264,00 Mb Available Physical Memory | 27,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 17,43 Gb Free Space | 46,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SERVEUR
Current User Name: Serveur
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - C:\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Serveur\Local Settings\Temp\Google Toolbar\gtb176.tmp.exe (Google Inc.)
PRC - C:\MOBILYSIM\MOBILYNE\MeR_me_PcRetailer.exe (MOBILYSIM)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ytbb.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Data-Concept\Cyberlux Serveur 7 Fusion\Cyberlux.exe (Data-Concept)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\MOBILYSIM\MOBILYNE\MeR_me_PcRetailer_Launcher.exe (MOBILYSIM)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\CL10 Evolution\CL10W.exe (Jusan S.A.)
PRC - C:\Program Files\CL10 Evolution\CL10AudioCodes.exe (Jusan S.A.)
PRC - C:\Program Files\Hercules\Deluxe Optical Glass\CamService.exe (Guillemot Corporation S.A.)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
[color=#E56717]========== Modules (SafeList) ==========/color
MOD - C:\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll (RealPlayer)
MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - (MySQLS1) -- E:\UniServer\usr\local\mysql\bin\mysqld-opt.exe File not found
SRV - (ApacheS1) -- E:\UniServer\usr\local\apache2\bin\Apache.exe File not found
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (EpsonCustomerResearchParticipation) -- C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (hwinterface) -- C:\WINDOWS\system32\drivers\hwinterface.sys (Buzz)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (camfilt2) -- C:\WINDOWS\system32\drivers\camfilt2.sys (Guillemot Corporation)
DRV - (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (aksusb) -- C:\WINDOWS\system32\drivers\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshasp) -- C:\WINDOWS\system32\drivers\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (seckeys) -- C:\WINDOWS\System32\drivers\SECKEYS.sys ()
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ftp://ftp.mobilysim.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/30 11:31:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/22 12:16:20 | 000,000,000 | ---D | M]
[2009/12/26 11:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Extensions
[2010/08/29 19:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Firefox\Profiles\ef1drq3p.default\extensions
[2009/12/27 10:54:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Firefox\Profiles\ef1drq3p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/26 11:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/22 12:16:12 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/08/22 12:16:12 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/22 12:16:12 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/08/22 12:16:12 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/08/22 12:16:12 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2001/10/02 18:16:28 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe (Guillemot Corporation S.A.)
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Desktop Security] C:\Documents and Settings\Serveur\Application Data\Desktop Security\Desktop Security 2010.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunServices: [0.9820823744860736] c:\docume~1\serveur\locals~1\temp\0.9820823744860736.exe File not found
O4 - HKLM..\RunServices: [GRDPCr2KissDNDecoder] c:\program files\epson software\easy photo print\imgplugin\cameraplugin2\p0000011\genericepson.exe File not found
O4 - HKLM..\RunServices: [GRDPE1Decoder] c:\program files\epson software\easy photo print\imgplugin\cameraplugin2\p0000003\genericgrdpe12.0.2.0.exe File not found
O4 - HKLM..\RunServices: [MicrosoftRMicrosoftR] c:\program files\fichiers communs\microsoft shared\office11\1033\msxml5rmsxml.exe File not found
O4 - HKLM..\RunServices: [nouvelleConnexion] c:\program files\microsoft office\office10\1036\dataservices\connexiondonnes.exe File not found
O4 - HKLM..\RunServices: [QuickTimeQuickTime] c:\program files\quicktime\qtsystem\quicktime.resources\ru.lproj\quicktimequicktime.exe File not found
O4 - HKLM..\RunServices: [QuickTimeResourcesQuickTimeResources] c:\program files\quicktime\qtsystem\quicktimeimage.resources\zh_tw.lproj\quicktimeresourcesquicktimeresources.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local)
O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet local)
O16 - DPF: {50DC58D0-C870-4BE6-BC41-971ED2D5F022} http://www.super-messenger.fr/tab/HookWlmEx.cab (HookWlmEx Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\google\google~3\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Serveur\ctfmon.exe) - C:\Documents and Settings\Serveur\ctfmon.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - .rnd ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/19 01:34:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0b88cfce-f204-11de-b2a9-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{1c28e705-22c4-11df-b2ec-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{4e1fc612-7834-11de-b206-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{4e1fc612-7834-11de-b206-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{5c8a46ed-b26e-11de-b252-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5c8a46ed-b26e-11de-b252-00b0c40088fa}\Shell\OpEN\cOMMaND - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{65828834-9a22-11de-b233-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{7a0ab12c-4ecd-11df-b32c-00b0c40088fa}\Shell\AutoRun\command - "" = E:\
O33 - MountPoints2\{7a0ab12c-4ecd-11df-b32c-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{809dc3d1-194b-11df-b2e0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{809dc3d2-194b-11df-b2e0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{9395b562-b59c-11de-b256-00b0c40088fa}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9395b562-b59c-11de-b256-00b0c40088fa}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\AutoRun\command - "" = E:\UDRI\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\explore\command - "" = E:\UDRI\\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\open\command - "" = E:\UDRI\\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9cf38558-39b8-11df-b30f-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{aa7c2b38-30e5-11df-b302-00b0c40088fa}\Shell\AutoRun\command - "" = E:\k1d.exe -- File not found
O33 - MountPoints2\{aa7c2b38-30e5-11df-b302-00b0c40088fa}\Shell\open\Command - "" = E:\k1d.exe -- File not found
O33 - MountPoints2\{af8c397a-a079-11df-b398-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{af8c397a-a079-11df-b398-00b0c40088fa}\Shell\open\Command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\explore\Command - "" = C:\WINDOWS\explorer.exe -- [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\help\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\install\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\Open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\readme\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\Run\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\uninstall\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{d91764f2-b369-11df-b3b0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{d91764f2-b369-11df-b3b0-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{dff3a030-ce94-11dd-b0f6-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{dff3a030-ce94-11dd-b0f6-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e426fc3b-da69-11de-b28a-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{e54fff70-80d2-11de-b212-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{e54fff70-80d2-11de-b212-00b0c40088fa}\Shell\open\Command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fa346c34-ac03-11de-b24a-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\AuToPlAy\cOmmaND - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\ExPLoRe\COmmaNd - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\oPEN\commANd - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fea8f6cf-90b2-11df-b384-00b0c40088fa}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{fea8f6cf-90b2-11df-b384-00b0c40088fa}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Unable to start service SrService!
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2010/09/06 13:56:41 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2010/09/06 11:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Application Data\Malwarebytes
[2010/09/06 11:56:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/06 11:56:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/06 11:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/06 11:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/06 11:29:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/09/06 11:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Bureau\lyne v1
[2010/09/04 18:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Application Data\Desktop Security
[2008/12/19 02:13:20 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008/12/19 02:13:20 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2010/09/06 14:02:10 | 000,003,471 | ---- | M] () -- C:\WINDOWS\CL102K.INI
[2010/09/06 13:54:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010/09/06 13:46:09 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\oksyx.sys
[2010/09/06 13:27:14 | 000,001,041 | ---- | M] () -- C:\WINDOWS\COSTE2.INI
[2010/09/06 13:14:02 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-884357618-682003330-1003UA.job
[2010/09/06 12:25:24 | 000,001,876 | ---- | M] () -- C:\WINDOWS\COSTE1.INI
[2010/09/06 11:57:39 | 000,000,900 | ---- | M] () -- C:\WINDOWS\COSTE3.INI
[2010/09/06 11:57:00 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/06 11:44:00 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mobilyne.lnk
[2010/09/06 11:24:54 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\Serveur\NTUSER.DAT
[2010/09/06 09:50:38 | 000,000,032 | ---- | M] () -- C:\WINDOWS\JUSLNG.INI
[2010/09/06 09:05:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/09/06 09:01:46 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/06 09:00:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/06 09:00:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/05 22:05:14 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Serveur\ntuser.ini
[2010/09/05 22:05:01 | 029,682,304 | -H-- | M] () -- C:\Documents and Settings\Serveur\Local Settings\Application Data\IconCache.db
[2010/09/05 14:14:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-884357618-682003330-1003Core.job
[2010/09/03 17:55:49 | 000,063,181 | ---- | M] () -- C:\Documents and Settings\Serveur\Bureau\32452_135776676433185_100000025611065_390633_3944468_n.jpg
[2010/08/27 11:11:34 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Serveur\Mes documents\classeur.xls
[2010/08/21 09:14:29 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Serveur\Bureau\Google Chrome.lnk
[2010/08/21 09:14:29 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Serveur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/16 13:40:23 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Serveur\Mes documents\semaine.xls
[2010/08/14 09:00:42 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/13 22:12:42 | 000,000,584 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/13 22:11:15 | 001,059,530 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/13 22:11:15 | 000,503,988 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/08/13 22:11:15 | 000,435,710 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/13 22:11:15 | 000,081,974 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/08/13 22:11:15 | 000,068,606 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2010/09/06 13:46:09 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\oksyx.sys
[2010/09/06 11:57:00 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/06 11:28:38 | 000,002,287 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mobilyne.lnk
[2010/09/03 17:56:37 | 000,063,181 | ---- | C] () -- C:\Documents and Settings\Serveur\Bureau\32452_135776676433185_100000025611065_390633_3944468_n.jpg
[2010/08/27 10:44:06 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Serveur\Mes documents\classeur.xls
[2009/07/15 11:08:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\INPOUT32.DLL
[2009/07/15 11:08:15 | 000,003,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\SECKEYS.sys
[2009/07/15 11:02:18 | 000,003,471 | ---- | C] () -- C:\WINDOWS\CL102K.INI
[2009/05/06 12:14:19 | 000,000,076 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2009/05/06 12:14:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\RPCS.ini
[2009/04/27 14:43:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/04/27 14:42:05 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEBX300DEFGIPS.ini
[2009/04/15 10:50:24 | 000,000,311 | ---- | C] () -- C:\WINDOWS\SoftWriting.ini
[2009/04/13 12:35:27 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/04/13 12:35:27 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/01/16 20:40:23 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Serveur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 13:39:27 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2008/12/19 19:03:42 | 000,001,244 | ---- | C] () -- C:\WINDOWS\COSTE4.INI
[2008/12/19 18:22:26 | 000,001,251 | ---- | C] () -- C:\WINDOWS\COSTE5.INI
[2008/12/19 16:47:44 | 000,000,900 | ---- | C] () -- C:\WINDOWS\COSTE3.INI
[2008/12/19 16:33:39 | 000,001,876 | ---- | C] () -- C:\WINDOWS\COSTE1.INI
[2008/12/19 16:30:46 | 000,001,041 | ---- | C] () -- C:\WINDOWS\COSTE2.INI
[2008/12/19 02:25:28 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/19 02:13:20 | 000,015,478 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008/12/19 02:01:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\JUSLNG.INI
[2008/12/19 01:51:59 | 000,000,052 | ---- | C] () -- C:\WINDOWS\WIN32C.INI
[2008/12/19 01:51:54 | 000,001,122 | ---- | C] () -- C:\WINDOWS\CYBERLUX.INI
[2008/12/19 01:01:52 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[color=#E56717]========== LOP Check ==========/color
[2009/07/15 10:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/04/27 14:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/04/02 10:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2008/12/19 02:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2009/01/02 15:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/04/27 14:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009/01/02 15:47:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2010/09/06 11:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Desktop Security
[2009/12/23 14:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\EPSON
[2010/02/10 14:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Facebook
[2009/11/14 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\live-player
[2010/02/05 14:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\TeamViewer
[2009/01/02 15:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\TuneUp Software
[2008/12/21 21:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\uTorrent
[2009/01/30 21:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Windows Live Writer
[2010/09/06 09:05:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[color=#E56717]========== Purity Check ==========/color
[color=#E56717]========== Custom Scans ==========/color
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >/color
[2010/09/06 13:54:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >/color
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >/color
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >/color
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >/color
[2004/08/19 16:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: NETLOGON.DLL >/color
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/19 16:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >/color
[2004/08/19 16:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >/color
< End of report >
OTL by OldTimer - Version 3.2.11.0 Folder = C:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
991,00 Mb Total Physical Memory | 264,00 Mb Available Physical Memory | 27,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 17,43 Gb Free Space | 46,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SERVEUR
Current User Name: Serveur
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - C:\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Serveur\Local Settings\Temp\Google Toolbar\gtb176.tmp.exe (Google Inc.)
PRC - C:\MOBILYSIM\MOBILYNE\MeR_me_PcRetailer.exe (MOBILYSIM)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ytbb.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Data-Concept\Cyberlux Serveur 7 Fusion\Cyberlux.exe (Data-Concept)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\MOBILYSIM\MOBILYNE\MeR_me_PcRetailer_Launcher.exe (MOBILYSIM)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\CL10 Evolution\CL10W.exe (Jusan S.A.)
PRC - C:\Program Files\CL10 Evolution\CL10AudioCodes.exe (Jusan S.A.)
PRC - C:\Program Files\Hercules\Deluxe Optical Glass\CamService.exe (Guillemot Corporation S.A.)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
[color=#E56717]========== Modules (SafeList) ==========/color
MOD - C:\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll (RealPlayer)
MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - (MySQLS1) -- E:\UniServer\usr\local\mysql\bin\mysqld-opt.exe File not found
SRV - (ApacheS1) -- E:\UniServer\usr\local\apache2\bin\Apache.exe File not found
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (EpsonCustomerResearchParticipation) -- C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (hwinterface) -- C:\WINDOWS\system32\drivers\hwinterface.sys (Buzz)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (camfilt2) -- C:\WINDOWS\system32\drivers\camfilt2.sys (Guillemot Corporation)
DRV - (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (aksusb) -- C:\WINDOWS\system32\drivers\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshasp) -- C:\WINDOWS\system32\drivers\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (seckeys) -- C:\WINDOWS\System32\drivers\SECKEYS.sys ()
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ftp://ftp.mobilysim.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/30 11:31:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/22 12:16:20 | 000,000,000 | ---D | M]
[2009/12/26 11:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Extensions
[2010/08/29 19:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Firefox\Profiles\ef1drq3p.default\extensions
[2009/12/27 10:54:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Firefox\Profiles\ef1drq3p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/26 11:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/22 12:16:12 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/08/22 12:16:12 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/22 12:16:12 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/08/22 12:16:12 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/08/22 12:16:12 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2001/10/02 18:16:28 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe (Guillemot Corporation S.A.)
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Desktop Security] C:\Documents and Settings\Serveur\Application Data\Desktop Security\Desktop Security 2010.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunServices: [0.9820823744860736] c:\docume~1\serveur\locals~1\temp\0.9820823744860736.exe File not found
O4 - HKLM..\RunServices: [GRDPCr2KissDNDecoder] c:\program files\epson software\easy photo print\imgplugin\cameraplugin2\p0000011\genericepson.exe File not found
O4 - HKLM..\RunServices: [GRDPE1Decoder] c:\program files\epson software\easy photo print\imgplugin\cameraplugin2\p0000003\genericgrdpe12.0.2.0.exe File not found
O4 - HKLM..\RunServices: [MicrosoftRMicrosoftR] c:\program files\fichiers communs\microsoft shared\office11\1033\msxml5rmsxml.exe File not found
O4 - HKLM..\RunServices: [nouvelleConnexion] c:\program files\microsoft office\office10\1036\dataservices\connexiondonnes.exe File not found
O4 - HKLM..\RunServices: [QuickTimeQuickTime] c:\program files\quicktime\qtsystem\quicktime.resources\ru.lproj\quicktimequicktime.exe File not found
O4 - HKLM..\RunServices: [QuickTimeResourcesQuickTimeResources] c:\program files\quicktime\qtsystem\quicktimeimage.resources\zh_tw.lproj\quicktimeresourcesquicktimeresources.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local)
O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet local)
O16 - DPF: {50DC58D0-C870-4BE6-BC41-971ED2D5F022} http://www.super-messenger.fr/tab/HookWlmEx.cab (HookWlmEx Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\google\google~3\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Serveur\ctfmon.exe) - C:\Documents and Settings\Serveur\ctfmon.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - .rnd ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/19 01:34:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0b88cfce-f204-11de-b2a9-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{1c28e705-22c4-11df-b2ec-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{4e1fc612-7834-11de-b206-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{4e1fc612-7834-11de-b206-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{5c8a46ed-b26e-11de-b252-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5c8a46ed-b26e-11de-b252-00b0c40088fa}\Shell\OpEN\cOMMaND - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{65828834-9a22-11de-b233-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{7a0ab12c-4ecd-11df-b32c-00b0c40088fa}\Shell\AutoRun\command - "" = E:\
O33 - MountPoints2\{7a0ab12c-4ecd-11df-b32c-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{809dc3d1-194b-11df-b2e0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{809dc3d2-194b-11df-b2e0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{9395b562-b59c-11de-b256-00b0c40088fa}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9395b562-b59c-11de-b256-00b0c40088fa}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\AutoRun\command - "" = E:\UDRI\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\explore\command - "" = E:\UDRI\\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\open\command - "" = E:\UDRI\\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9cf38558-39b8-11df-b30f-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{aa7c2b38-30e5-11df-b302-00b0c40088fa}\Shell\AutoRun\command - "" = E:\k1d.exe -- File not found
O33 - MountPoints2\{aa7c2b38-30e5-11df-b302-00b0c40088fa}\Shell\open\Command - "" = E:\k1d.exe -- File not found
O33 - MountPoints2\{af8c397a-a079-11df-b398-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{af8c397a-a079-11df-b398-00b0c40088fa}\Shell\open\Command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\explore\Command - "" = C:\WINDOWS\explorer.exe -- [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\help\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\install\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\Open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\readme\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\Run\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\uninstall\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{d91764f2-b369-11df-b3b0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{d91764f2-b369-11df-b3b0-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{dff3a030-ce94-11dd-b0f6-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{dff3a030-ce94-11dd-b0f6-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e426fc3b-da69-11de-b28a-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{e54fff70-80d2-11de-b212-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{e54fff70-80d2-11de-b212-00b0c40088fa}\Shell\open\Command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fa346c34-ac03-11de-b24a-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\AuToPlAy\cOmmaND - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\ExPLoRe\COmmaNd - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\oPEN\commANd - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fea8f6cf-90b2-11df-b384-00b0c40088fa}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{fea8f6cf-90b2-11df-b384-00b0c40088fa}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Unable to start service SrService!
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2010/09/06 13:56:41 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2010/09/06 11:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Application Data\Malwarebytes
[2010/09/06 11:56:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/06 11:56:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/06 11:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/06 11:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/06 11:29:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/09/06 11:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Bureau\lyne v1
[2010/09/04 18:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Application Data\Desktop Security
[2008/12/19 02:13:20 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008/12/19 02:13:20 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2010/09/06 14:02:10 | 000,003,471 | ---- | M] () -- C:\WINDOWS\CL102K.INI
[2010/09/06 13:54:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010/09/06 13:46:09 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\oksyx.sys
[2010/09/06 13:27:14 | 000,001,041 | ---- | M] () -- C:\WINDOWS\COSTE2.INI
[2010/09/06 13:14:02 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-884357618-682003330-1003UA.job
[2010/09/06 12:25:24 | 000,001,876 | ---- | M] () -- C:\WINDOWS\COSTE1.INI
[2010/09/06 11:57:39 | 000,000,900 | ---- | M] () -- C:\WINDOWS\COSTE3.INI
[2010/09/06 11:57:00 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/06 11:44:00 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mobilyne.lnk
[2010/09/06 11:24:54 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\Serveur\NTUSER.DAT
[2010/09/06 09:50:38 | 000,000,032 | ---- | M] () -- C:\WINDOWS\JUSLNG.INI
[2010/09/06 09:05:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/09/06 09:01:46 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/06 09:00:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/06 09:00:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/05 22:05:14 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Serveur\ntuser.ini
[2010/09/05 22:05:01 | 029,682,304 | -H-- | M] () -- C:\Documents and Settings\Serveur\Local Settings\Application Data\IconCache.db
[2010/09/05 14:14:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-884357618-682003330-1003Core.job
[2010/09/03 17:55:49 | 000,063,181 | ---- | M] () -- C:\Documents and Settings\Serveur\Bureau\32452_135776676433185_100000025611065_390633_3944468_n.jpg
[2010/08/27 11:11:34 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Serveur\Mes documents\classeur.xls
[2010/08/21 09:14:29 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Serveur\Bureau\Google Chrome.lnk
[2010/08/21 09:14:29 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Serveur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/16 13:40:23 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Serveur\Mes documents\semaine.xls
[2010/08/14 09:00:42 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/13 22:12:42 | 000,000,584 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/13 22:11:15 | 001,059,530 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/13 22:11:15 | 000,503,988 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/08/13 22:11:15 | 000,435,710 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/13 22:11:15 | 000,081,974 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/08/13 22:11:15 | 000,068,606 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2010/09/06 13:46:09 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\oksyx.sys
[2010/09/06 11:57:00 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/06 11:28:38 | 000,002,287 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mobilyne.lnk
[2010/09/03 17:56:37 | 000,063,181 | ---- | C] () -- C:\Documents and Settings\Serveur\Bureau\32452_135776676433185_100000025611065_390633_3944468_n.jpg
[2010/08/27 10:44:06 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Serveur\Mes documents\classeur.xls
[2009/07/15 11:08:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\INPOUT32.DLL
[2009/07/15 11:08:15 | 000,003,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\SECKEYS.sys
[2009/07/15 11:02:18 | 000,003,471 | ---- | C] () -- C:\WINDOWS\CL102K.INI
[2009/05/06 12:14:19 | 000,000,076 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2009/05/06 12:14:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\RPCS.ini
[2009/04/27 14:43:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/04/27 14:42:05 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEBX300DEFGIPS.ini
[2009/04/15 10:50:24 | 000,000,311 | ---- | C] () -- C:\WINDOWS\SoftWriting.ini
[2009/04/13 12:35:27 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/04/13 12:35:27 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/01/16 20:40:23 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Serveur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 13:39:27 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2008/12/19 19:03:42 | 000,001,244 | ---- | C] () -- C:\WINDOWS\COSTE4.INI
[2008/12/19 18:22:26 | 000,001,251 | ---- | C] () -- C:\WINDOWS\COSTE5.INI
[2008/12/19 16:47:44 | 000,000,900 | ---- | C] () -- C:\WINDOWS\COSTE3.INI
[2008/12/19 16:33:39 | 000,001,876 | ---- | C] () -- C:\WINDOWS\COSTE1.INI
[2008/12/19 16:30:46 | 000,001,041 | ---- | C] () -- C:\WINDOWS\COSTE2.INI
[2008/12/19 02:25:28 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/19 02:13:20 | 000,015,478 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008/12/19 02:01:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\JUSLNG.INI
[2008/12/19 01:51:59 | 000,000,052 | ---- | C] () -- C:\WINDOWS\WIN32C.INI
[2008/12/19 01:51:54 | 000,001,122 | ---- | C] () -- C:\WINDOWS\CYBERLUX.INI
[2008/12/19 01:01:52 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[color=#E56717]========== LOP Check ==========/color
[2009/07/15 10:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/04/27 14:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/04/02 10:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2008/12/19 02:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2009/01/02 15:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/04/27 14:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009/01/02 15:47:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2010/09/06 11:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Desktop Security
[2009/12/23 14:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\EPSON
[2010/02/10 14:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Facebook
[2009/11/14 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\live-player
[2010/02/05 14:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\TeamViewer
[2009/01/02 15:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\TuneUp Software
[2008/12/21 21:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\uTorrent
[2009/01/30 21:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Windows Live Writer
[2010/09/06 09:05:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[color=#E56717]========== Purity Check ==========/color
[color=#E56717]========== Custom Scans ==========/color
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >/color
[2010/09/06 13:54:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >/color
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >/color
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >/color
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >/color
[2004/08/19 16:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: NETLOGON.DLL >/color
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/19 16:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >/color
[2004/08/19 16:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >/color
< End of report >
bonjour ep44
j'ai suivi ttes les etapes et voila ce ke je trouve
avec un grand merci
OTL logfile created on: 06/09/2010 13:59:20 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
991,00 Mb Total Physical Memory | 264,00 Mb Available Physical Memory | 27,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 17,43 Gb Free Space | 46,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SERVEUR
Current User Name: Serveur
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Serveur\Local Settings\Temp\Google Toolbar\gtb176.tmp.exe (Google Inc.)
PRC - C:\MOBILYSIM\MOBILYNE\MeR_me_PcRetailer.exe (MOBILYSIM)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ytbb.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Data-Concept\Cyberlux Serveur 7 Fusion\Cyberlux.exe (Data-Concept)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\MOBILYSIM\MOBILYNE\MeR_me_PcRetailer_Launcher.exe (MOBILYSIM)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\CL10 Evolution\CL10W.exe (Jusan S.A.)
PRC - C:\Program Files\CL10 Evolution\CL10AudioCodes.exe (Jusan S.A.)
PRC - C:\Program Files\Hercules\Deluxe Optical Glass\CamService.exe (Guillemot Corporation S.A.)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - C:\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll (RealPlayer)
MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - (MySQLS1) -- E:\UniServer\usr\local\mysql\bin\mysqld-opt.exe File not found
SRV - (ApacheS1) -- E:\UniServer\usr\local\apache2\bin\Apache.exe File not found
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (EpsonCustomerResearchParticipation) -- C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (hwinterface) -- C:\WINDOWS\system32\drivers\hwinterface.sys (Buzz)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (camfilt2) -- C:\WINDOWS\system32\drivers\camfilt2.sys (Guillemot Corporation)
DRV - (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (aksusb) -- C:\WINDOWS\system32\drivers\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshasp) -- C:\WINDOWS\system32\drivers\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (seckeys) -- C:\WINDOWS\System32\drivers\SECKEYS.sys ()
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ftp://ftp.mobilysim.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/30 11:31:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/22 12:16:20 | 000,000,000 | ---D | M]
[2009/12/26 11:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Extensions
[2010/08/29 19:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Firefox\Profiles\ef1drq3p.default\extensions
[2009/12/27 10:54:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Firefox\Profiles\ef1drq3p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/26 11:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/22 12:16:12 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/08/22 12:16:12 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/22 12:16:12 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/08/22 12:16:12 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/08/22 12:16:12 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2001/10/02 18:16:28 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe (Guillemot Corporation S.A.)
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Desktop Security] C:\Documents and Settings\Serveur\Application Data\Desktop Security\Desktop Security 2010.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunServices: [0.9820823744860736] c:\docume~1\serveur\locals~1\temp\0.9820823744860736.exe File not found
O4 - HKLM..\RunServices: [GRDPCr2KissDNDecoder] c:\program files\epson software\easy photo print\imgplugin\cameraplugin2\p0000011\genericepson.exe File not found
O4 - HKLM..\RunServices: [GRDPE1Decoder] c:\program files\epson software\easy photo print\imgplugin\cameraplugin2\p0000003\genericgrdpe12.0.2.0.exe File not found
O4 - HKLM..\RunServices: [MicrosoftRMicrosoftR] c:\program files\fichiers communs\microsoft shared\office11\1033\msxml5rmsxml.exe File not found
O4 - HKLM..\RunServices: [nouvelleConnexion] c:\program files\microsoft office\office10\1036\dataservices\connexiondonnes.exe File not found
O4 - HKLM..\RunServices: [QuickTimeQuickTime] c:\program files\quicktime\qtsystem\quicktime.resources\ru.lproj\quicktimequicktime.exe File not found
O4 - HKLM..\RunServices: [QuickTimeResourcesQuickTimeResources] c:\program files\quicktime\qtsystem\quicktimeimage.resources\zh_tw.lproj\quicktimeresourcesquicktimeresources.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local)
O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet local)
O16 - DPF: {50DC58D0-C870-4BE6-BC41-971ED2D5F022} http://www.super-messenger.fr/tab/HookWlmEx.cab (HookWlmEx Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\google\google~3\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Serveur\ctfmon.exe) - C:\Documents and Settings\Serveur\ctfmon.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - .rnd ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/19 01:34:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0b88cfce-f204-11de-b2a9-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{1c28e705-22c4-11df-b2ec-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{4e1fc612-7834-11de-b206-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{4e1fc612-7834-11de-b206-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{5c8a46ed-b26e-11de-b252-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5c8a46ed-b26e-11de-b252-00b0c40088fa}\Shell\OpEN\cOMMaND - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{65828834-9a22-11de-b233-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{7a0ab12c-4ecd-11df-b32c-00b0c40088fa}\Shell\AutoRun\command - "" = E:\
O33 - MountPoints2\{7a0ab12c-4ecd-11df-b32c-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{809dc3d1-194b-11df-b2e0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{809dc3d2-194b-11df-b2e0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{9395b562-b59c-11de-b256-00b0c40088fa}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9395b562-b59c-11de-b256-00b0c40088fa}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\AutoRun\command - "" = E:\UDRI\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\explore\command - "" = E:\UDRI\\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\open\command - "" = E:\UDRI\\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9cf38558-39b8-11df-b30f-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{aa7c2b38-30e5-11df-b302-00b0c40088fa}\Shell\AutoRun\command - "" = E:\k1d.exe -- File not found
O33 - MountPoints2\{aa7c2b38-30e5-11df-b302-00b0c40088fa}\Shell\open\Command - "" = E:\k1d.exe -- File not found
O33 - MountPoints2\{af8c397a-a079-11df-b398-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{af8c397a-a079-11df-b398-00b0c40088fa}\Shell\open\Command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\explore\Command - "" = C:\WINDOWS\explorer.exe -- [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\help\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\install\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\Open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\readme\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\Run\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\uninstall\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{d91764f2-b369-11df-b3b0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{d91764f2-b369-11df-b3b0-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{dff3a030-ce94-11dd-b0f6-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{dff3a030-ce94-11dd-b0f6-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e426fc3b-da69-11de-b28a-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{e54fff70-80d2-11de-b212-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{e54fff70-80d2-11de-b212-00b0c40088fa}\Shell\open\Command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fa346c34-ac03-11de-b24a-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\AuToPlAy\cOmmaND - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\ExPLoRe\COmmaNd - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\oPEN\commANd - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fea8f6cf-90b2-11df-b384-00b0c40088fa}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{fea8f6cf-90b2-11df-b384-00b0c40088fa}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Unable to start service SrService!
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010/09/06 13:56:41 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2010/09/06 11:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Application Data\Malwarebytes
[2010/09/06 11:56:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/06 11:56:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/06 11:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/06 11:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/06 11:29:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/09/06 11:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Bureau\lyne v1
[2010/09/04 18:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Application Data\Desktop Security
[2008/12/19 02:13:20 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008/12/19 02:13:20 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010/09/06 14:02:10 | 000,003,471 | ---- | M] () -- C:\WINDOWS\CL102K.INI
[2010/09/06 13:54:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010/09/06 13:46:09 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\oksyx.sys
[2010/09/06 13:27:14 | 000,001,041 | ---- | M] () -- C:\WINDOWS\COSTE2.INI
[2010/09/06 13:14:02 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-884357618-682003330-1003UA.job
[2010/09/06 12:25:24 | 000,001,876 | ---- | M] () -- C:\WINDOWS\COSTE1.INI
[2010/09/06 11:57:39 | 000,000,900 | ---- | M] () -- C:\WINDOWS\COSTE3.INI
[2010/09/06 11:57:00 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/06 11:44:00 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mobilyne.lnk
[2010/09/06 11:24:54 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\Serveur\NTUSER.DAT
[2010/09/06 09:50:38 | 000,000,032 | ---- | M] () -- C:\WINDOWS\JUSLNG.INI
[2010/09/06 09:05:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/09/06 09:01:46 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/06 09:00:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/06 09:00:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/05 22:05:14 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Serveur\ntuser.ini
[2010/09/05 22:05:01 | 029,682,304 | -H-- | M] () -- C:\Documents and Settings\Serveur\Local Settings\Application Data\IconCache.db
[2010/09/05 14:14:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-884357618-682003330-1003Core.job
[2010/09/03 17:55:49 | 000,063,181 | ---- | M] () -- C:\Documents and Settings\Serveur\Bureau\32452_135776676433185_100000025611065_390633_3944468_n.jpg
[2010/08/27 11:11:34 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Serveur\Mes documents\classeur.xls
[2010/08/21 09:14:29 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Serveur\Bureau\Google Chrome.lnk
[2010/08/21 09:14:29 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Serveur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/16 13:40:23 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Serveur\Mes documents\semaine.xls
[2010/08/14 09:00:42 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/13 22:12:42 | 000,000,584 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/13 22:11:15 | 001,059,530 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/13 22:11:15 | 000,503,988 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/08/13 22:11:15 | 000,435,710 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/13 22:11:15 | 000,081,974 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/08/13 22:11:15 | 000,068,606 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010/09/06 13:46:09 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\oksyx.sys
[2010/09/06 11:57:00 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/06 11:28:38 | 000,002,287 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mobilyne.lnk
[2010/09/03 17:56:37 | 000,063,181 | ---- | C] () -- C:\Documents and Settings\Serveur\Bureau\32452_135776676433185_100000025611065_390633_3944468_n.jpg
[2010/08/27 10:44:06 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Serveur\Mes documents\classeur.xls
[2009/07/15 11:08:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\INPOUT32.DLL
[2009/07/15 11:08:15 | 000,003,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\SECKEYS.sys
[2009/07/15 11:02:18 | 000,003,471 | ---- | C] () -- C:\WINDOWS\CL102K.INI
[2009/05/06 12:14:19 | 000,000,076 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2009/05/06 12:14:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\RPCS.ini
[2009/04/27 14:43:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/04/27 14:42:05 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEBX300DEFGIPS.ini
[2009/04/15 10:50:24 | 000,000,311 | ---- | C] () -- C:\WINDOWS\SoftWriting.ini
[2009/04/13 12:35:27 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/04/13 12:35:27 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/01/16 20:40:23 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Serveur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 13:39:27 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2008/12/19 19:03:42 | 000,001,244 | ---- | C] () -- C:\WINDOWS\COSTE4.INI
[2008/12/19 18:22:26 | 000,001,251 | ---- | C] () -- C:\WINDOWS\COSTE5.INI
[2008/12/19 16:47:44 | 000,000,900 | ---- | C] () -- C:\WINDOWS\COSTE3.INI
[2008/12/19 16:33:39 | 000,001,876 | ---- | C] () -- C:\WINDOWS\COSTE1.INI
[2008/12/19 16:30:46 | 000,001,041 | ---- | C] () -- C:\WINDOWS\COSTE2.INI
[2008/12/19 02:25:28 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/19 02:13:20 | 000,015,478 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008/12/19 02:01:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\JUSLNG.INI
[2008/12/19 01:51:59 | 000,000,052 | ---- | C] () -- C:\WINDOWS\WIN32C.INI
[2008/12/19 01:51:54 | 000,001,122 | ---- | C] () -- C:\WINDOWS\CYBERLUX.INI
[2008/12/19 01:01:52 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[color=#E56717]========== LOP Check ==========[/color]
[2009/07/15 10:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/04/27 14:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/04/02 10:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2008/12/19 02:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2009/01/02 15:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/04/27 14:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009/01/02 15:47:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2010/09/06 11:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Desktop Security
[2009/12/23 14:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\EPSON
[2010/02/10 14:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Facebook
[2009/11/14 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\live-player
[2010/02/05 14:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\TeamViewer
[2009/01/02 15:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\TuneUp Software
[2008/12/21 21:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\uTorrent
[2009/01/30 21:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Windows Live Writer
[2010/09/06 09:05:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2010/09/06 13:54:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004/08/19 16:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/19 16:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2004/08/19 16:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
< End of report >
le 2 eme et un peu plus haut
merci
j'ai suivi ttes les etapes et voila ce ke je trouve
avec un grand merci
OTL logfile created on: 06/09/2010 13:59:20 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
991,00 Mb Total Physical Memory | 264,00 Mb Available Physical Memory | 27,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 17,43 Gb Free Space | 46,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SERVEUR
Current User Name: Serveur
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Serveur\Local Settings\Temp\Google Toolbar\gtb176.tmp.exe (Google Inc.)
PRC - C:\MOBILYSIM\MOBILYNE\MeR_me_PcRetailer.exe (MOBILYSIM)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ytbb.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Data-Concept\Cyberlux Serveur 7 Fusion\Cyberlux.exe (Data-Concept)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\MOBILYSIM\MOBILYNE\MeR_me_PcRetailer_Launcher.exe (MOBILYSIM)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\CL10 Evolution\CL10W.exe (Jusan S.A.)
PRC - C:\Program Files\CL10 Evolution\CL10AudioCodes.exe (Jusan S.A.)
PRC - C:\Program Files\Hercules\Deluxe Optical Glass\CamService.exe (Guillemot Corporation S.A.)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - C:\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll (RealPlayer)
MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - (MySQLS1) -- E:\UniServer\usr\local\mysql\bin\mysqld-opt.exe File not found
SRV - (ApacheS1) -- E:\UniServer\usr\local\apache2\bin\Apache.exe File not found
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (EpsonCustomerResearchParticipation) -- C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (hwinterface) -- C:\WINDOWS\system32\drivers\hwinterface.sys (Buzz)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (camfilt2) -- C:\WINDOWS\system32\drivers\camfilt2.sys (Guillemot Corporation)
DRV - (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (aksusb) -- C:\WINDOWS\system32\drivers\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshasp) -- C:\WINDOWS\system32\drivers\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (seckeys) -- C:\WINDOWS\System32\drivers\SECKEYS.sys ()
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ftp://ftp.mobilysim.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/30 11:31:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/22 12:16:20 | 000,000,000 | ---D | M]
[2009/12/26 11:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Extensions
[2010/08/29 19:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Firefox\Profiles\ef1drq3p.default\extensions
[2009/12/27 10:54:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Serveur\Application Data\Mozilla\Firefox\Profiles\ef1drq3p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/26 11:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/22 12:16:12 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/08/22 12:16:12 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/22 12:16:12 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/08/22 12:16:12 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/08/22 12:16:12 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2001/10/02 18:16:28 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe (Guillemot Corporation S.A.)
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Desktop Security] C:\Documents and Settings\Serveur\Application Data\Desktop Security\Desktop Security 2010.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunServices: [0.9820823744860736] c:\docume~1\serveur\locals~1\temp\0.9820823744860736.exe File not found
O4 - HKLM..\RunServices: [GRDPCr2KissDNDecoder] c:\program files\epson software\easy photo print\imgplugin\cameraplugin2\p0000011\genericepson.exe File not found
O4 - HKLM..\RunServices: [GRDPE1Decoder] c:\program files\epson software\easy photo print\imgplugin\cameraplugin2\p0000003\genericgrdpe12.0.2.0.exe File not found
O4 - HKLM..\RunServices: [MicrosoftRMicrosoftR] c:\program files\fichiers communs\microsoft shared\office11\1033\msxml5rmsxml.exe File not found
O4 - HKLM..\RunServices: [nouvelleConnexion] c:\program files\microsoft office\office10\1036\dataservices\connexiondonnes.exe File not found
O4 - HKLM..\RunServices: [QuickTimeQuickTime] c:\program files\quicktime\qtsystem\quicktime.resources\ru.lproj\quicktimequicktime.exe File not found
O4 - HKLM..\RunServices: [QuickTimeResourcesQuickTimeResources] c:\program files\quicktime\qtsystem\quicktimeimage.resources\zh_tw.lproj\quicktimeresourcesquicktimeresources.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local)
O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet local)
O16 - DPF: {50DC58D0-C870-4BE6-BC41-971ED2D5F022} http://www.super-messenger.fr/tab/HookWlmEx.cab (HookWlmEx Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\google\google~3\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Serveur\ctfmon.exe) - C:\Documents and Settings\Serveur\ctfmon.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - .rnd ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/19 01:34:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0b88cfce-f204-11de-b2a9-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{0c0e1e32-5277-11de-b1ce-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{1c28e705-22c4-11df-b2ec-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{41666d59-438d-11de-b1ba-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{4e1fc612-7834-11de-b206-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{4e1fc612-7834-11de-b206-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{5c8a46ed-b26e-11de-b252-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5c8a46ed-b26e-11de-b252-00b0c40088fa}\Shell\OpEN\cOMMaND - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{5e505134-d030-11dd-b0fd-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{65828834-9a22-11de-b233-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{7a0ab12c-4ecd-11df-b32c-00b0c40088fa}\Shell\AutoRun\command - "" = E:\
O33 - MountPoints2\{7a0ab12c-4ecd-11df-b32c-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{809dc3d1-194b-11df-b2e0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{809dc3d2-194b-11df-b2e0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{9395b562-b59c-11de-b256-00b0c40088fa}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9395b562-b59c-11de-b256-00b0c40088fa}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\AutoRun\command - "" = E:\UDRI\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\explore\command - "" = E:\UDRI\\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9a5f71c2-5a9b-11df-b33c-00b0c40088fa}\Shell\open\command - "" = E:\UDRI\\\\\\MUJO.exe -- File not found
O33 - MountPoints2\{9cf38558-39b8-11df-b30f-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{aa7c2b38-30e5-11df-b302-00b0c40088fa}\Shell\AutoRun\command - "" = E:\k1d.exe -- File not found
O33 - MountPoints2\{aa7c2b38-30e5-11df-b302-00b0c40088fa}\Shell\open\Command - "" = E:\k1d.exe -- File not found
O33 - MountPoints2\{af8c397a-a079-11df-b398-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{af8c397a-a079-11df-b398-00b0c40088fa}\Shell\open\Command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\explore\Command - "" = C:\WINDOWS\explorer.exe -- [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\help\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\install\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\Open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\readme\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\Run\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{b63d21eb-ab58-11de-b249-00b0c40088fa}\Shell\uninstall\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\explore\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{bdc13ac2-37e5-11df-b30d-00b0c40088fa}\Shell\open\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{d91764f2-b369-11df-b3b0-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{d91764f2-b369-11df-b3b0-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{dff3a030-ce94-11dd-b0f6-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{dff3a030-ce94-11dd-b0f6-00b0c40088fa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e426fc3b-da69-11de-b28a-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{e54fff70-80d2-11de-b212-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{e54fff70-80d2-11de-b212-00b0c40088fa}\Shell\open\Command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fa346c34-ac03-11de-b24a-00b0c40088fa}\Shell - "" = AutoRun
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\AuToPlAy\cOmmaND - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\AutoRun\command - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\ExPLoRe\COmmaNd - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fc8dca9b-20ff-11de-b18c-00b0c40088fa}\Shell\oPEN\commANd - "" = .rnd -- [2010/04/02 10:20:54 | 000,001,024 | ---- | M] ()
O33 - MountPoints2\{fea8f6cf-90b2-11df-b384-00b0c40088fa}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{fea8f6cf-90b2-11df-b384-00b0c40088fa}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Unable to start service SrService!
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010/09/06 13:56:41 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2010/09/06 11:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Application Data\Malwarebytes
[2010/09/06 11:56:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/06 11:56:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/06 11:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/06 11:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/06 11:29:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/09/06 11:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Bureau\lyne v1
[2010/09/04 18:23:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Serveur\Application Data\Desktop Security
[2008/12/19 02:13:20 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008/12/19 02:13:20 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010/09/06 14:02:10 | 000,003,471 | ---- | M] () -- C:\WINDOWS\CL102K.INI
[2010/09/06 13:54:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010/09/06 13:46:09 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\oksyx.sys
[2010/09/06 13:27:14 | 000,001,041 | ---- | M] () -- C:\WINDOWS\COSTE2.INI
[2010/09/06 13:14:02 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-884357618-682003330-1003UA.job
[2010/09/06 12:25:24 | 000,001,876 | ---- | M] () -- C:\WINDOWS\COSTE1.INI
[2010/09/06 11:57:39 | 000,000,900 | ---- | M] () -- C:\WINDOWS\COSTE3.INI
[2010/09/06 11:57:00 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/06 11:44:00 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mobilyne.lnk
[2010/09/06 11:24:54 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\Serveur\NTUSER.DAT
[2010/09/06 09:50:38 | 000,000,032 | ---- | M] () -- C:\WINDOWS\JUSLNG.INI
[2010/09/06 09:05:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/09/06 09:01:46 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/06 09:00:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/06 09:00:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/05 22:05:14 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Serveur\ntuser.ini
[2010/09/05 22:05:01 | 029,682,304 | -H-- | M] () -- C:\Documents and Settings\Serveur\Local Settings\Application Data\IconCache.db
[2010/09/05 14:14:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-884357618-682003330-1003Core.job
[2010/09/03 17:55:49 | 000,063,181 | ---- | M] () -- C:\Documents and Settings\Serveur\Bureau\32452_135776676433185_100000025611065_390633_3944468_n.jpg
[2010/08/27 11:11:34 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Serveur\Mes documents\classeur.xls
[2010/08/21 09:14:29 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Serveur\Bureau\Google Chrome.lnk
[2010/08/21 09:14:29 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Serveur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/16 13:40:23 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Serveur\Mes documents\semaine.xls
[2010/08/14 09:00:42 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/13 22:12:42 | 000,000,584 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/13 22:11:15 | 001,059,530 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/13 22:11:15 | 000,503,988 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/08/13 22:11:15 | 000,435,710 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/13 22:11:15 | 000,081,974 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/08/13 22:11:15 | 000,068,606 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010/09/06 13:46:09 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\oksyx.sys
[2010/09/06 11:57:00 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/09/06 11:28:38 | 000,002,287 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mobilyne.lnk
[2010/09/03 17:56:37 | 000,063,181 | ---- | C] () -- C:\Documents and Settings\Serveur\Bureau\32452_135776676433185_100000025611065_390633_3944468_n.jpg
[2010/08/27 10:44:06 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Serveur\Mes documents\classeur.xls
[2009/07/15 11:08:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\INPOUT32.DLL
[2009/07/15 11:08:15 | 000,003,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\SECKEYS.sys
[2009/07/15 11:02:18 | 000,003,471 | ---- | C] () -- C:\WINDOWS\CL102K.INI
[2009/05/06 12:14:19 | 000,000,076 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2009/05/06 12:14:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\RPCS.ini
[2009/04/27 14:43:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/04/27 14:42:05 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEBX300DEFGIPS.ini
[2009/04/15 10:50:24 | 000,000,311 | ---- | C] () -- C:\WINDOWS\SoftWriting.ini
[2009/04/13 12:35:27 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/04/13 12:35:27 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/01/16 20:40:23 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Serveur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 13:39:27 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2008/12/19 19:03:42 | 000,001,244 | ---- | C] () -- C:\WINDOWS\COSTE4.INI
[2008/12/19 18:22:26 | 000,001,251 | ---- | C] () -- C:\WINDOWS\COSTE5.INI
[2008/12/19 16:47:44 | 000,000,900 | ---- | C] () -- C:\WINDOWS\COSTE3.INI
[2008/12/19 16:33:39 | 000,001,876 | ---- | C] () -- C:\WINDOWS\COSTE1.INI
[2008/12/19 16:30:46 | 000,001,041 | ---- | C] () -- C:\WINDOWS\COSTE2.INI
[2008/12/19 02:25:28 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/19 02:13:20 | 000,015,478 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008/12/19 02:01:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\JUSLNG.INI
[2008/12/19 01:51:59 | 000,000,052 | ---- | C] () -- C:\WINDOWS\WIN32C.INI
[2008/12/19 01:51:54 | 000,001,122 | ---- | C] () -- C:\WINDOWS\CYBERLUX.INI
[2008/12/19 01:01:52 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[color=#E56717]========== LOP Check ==========[/color]
[2009/07/15 10:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/04/27 14:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/04/02 10:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2008/12/19 02:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2009/01/02 15:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/04/27 14:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009/01/02 15:47:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2010/09/06 11:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Desktop Security
[2009/12/23 14:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\EPSON
[2010/02/10 14:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Facebook
[2009/11/14 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\live-player
[2010/02/05 14:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\TeamViewer
[2009/01/02 15:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\TuneUp Software
[2008/12/21 21:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\uTorrent
[2009/01/30 21:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Serveur\Application Data\Windows Live Writer
[2010/09/06 09:05:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2010/09/06 13:54:13 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2006/01/09 13:34:20 | 022,340,735 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/12/21 14:54:12 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004/08/19 16:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/19 16:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2004/08/19 16:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
< End of report >
le 2 eme et un peu plus haut
merci
