Mon PC rame énormément !!!

Résolu
petitefleursxm -  
Patdam73 Messages postés 271 Statut Membre -
Bonjour,

depuis quelques semaines, mon PC rame vraiment, c'est une vraie galère pour ouvrir les dossiers, les pages internet... tout quoi ! et là, c'est vraiment de pire en pire !!
quelqu'un pourrait-il m'aider à nettoyer mon ordi, à voir ce qui ne fonctionne pas correctement ou bien s'il est infecté ?
Merci d'avance pour votre aide

41 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Le ralentissement du PC et l'ouverture lente des dossiers et des pages web posent une problématique de performance et potentielle infection, nécessitant un diagnostic et des étapes de nettoyage.
Plusieurs solutions ont été évoquées, notamment ZHPDiag et ZHPFix pour analyser et nettoyer les modifications système, RogueKiller pour les processus malveillants et le fichier hosts, et UsbFix pour les supports amovibles.
Dans ce contexte Windows XP et Internet Explorer 7 peuvent limiter les mises à jour et influencer l’efficacité des outils de nettoyage, et les rapports montrent éléments persistants dans le registre et le fichier hosts.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Patdam73 Messages postés 271 Statut Membre 13
     
    Bonjour

    On va analyser ton pc pour voir ce qu'il se passe :

    ZHPDiag

    [*] Télécharge zhpdiag
    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html (de Nicolas Coolman) sur ton bureau.

    [*] Double clique sur ZHPDiag.exe pour lancer l'installation.

    Note :
    Pour Vista et Windows 7 faites un clic droit sur l'icône et sélectionnez Exécuter en tant qu'administrateur.

    [*] Laisse toi guider pour l'installation et coche bien la case proposant la création d'un raccourci sur le bureau.
    Note :
    2 nouvelles icônes sont maintenant sur ton bureau : ZHPDiag et ZHPFix.

    [*] Double clique sur ZHPDiag pour lancer l'exécution.
    Note :
    Pour Vista et Windows 7 faites un clic droit sur l'icône et sélectionnez Exécuter en tant qu'administrateur.

    [*] Clique sur la loupe pour lancer l'analyse et patiente jusqu'à la fin de celle ci.

    [*] Le rapport a été crée sur ton bureau (ZHPDiag.txt)
    [b]Note :
    Le rapport étant trop long pour le forum, héberge le sur http://www.cijoint.fr

    [*] Copie et colle le lien dans ta prochaine réponse.

    @+
    1
  2. petitefleursxm
     
    je n'arrive pas à télécharger ZHPDiag !!!!
    0
  3. petitefleursxm
     
    j'ai téléchargé d'après ce lien. j'ai fais enregistrer sur mon bureau, qd je clic sur l'icône de ZHPDiage, un petit écan noir s'affiche puis disparaît !!!
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. Patdam73 Messages postés 271 Statut Membre 13
     
    Es tu sur une session administrateur ?

    Si tu as vista ou seven, fais un clic droit sur l'icone et sélectionne Exécuter en tant qu'administrateur
    0
  6. petitefleursxm
     
    je suis désolée, rien ne fonctionne !!!
    on peut essayer un autre logiciel ?
    0
  7. Patdam73 Messages postés 271 Statut Membre 13
     
    On va essayer avec OTL

    [*] télécharge OTL sur ton bureau

    http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

    [*] Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    [*] Coche Lop Check et Purity check
    [*] Dans la case Personnalisation (en bas), copie/colle ceci

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    cdrom.sys
    disk.sys
    ndis.sys
    mountmgr.sys
    win32k.sys
    storport.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT


    [*] Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.

    [*] A la fin du scan, deux rapports s'ouvriront (OTL.Txt et Extras.Txt). Copie/colle ici l'ensemble des rapports.
    PS : Les rapport sont aussi enregistrés sur le bureau
    0
  8. Patdam73 Messages postés 271 Statut Membre 13
     
    Faut que j'y aille, je repasse ce soir :)
    0
  9. petitefleursxm
     
    ok pas de problème, voici le 1er rapport :

    OTL Extras logfile created on: 17/02/2011 10:45:59 - Run 1
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrateur\Bureau
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.11)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    893,00 Mb Total Physical Memory | 285,00 Mb Available Physical Memory | 32,00% Memory free
    2,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
    Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 152,66 Gb Total Space | 133,28 Gb Free Space | 87,31% Space Free | Partition Type: NTFS

    Computer Name: ANGELO-182A37F5 | User Name: Administrateur | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Extra Registry (SafeList) ==========/color

    [color=#E56717]========== File Associations ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
    .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
    .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()

    [color=#E56717]========== Shell Spawning ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [Find.Target] -- "explorer.exe" /select,"%1" (Microsoft Corporation)
    Directory [Ouvrir une console ici] -- cmd.exe /k cd %1 (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [color=#E56717]========== Security Center Settings ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AntiVirusDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallDisableNotify" = 0
    "FirewallOverride" = 0
    "FirstRunDisabled" = 1
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    [color=#E56717]========== System Restore Settings ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    [color=#E56717]========== Firewall Settings ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

    [color=#E56717]========== Authorized Applications List ==========/color

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe" = C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
    "C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)

    [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00000000-785F-478A-BAA2-87F1A136068C}" = MSN Encarta Plus Support Files
    "{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
    "{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
    "{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar)
    "{0D959BD2-2BA9-418B-963B-7B4D1297C512}" = Messenger Live Connector
    "{0E576432-F357-41BA-AFAC-68266ED05418}" = Ciel Compta Evolution 5.40
    "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
    "{109AB81D-9732-40B3-9C1F-113A86CE6F93}" = Canon MP Navigator 1.0
    "{10FD4A86-EE87-4352-AAFE-EC9E4BAFA811}" = Cutting Plotter Controller
    "{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
    "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{364D6096-D93A-4CB4-8D06-22434CF57A16}" = PCLTool Program (Pilot)
    "{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3FF1D786-F94F-4EB4-9841-0D43835509E9}" = Graphtec CE5000 User's Manual
    "{3FF3DD04-F386-46B0-97FC-B86238B65487}" = Canon MP Drivers 6.0
    "{3FF41EF4-417C-4944-B97B-86E8C25F6C9D}" = PCLTool SDK
    "{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Visionneuse Journal Windows Microsoft
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}" = Easy CD & DVD Creator 6
    "{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
    "{4F1CECBC-670F-4daa-81D6-944B12450917}" = DIGReqEx
    "{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photorécit 3 pour Windows
    "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
    "{5783F2D7-0065-0410-0000-0060B0CE6BBA}" = AutoCAD LT 2000i - Italiano
    "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
    "{5BA1D11C-B981-4CAA-B2B5-B8ADF413EBA5}" = Pure Networks Platform
    "{5BE42A03-E7B8-42A9-B1BB-FC48B03D58B8}" = Presto! PageManager 6.01
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{5E174BF8-3871-4037-9A6F-B38FA2B78D1A}" = Microsoft Office Outlook Connector pour MSN
    "{5F753314-628E-4C13-B8AE-BFA7FD514CBE}" = D-Link Wireless G DWA-110
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{747D1B34-A1FC-4EF3-A6AE-E86F39CEFDE5}" = Roxio Easy Media Creator 7 Basic DVD Edition
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
    "{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
    "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{838A1BC9-95CA-4880-9BE3-2A7D23600A2B}" = Macromedia Shockwave Player
    "{88CC9ACB-0D5D-4285-A5CB-6A28B3CB6CF5}" = ROBO Master-Pro
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
    "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
    "{9F7FC79B-3059-4264-9450-39EB368E3220}" = Picture IT! Album Microsoft 9
    "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{AC76BA86-7AD7-1036-7B44-A70000000000}" = Adobe Reader 7.0 - Français
    "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
    "{af6131fc-32da-45ea-a1e7-fe634f8f2722}.sdb" = SignBlazer5.5 XP buttons
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}" = MediaBar
    "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CD97C166-020E-415A-98D2-2D89DD9D68F0}" = Mise à jour de logiciel pour les Dossiers Web
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
    "{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
    "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
    "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
    "{DBA8B9E1-C6FF-4624-9598-73D3B41A0900}" = Microsoft Picture It! Express 9
    "{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{E916E61F-DE9D-4EAF-91E1-CEB50016326A}" = Navigation par onglets (Windows Live Toolbar)
    "{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
    "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
    "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "AnswerWorks 3.0" = AnswerWorks Runtime
    "Application d'impression KODAK" = Application d'impression KODAK
    "Art Explosion Portfolio Browser" = Art Explosion Portfolio Browser
    "ATI Display Driver" = ATI Display Driver
    "Autodesk DWF Viewer" = Autodesk DWF Viewer
    "CANONIJPLM100" = PIXMA Extended Survey Program
    "CCleaner" = CCleaner
    "Creative PD0620" = Creative WebCam Instant Driver (1.01.02.0729)
    "DVD Region-Free_is1" = DVD Region-Free 3.25
    "EPSON NX300 Series" = Désinstallation de l'imprimante EPSON NX300 Series
    "EPSON Scanner" = EPSON Scan
    "EZface ActiveX" = EZface ActiveX 208
    "FTDICOMM" = FTDI USB Serial Converter Drivers
    "greenstreet Font Manager" = greenstreet Font Manager
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "MediaNavigation.CDLabelPrint" = CD-LabelPrint
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    "MSC" = McAfee SecurityCenter
    "MSNINST" = MSN
    "Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
    "Network MagicUninstall" = Network Magic
    "PictureIt_POD_v9" = Picture IT! Album Microsoft 9
    "PictureIt_v9" = Microsoft Picture It! Express 9
    "SB_Demo_ID_is1" = SignBlazer5.5 Demo release 5.5.62
    "SB_JSI_Elements_ID_is1" = SignBlazer Elements for JSI Systems release 5.5.62
    "WGCDeinstKey" = Ciel gestion Commerciale pour Windows
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format Runtime
    "Windows Media Player" = Lecteur Windows Media 10
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Archiveur WinRAR
    "WMCSetup" = Windows Media Connect
    "Yahoo! Companion" = Yahoo! Toolbar
    "Yahoo! Customizations" = Yahoo! extra
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Search Defender" = Yahoo! Search Protection
    "ZHPFix_is1" = ZHPFix 1.12

    [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========/color

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Facebook Plug-In" = Facebook Plug-In
    "Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

    [color=#E56717]========== Last 10 Event Log Errors ==========/color

    [ Application Events ]
    Error - 15/02/2011 10:43:24 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 485
    Description = wuauclt (1724) Une tentative de suppression du dossier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
    a échoué en indiquant l'erreur système 1392 (0x00000570) : "Le fichier ou le répertoire
    est endommagé et illisible. ". L'opération de suppression de dossier échouera en
    indiquant l'erreur -1022 (0xfffffc02).

    Error - 15/02/2011 10:43:24 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 490
    Description = wuauclt (1724) Une tentative d'ouverture du fichier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
    pour accès en lecture/écriture a échoué en indiquant l'erreur système 1392 (0x00000570)
    : "Le fichier ou le répertoire est endommagé et illisible. ". L'opération d'ouverture
    de fichier échouera en indiquant l'erreur -1022 (0xfffffc02).

    Error - 15/02/2011 10:43:24 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 439
    Description = wuauclt (1724) Impossible d'écrire un en-tête de sauvegarde pour le
    fichier C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb. Erreur -1022.

    Error - 15/02/2011 10:43:25 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 485
    Description = wuauclt (3884) Une tentative de suppression du dossier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
    a échoué en indiquant l'erreur système 1392 (0x00000570) : "Le fichier ou le répertoire
    est endommagé et illisible. ". L'opération de suppression de dossier échouera en
    indiquant l'erreur -1022 (0xfffffc02).

    Error - 15/02/2011 10:43:25 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 490
    Description = wuauclt (3884) Une tentative d'ouverture du fichier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
    pour accès en lecture/écriture a échoué en indiquant l'erreur système 1392 (0x00000570)
    : "Le fichier ou le répertoire est endommagé et illisible. ". L'opération d'ouverture
    de fichier échouera en indiquant l'erreur -1022 (0xfffffc02).

    Error - 15/02/2011 10:43:25 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 439
    Description = wuauclt (3884) Impossible d'écrire un en-tête de sauvegarde pour le
    fichier C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb. Erreur -1022.

    Error - 15/02/2011 10:43:26 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 485
    Description = wuauclt (1176) Une tentative de suppression du dossier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
    a échoué en indiquant l'erreur système 1392 (0x00000570) : "Le fichier ou le répertoire
    est endommagé et illisible. ". L'opération de suppression de dossier échouera en
    indiquant l'erreur -1022 (0xfffffc02).

    Error - 15/02/2011 10:43:26 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 490
    Description = wuauclt (1176) Une tentative d'ouverture du fichier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
    pour accès en lecture/écriture a échoué en indiquant l'erreur système 1392 (0x00000570)
    : "Le fichier ou le répertoire est endommagé et illisible. ". L'opération d'ouverture
    de fichier échouera en indiquant l'erreur -1022 (0xfffffc02).

    Error - 15/02/2011 10:43:26 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 439
    Description = wuauclt (1176) Impossible d'écrire un en-tête de sauvegarde pour le
    fichier C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb. Erreur -1022.

    Error - 15/02/2011 10:43:27 | Computer Name = ANGELO-182A37F5 | Source = ESENT | ID = 485
    Description = wuauclt (464) Une tentative de suppression du dossier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
    a échoué en indiquant l'erreur système 1392 (0x00000570) : "Le fichier ou le répertoire
    est endommagé et illisible. ". L'opération de suppression de dossier échouera en
    indiquant l'erreur -1022 (0xfffffc02).

    [ System Events ]
    Error - 19/01/2011 08:06:08 | Computer Name = ANGELO-182A37F5 | Source = Service Control Manager | ID = 7000
    Description = Le service Aide et support n'a pas pu démarrer en raison de l'erreur :
    %%1083

    Error - 19/01/2011 08:06:08 | Computer Name = ANGELO-182A37F5 | Source = Service Control Manager | ID = 7000
    Description = Le service Centre de sécurité n'a pas pu démarrer en raison de l'erreur :
    %%1083

    Error - 19/01/2011 08:06:44 | Computer Name = ANGELO-182A37F5 | Source = DCOM | ID = 10010
    Description = Le serveur {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 20/01/2011 08:08:55 | Computer Name = ANGELO-182A37F5 | Source = DCOM | ID = 10010
    Description = Le serveur {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 20/01/2011 08:09:45 | Computer Name = ANGELO-182A37F5 | Source = DCOM | ID = 10010
    Description = Le serveur {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 20/01/2011 08:09:56 | Computer Name = ANGELO-182A37F5 | Source = Service Control Manager | ID = 7000
    Description = Le service Protocole IrDA n'a pas pu démarrer en raison de l'erreur :
    %%2

    Error - 20/01/2011 08:09:56 | Computer Name = ANGELO-182A37F5 | Source = Service Control Manager | ID = 7001
    Description = Le service Moniteur infrarouge dépend du service Protocole IrDA qui
    n'a pas pu démarrer en raison de l'erreur : %%2

    Error - 20/01/2011 08:09:56 | Computer Name = ANGELO-182A37F5 | Source = Service Control Manager | ID = 7000
    Description = Le service Aide et support n'a pas pu démarrer en raison de l'erreur :
    %%1083

    Error - 20/01/2011 08:09:56 | Computer Name = ANGELO-182A37F5 | Source = Service Control Manager | ID = 7000
    Description = Le service Centre de sécurité n'a pas pu démarrer en raison de l'erreur :
    %%1083

    Error - 20/01/2011 08:10:40 | Computer Name = ANGELO-182A37F5 | Source = DCOM | ID = 10010
    Description = Le serveur {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    < End of report >
    0
  10. petitefleursxm
     
    et le 2 ème :

    OTL logfile created on: 17/02/2011 10:45:59 - Run 1
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrateur\Bureau
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.11)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    893,00 Mb Total Physical Memory | 285,00 Mb Available Physical Memory | 32,00% Memory free
    2,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
    Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 152,66 Gb Total Space | 133,28 Gb Free Space | 87,31% Space Free | Partition Type: NTFS

    Computer Name: ANGELO-182A37F5 | User Name: Administrateur | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Processes (SafeList) ==========[/color]

    PRC - [2011/02/17 10:42:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
    PRC - [2010/12/06 09:52:47 | 000,049,152 | ---- | M] (Vaio Way) -- C:\Documents and Settings\Administrateur\Application Data\mstduvt.exe
    PRC - [2010/11/22 18:15:16 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
    PRC - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe
    PRC - [2010/10/13 22:28:54 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe
    PRC - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
    PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe
    PRC - [2009/04/07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe
    PRC - [2009/04/07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmctxth.exe
    PRC - [2009/02/23 09:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    PRC - [2009/02/06 18:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
    PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    PRC - [2008/01/22 01:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIEJA.EXE
    PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
    PRC - [2004/08/28 09:00:00 | 001,789,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2003/05/08 06:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe

    [color=#E56717]========== Modules (SafeList) ==========[/color]

    MOD - [2011/02/17 10:42:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
    MOD - [2007/03/13 16:02:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
    MOD - [2003/05/08 06:00:46 | 000,159,744 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\OpHookSE2.dll

    [color=#E56717]========== Win32 Services (SafeList) ==========[/color]

    SRV - File not found [Auto | Stopped] -- -- (Irmon)
    SRV - File not found [Disabled | Stopped] -- -- (gusvc)
    SRV - File not found [On_Demand | Stopped] -- -- (aspnet_state)
    SRV - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe -- (mfefire)
    SRV - [2010/10/13 22:28:54 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Fichiers communs\McAfee\SystemCore\\mcshield.exe -- (McShield)
    SRV - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
    SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
    SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
    SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
    SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
    SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
    SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
    SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
    SRV - [2009/04/07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
    SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2007/04/13 03:20:22 | 000,097,432 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
    SRV - [2007/01/19 11:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Disabled | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
    SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
    SRV - [2006/10/18 21:58:00 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)
    SRV - [2005/09/22 10:01:54 | 000,053,248 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)

    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV - [2010/10/13 22:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
    DRV - [2010/10/13 22:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
    DRV - [2010/10/13 22:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
    DRV - [2010/10/13 22:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
    DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
    DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
    DRV - [2010/10/13 22:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
    DRV - [2010/10/13 22:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
    DRV - [2010/10/13 22:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
    DRV - [2010/10/13 22:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
    DRV - [2009/12/16 16:27:00 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
    DRV - [2009/12/16 16:26:58 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2009/12/16 16:26:56 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2009/09/04 01:46:07 | 000,045,056 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
    DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
    DRV - [2009/04/07 15:33:08 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
    DRV - [2009/04/07 15:33:08 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
    DRV - [2008/10/30 23:38:08 | 004,942,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2008/09/10 22:52:48 | 006,047,904 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
    DRV - [2008/01/15 21:50:52 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
    DRV - [2007/09/28 23:05:59 | 002,456,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2007/05/12 16:39:32 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
    DRV - [2006/08/14 09:09:48 | 000,083,200 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2005/06/23 17:34:40 | 000,291,456 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
    DRV - [2005/06/23 17:34:08 | 000,024,320 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
    DRV - [2005/06/23 17:27:54 | 000,024,960 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
    DRV - [2005/06/23 17:25:04 | 000,044,288 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
    DRV - [2005/06/23 17:24:58 | 000,141,184 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
    DRV - [2005/06/23 17:21:22 | 000,202,496 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Udfreadr.sys -- (UDFReadr)
    DRV - [2005/06/23 17:20:18 | 000,023,808 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
    DRV - [2005/06/23 17:08:36 | 000,117,760 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
    DRV - [2005/03/03 23:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
    DRV - [2005/01/07 11:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
    DRV - [2004/08/28 09:00:00 | 000,210,224 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531)
    DRV - [2004/08/28 09:00:00 | 000,208,688 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5)
    DRV - [2004/08/28 09:00:00 | 000,202,032 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5)
    DRV - [2004/08/28 09:00:00 | 000,076,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124)
    DRV - [2004/08/28 09:00:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132)
    DRV - [2004/08/28 09:00:00 | 000,069,296 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
    DRV - [2004/08/28 09:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
    DRV - [2004/08/03 17:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
    DRV - [2004/07/29 01:14:22 | 000,091,577 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P0620Vid.sys -- (PD0620VID)
    DRV - [2003/11/30 22:54:20 | 000,043,136 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
    DRV - [2003/11/11 01:09:48 | 000,057,372 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
    DRV - [2003/11/11 01:09:32 | 000,024,177 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
    DRV - [2001/08/23 17:11:48 | 000,009,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
    DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
    DRV - [2001/08/17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
    DRV - [2001/08/17 17:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]

    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\G, = http://www.google.fr/search?q=%s
    IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = caribserve.net

    FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/04/09 16:51:38 | 000,000,000 | ---D | M]

    O1 HOSTS File: ([2009/10/13 14:13:58 | 000,342,924 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 11782 more lines...
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110121082633.dll (McAfee, Inc.)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
    O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [KernelFaultCheck] File not found
    O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
    O4 - HKLM..\Run: [mstduvt] C:\Documents and Settings\Administrateur\Application Data\mstduvt.exe (Vaio Way)
    O4 - HKLM..\Run: [nmctxth] C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
    O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
    O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
    O4 - HKCU..\Run: [EPSON NX300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJA.EXE (SEIKO EPSON CORPORATION)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 128
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 128
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun: NoDriveTypeAutoRun = 219
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 128
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 128
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Common\yhexbmesit.dll (Yahoo! Inc.)
    O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Common\yhexbmesit.dll (Yahoo! Inc.)
    O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - File not found
    O9 - Extra Button: Diminuer la page - {A0E6D3BD-A661-447D-8634-0751467857F3} - File not found
    O9 - Extra Button: Agrandir la page - {AEBB571B-4C48-438D-808D-999F168CDECE} - File not found
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Key error.)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} Reg Error: Key error. (Reg Error: Key error.)
    O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.7.32.251 200.7.32.250
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files\DVD Region-Free\DVDShell.dll (Fengtao Software)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2007/11/23 14:02:47 | 000,000,054 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2009/12/31 07:16:09 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
    O33 - MountPoints2\{38d201d5-27b3-11e0-be18-0025220ede5a}\Shell\AutoRun\command - "" = E:\urDrive.exe
    O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
    O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found

    MsConfig - Services: "WinDefend"
    MsConfig - Services: "LightScribeService"
    MsConfig - Services: "JavaQuickStarterService"
    MsConfig - Services: "IJPLMSVC"
    MsConfig - Services: "gusvc"
    MsConfig - Services: "fsssvc"
    MsConfig - Services: "ANIWZCSdService"
    MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
    MsConfig - StartUpReg: [b]ANIWZCS2Service[/b] - hkey= - key= - C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
    MsConfig - StartUpReg: [b]ctfmon.exe[/b] - hkey= - key= - File not found
    MsConfig - StartUpReg: [b]D-Link D-Link Wireless G DWA-110[/b] - hkey= - key= - C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe (D-Link)
    MsConfig - StartUpReg: [b]KernelFaultCheck[/b] - hkey= - key= - File not found
    MsConfig - StartUpReg: [b]RoxioEngineUtility[/b] - hkey= - key= - C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe (Roxio)
    MsConfig - StartUpReg: [b]SpybotSD TeaTimer[/b] - hkey= - key= - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    MsConfig - StartUpReg: [b]Styler[/b] - hkey= - key= - C:\Program Files\Styler\Styler.exe (ta2027)
    MsConfig - StartUpReg: [b]TransBar[/b] - hkey= - key= - File not found
    MsConfig - StartUpReg: [b]UberIcon[/b] - hkey= - key= - C:\Program Files\UberIcon\UberIcon Manager.exe ()
    MsConfig - StartUpReg: [b]Vistadrv[/b] - hkey= - key= - File not found
    MsConfig - StartUpReg: [b]VisualTaskTips[/b] - hkey= - key= - File not found
    MsConfig - State: "system.ini" - 0
    MsConfig - State: "win.ini" - 0
    MsConfig - State: "bootini" - 0
    MsConfig - State: "services" - 2
    MsConfig - State: "startup" - 2

    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: mcmscsvc - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
    SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vds - Service
    SafeBootMin: vga.sys - Driver
    SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: McMPFSvc - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
    SafeBootNet: mcmscsvc - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
    SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
    SafeBootNet: Messenger - Service
    SafeBootNet: mfefire - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
    SafeBootNet: mfefirek - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
    SafeBootNet: mfefirek.sys - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
    SafeBootNet: mfehidk - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
    SafeBootNet: mfehidk.sys - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
    SafeBootNet: mfevtp - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: vga.sys - Driver
    SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {3D4F3DE5-8040-B77B-FC5F-1CBE78D4E5FF} - Lecteur Windows Media
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {629E03B0-6F41-FE63-1E25-F8EB0D10B838} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
    ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {88549BF9-7EC0-99E6-7A81-0804EF504BB8} - DirectX
    ActiveX: {895211DD-AFC6-4B80-40F6-639249E3A56F} - Security Update for Microsoft .NET Framework 2.0 (KB922770)
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
    ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
    ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
    ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} =Adobe Flash Player -
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} ComponentID=Flash -
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} IsInstalled=01 00 00 00 -
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} Locale=EN -
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} Version=9.0.47.0 -
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: Microsoft Base Smart Card Crypto Provider Package -

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (16902053519425536)

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

    [2011/02/17 10:43:37 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
    [2011/02/17 10:26:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHPFix 1.12
    [2011/02/17 10:26:18 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPFix
    [2011/02/17 10:25:47 | 001,210,151 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Bureau\ZHPFix.exe
    [2011/02/17 08:32:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
    [2011/02/17 08:09:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee
    [2011/02/16 10:46:38 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
    [2011/01/21 08:26:32 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
    [2011/01/21 08:25:54 | 000,141,792 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
    [2011/01/21 08:25:50 | 000,386,840 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
    [2011/01/21 08:25:50 | 000,313,288 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
    [2011/01/21 08:25:50 | 000,152,960 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
    [2011/01/21 08:25:50 | 000,095,600 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
    [2011/01/21 08:25:50 | 000,088,544 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
    [2011/01/21 08:25:50 | 000,084,264 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
    [2011/01/21 08:25:50 | 000,084,072 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
    [2011/01/21 08:25:50 | 000,055,840 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
    [2011/01/21 08:25:50 | 000,052,104 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
    [2010/12/06 09:52:47 | 000,049,152 | ---- | C] (Vaio Way) -- C:\Documents and Settings\Administrateur\Application Data\mstduvt.exe
    [2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

    [2011/02/17 10:42:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
    [2011/02/17 10:28:23 | 000,007,285 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ZHPDiag_1.27.1600.rar
    [2011/02/17 10:26:20 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
    [2011/02/17 10:25:47 | 001,210,151 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Bureau\ZHPFix.exe
    [2011/02/17 10:17:45 | 000,027,403 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ZHPDiag_1.27.1600.exe
    [2011/02/17 08:11:33 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
    [2011/02/17 08:09:26 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\McAfee Security Center.lnk
    [2011/02/17 08:08:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/02/16 09:56:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/02/09 08:13:06 | 000,000,419 | ---- | M] () -- C:\WINDOWS\System32\CRUNX.BIN
    [2011/02/08 09:02:17 | 000,000,213 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\Plan de comptes.xls
    [2011/02/02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
    [2011/02/02 08:08:39 | 000,472,094 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2011/02/02 08:08:39 | 000,403,854 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011/02/02 08:08:39 | 000,076,668 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2011/02/02 08:08:39 | 000,062,478 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    [color=#E56717]========== Files Created - No Company Name ==========[/color]

    [2011/02/17 10:26:20 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
    [2011/02/17 10:22:56 | 000,007,285 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ZHPDiag_1.27.1600.rar
    [2011/02/17 10:00:50 | 000,027,403 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ZHPDiag_1.27.1600.exe
    [2011/02/16 09:58:30 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\McAfee Security Center.lnk
    [2010/12/09 08:14:45 | 000,000,354 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\UPDATER_SCRIPT.BAT
    [2010/12/06 09:52:54 | 000,155,077 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\loginpfe2.mht
    [2010/09/09 12:08:09 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4990.dll
    [2010/07/02 08:20:30 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS79.DLL
    [2010/04/13 14:20:22 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
    [2009/11/24 10:47:57 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
    [2009/11/24 10:46:07 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPSNX300.ini
    [2009/03/21 22:51:21 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\WlanApp.dll
    [2009/03/21 22:51:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
    [2009/03/03 10:40:08 | 000,000,022 | ---- | C] () -- C:\WINDOWS\iexplore.ini
    [2008/11/12 10:25:54 | 000,000,090 | ---- | C] () -- C:\WINDOWS\PhotoPrint.ini
    [2008/11/10 11:58:53 | 000,000,031 | ---- | C] () -- C:\WINDOWS\kodakPN.ini
    [2008/11/10 11:21:29 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
    [2008/11/10 11:21:21 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
    [2008/11/10 11:21:20 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
    [2008/07/26 13:20:17 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLdNL.DLL
    [2007/11/14 08:20:43 | 000,000,092 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
    [2007/10/27 06:50:33 | 000,000,013 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
    [2007/10/27 06:15:41 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\cpuz.ini
    [2007/10/27 06:01:34 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2007/10/19 09:35:41 | 000,000,037 | ---- | C] () -- C:\WINDOWS\DeliveryReader.INI
    [2006/12/27 08:27:28 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI
    [2006/10/05 09:53:31 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CIEL.INI
    [2006/08/24 11:39:18 | 000,000,223 | ---- | C] () -- C:\WINDOWS\CutMan32.INI
    [2006/08/18 02:52:43 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
    [2006/08/18 02:50:46 | 000,000,126 | ---- | C] () -- C:\WINDOWS\keypad.ini
    [2006/08/15 09:54:53 | 000,000,334 | -HS- | C] () -- C:\WINDOWS\System32\resids_8sb.sys
    [2006/07/27 10:29:57 | 000,000,013 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameH.txt
    [2006/07/26 09:00:12 | 000,000,131 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI
    [2006/07/26 09:00:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
    [2006/07/26 09:00:02 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
    [2006/07/26 08:59:29 | 000,000,074 | ---- | C] () -- C:\WINDOWS\PMINI.ini
    [2006/07/26 08:58:44 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
    [2006/07/26 08:46:52 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2006/07/26 08:34:36 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6y.DLL
    [2006/07/12 19:47:15 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2006/07/12 19:04:27 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
    [2006/07/12 18:37:34 | 000,004,372 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2006/07/12 18:37:33 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
    [2006/07/12 18:13:15 | 000,002,844 | ---- | C] () -- C:\WINDOWS\System32\faview_lng.ini
    [2006/07/12 18:13:15 | 000,002,588 | ---- | C] () -- C:\WINDOWS\System32\shman_lng.ini
    [2006/07/12 18:13:15 | 000,002,227 | ---- | C] () -- C:\WINDOWS\System32\wul_lng.ini
    [2006/07/12 18:13:15 | 000,001,755 | ---- | C] () -- C:\WINDOWS\System32\jrview_lng.ini
    [2006/07/12 18:13:15 | 000,000,308 | ---- | C] () -- C:\WINDOWS\System32\pernille.ini
    [2004/08/28 09:00:00 | 000,012,195 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
    [2004/08/28 09:00:00 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\VttHooks.dll
    [2004/08/28 09:00:00 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\transbar.ini
    [2004/03/22 04:32:06 | 000,000,398 | ---- | C] () -- C:\WINDOWS\System32\CNCMP60.INI

    [color=#E56717]========== LOP Check ==========[/color]

    [2011/01/13 09:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Autodesk
    [2009/11/24 11:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Canon
    [2009/11/20 14:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\EPSON
    [2010/04/08 15:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Facebook
    [2009/11/20 14:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Leadertech
    [2009/03/23 09:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\MSNInstaller
    [2009/05/07 10:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org
    [2009/05/07 10:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\ScanSoft
    [2009/04/22 09:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Snapfish
    [2009/03/19 21:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Styler
    [2009/03/20 01:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Xentient
    [2007/11/23 14:13:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
    [2006/12/14 16:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
    [2010/07/02 08:20:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2009/10/19 13:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
    [2007/11/27 11:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CenerTCPMessenger
    [2007/09/25 08:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ciel
    [2010/10/27 08:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
    [2008/06/12 09:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
    [2009/05/07 10:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
    [2006/07/26 08:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
    [2006/11/15 16:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
    [2009/06/01 09:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2009/11/24 14:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
    [2008/08/07 10:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\wmp
    [2011/02/17 08:11:33 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

    [color=#E56717]========== Purity Check ==========[/color]

    [color=#E56717]========== Custom Scans ==========[/color]

    [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
    [2009/05/06 09:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
    [2007/11/23 14:13:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
    [2006/12/14 16:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
    [2010/07/02 08:20:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
    [2009/10/19 13:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
    [2007/11/27 11:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CenerTCPMessenger
    [2007/09/25 08:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ciel
    [2006/07/12 19:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
    [2010/10/27 08:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
    [2009/04/09 15:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
    [2008/12/15 09:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
    [2009/12/30 15:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2009/07/13 14:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2009/12/30 08:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
    [2008/12/15 08:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
    [2010/04/13 14:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
    [2006/07/12 23:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
    [2008/06/12 09:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
    [2010/10/22 08:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [2009/05/07 10:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
    [2006/07/26 08:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
    [2009/03/20 11:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    [2006/11/15 16:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
    [2009/06/01 09:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2009/11/24 14:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
    [2007/08/17 23:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    [2006/08/28 11:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
    [2008/03/03 16:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
    [2008/08/07 10:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\wmp
    [2010/12/21 10:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
    [2010/04/19 08:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

    [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
    [2007/01/10 23:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    [2007/12/16 23:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
    [2009/04/29 11:16:23 | 034,276,400 | R--- | M] (Cisco Systems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Pure Networks\Setup\nmsetup.exe
    [2010/06/01 10:25:54 | 000,607,544 | ---- | M] (Yahoo! Inc.) -- C:\Documents and Settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe

    [color=#A23BEC]< %APPDATA%\*. >[/color]
    [2009/03/23 09:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Adobe
    [2009/03/23 09:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\AdobeUM
    [2011/01/13 09:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Autodesk
    [2009/11/24 11:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Canon
    [2009/03/30 16:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Corel
    [2009/11/20 14:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\EPSON
    [2010/04/08 15:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Facebook
    [2009/04/06 08:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Google
    [2009/04/09 15:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Identities
    [2009/03/21 22:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\InstallShield
    [2009/11/20 14:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Leadertech
    [2009/03/20 08:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Macromedia
    [2009/12/30 15:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    [2009/11/20 16:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Microsoft
    [2009/03/23 09:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\MSN6
    [2009/03/23 09:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\MSNInstaller
    [2009/05/07 10:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org
    [2009/03/19 21:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Roxio
    [2009/05/07 10:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\ScanSoft
    [2009/04/22 09:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Snapfish
    [
    0
  11. petitefleursxm
     
    moi aussi je dois m'absenter, je ne pourais te répondre que demain matin.
    Merci d'avance pour ton aide
    0
  12. Patdam73 Messages postés 271 Statut Membre 13
     
    Pas de souci ;)

    Spybot search and destroy est devenu obsolète, et à tendance à ralentir la machine. Je te conseille de le désinstaller.
    Toutefois si tu préfères le conserver, désactive sa protection résidente (tea timer) qui gène le passage des outils, et ne la réactive qu'une fois la désinfection terminée.

    Désactivation du tea timer de Spybot Search & Destroy

    [*]Lance Spybot Search & Destroy
    [*]Clique sur Mode / Mode avancé
    [*]Clique sur Outils
    [*]Clique sur Résident
    [*]Décoche la case devant Résident "Tea Timer"
    [*]Ferme Spybot

    ======

    OneClick2RestorePoint :

    Télécharge Oneclick2RP de Laddy sur ton Bureau

    https://app.box.com/s/cqcsz5m0oz

    [*] Conserve-le tout au long de la désinfection et de l'optimisation.
    [*] Double clic dessus pour l'exécuter (Sous Vista/Seven, fais un clic droit et choisir Exécuter en tant qu'administrateurr)
    [*] Entre la description suivante : PC Origine
    [*] Clic sur le bouton Créer

    ======

    RogueKiller de Tigzy

    Télécharge sur le bureau RogueKiller

    https://www.luanagames.com/index.fr.html

    * Quitte tous tes programmes en cours
    * Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur
    * Lance RogueKiller.exe.
    * Lorsque demandé, tape 1 (Scan)
    * valide avec la touche Entrée
    * Si le programme demande pour supprimer le proxy, tapez 1 si vous êtes sûr que ce n'est pas vous qui l'avez mis, sinon taper 2
    * Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse
    * Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois.

    ======

    USBFix : Recherche

    Télécharge USBFix sur ton Bureau. (Merci à C_XX)

    http://www.teamxscript.org/too/UsbFix.exe

    /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
    /!\ Branche tous tes périphériques ayant pu être infectés (clés usb, disque dur externe, etc ...) /!\

    [*] Double-clique sur UsbFix pour lancer le programme
    Note :
    Pour Vista et Windows 7 faites un clic droit sur l'icône et sélectionnez Exécuter en tant qu'administrateur.

    [*]Clique sur Rechercher et valide
    [*]Laisse travailler l'outil
    [*]A la fin, un rapport apparaitra (sinon, il est situé ici C:\Usbfix.txt).

    Poste-le dans ta prochaine réponse

    @+
    0
  13. petitefleursxm
     
    bonjour,
    me revoilà !
    voici le rapport RogueKiller :
    RogueKiller V3.10.2 by Tigzy
    contact at https://www.luanagames.com/index.fr.html
    mail: tigzyRK<at>gmail<dot>com
    Feedback: https://www.luanagames.com/index.fr.html

    Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
    Started in : Normal mode
    User: Administrateur [Admin rights]
    Mode: Scan -- Time : 18/02/2011 09:27:03

    Bad processes:
    Killed c:\documents and settings\administrateur\application data\mstduvt.exe

    Found:
    HKLM\...\RUN\ mstduvt : C:\Documents and Settings\Administrateur\Application Data\mstduvt.exe

    HOSTS File:
    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    [...]

    Finished

    je fais la suite
    0
  14. petitefleursxm
     
    voici le rapport UsbFix :

    ############################## | UsbFix 7.039 | [Recherche]

    Utilisateur: Administrateur (Administrateur) # ANGELO-182A37F5 [ ]
    Mis à jour le 09/02/2011 par El Desaparecido / C_XX
    Lancé à 09:35:43 | 18/02/2011
    Site Web: http://www.teamxscript.org
    Contact: eldesaparecido@teamxscript.org

    CPU: Intel(R) Pentium(R) 4 CPU 3.06GHz
    CPU 2: Intel(R) Pentium(R) 4 CPU 3.06GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 2
    Internet Explorer 7.0.5730.11

    Pare-feu Windows: Désactivé /!\
    Antivirus: McAfee AntiVirus et AntiSpyware [Enabled | Updated]
    Firewall: McAfee Firewall [Enabled]
    RAM -> 893 Mo
    C:\ (%systemdrive%) -> Disque fixe # 153 Go (133 Go libre(s) - 87%) [] # NTFS
    D:\ -> CD-ROM

    ################## | Éléments infectieux |

    ################## | Registre |

    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoSMHelp

    ################## | Mountpoints2 |

    HKCU\.\.\.\.\Explorer\MountPoints2\{38d201d5-27b3-11e0-be18-0025220ede5a}
    Shell\AutoRun\Command = E:\urDrive.exe

    ################## | Vaccin |

    (!) Cet ordinateur n'est pas vacciné!

    ################## | E.O.F |
    0
  15. Patdam73 Messages postés 271 Statut Membre 13
     
    Bonjour

    Relance Roguekiller
    Sélectionne l'option 2 (suppression)
    Post le rapport

    Sans redémarrer le pc, lance Malwaresbyte antimalware.
    Mets le a jour via l'onglet mise à jour
    Lance un scan complet et supprime tout ce qu'il trouve
    Post le rapport dans ta prochaine réponse

    @+
    0
  16. petitefleursxm
     
    voici le second rapport Roguekiller :

    RogueKiller V3.10.2 by Tigzy
    contact at https://www.luanagames.com/index.fr.html
    mail: tigzyRK<at>gmail<dot>com
    Feedback: https://www.luanagames.com/index.fr.html

    Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
    Started in : Normal mode
    User: Administrateur [Admin rights]
    Mode: Scan -- Time : 18/02/2011 09:27:03

    Bad processes:
    Killed c:\documents and settings\administrateur\application data\mstduvt.exe

    Found:
    HKLM\...\RUN\ mstduvt : C:\Documents and Settings\Administrateur\Application Data\mstduvt.exe

    HOSTS File:
    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    [...]

    Finished

    RogueKiller V3.10.2 by Tigzy
    contact at https://www.luanagames.com/index.fr.html
    mail: tigzyRK<at>gmail<dot>com
    Feedback: https://www.luanagames.com/index.fr.html

    Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
    Started in : Normal mode
    User: Administrateur [Admin rights]
    Mode: Remove -- Time : 18/02/2011 09:54:38

    Bad processes:

    Deregistred:
    HKLM\...\RUN\ mstduvt : C:\Documents and Settings\Administrateur\Application Data\mstduvt.exe

    HOSTS File:
    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    [...]

    Finished

    je fais la suite
    0
  17. Patdam73 Messages postés 271 Statut Membre 13
     
    qu'est ce que ça donne le scan avec mbam ?

    @+
    0
  18. petitefleursxm
     
    je n'ai pas pu terminer car je devais partir.
    je ne pourrais le faire que lundi, car c'est sur l'ordi de mon bureau.
    je te fais savoir dès qque c'est fait.
    merci pour ton aide et bon week end
    0
  19. petitefleursxm
     
    Bonjour,

    voilà, parès plus de 2h30 de scan, voici le rapport de mbam :

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4052

    Windows 5.1.2600 Service Pack 2
    Internet Explorer 7.0.5730.11

    21/02/2011 10:48:02
    mbam-log-2011-02-21 (10-48-02).txt

    Type d'examen: Examen complet (C:\|)
    Elément(s) analysé(s): 244136
    Temps écoulé: 2 heure(s), 34 minute(s), 51 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    0
  20. Patdam73 Messages postés 271 Statut Membre 13
     
    bonjour

    Désinstall zhpdiag via le panneau de configuration si ce n'est déjà fait, puis redémarre le pc et essaye de le réinstaller et de faire un scan avec lui :

    ZHPDiag

    [*] Télécharge zhpdiag
    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html (de Nicolas Coolman) sur ton bureau.

    [*] Double clique sur ZHPDiag.exe pour lancer l'installation.

    Note :
    Pour Vista et Windows 7 faites un clic droit sur l'icône et sélectionnez Exécuter en tant qu'administrateur.

    [*] Laisse toi guider pour l'installation et coche bien la case proposant la création d'un raccourci sur le bureau.
    Note :
    2 nouvelles icônes sont maintenant sur ton bureau : ZHPDiag et ZHPFix.

    [*] Double clique sur ZHPDiag pour lancer l'exécution.
    Note :
    Pour Vista et Windows 7 faites un clic droit sur l'icône et sélectionnez Exécuter en tant qu'administrateur.

    [*] Clique sur la loupe pour lancer l'analyse et patiente jusqu'à la fin de celle ci.

    [*] Le rapport a été crée sur ton bureau (ZHPDiag.txt)
    [b]Note :
    Le rapport étant trop long pour le forum, héberge le sur http://www.cijoint.fr

    [*] Copie et colle le lien dans ta prochaine réponse.

    @+
    0
  • 1
  • 2
  • 3