babylon - problème...

Section d'analyse de rapports et de désinfection : malwares en tous genre et autres indésirables. Demandes de nettoyage uniquement. Prise en charge restreinte : équipe spécialisée.

Modérateur: Modérateurs

Règles du forum :arrow: Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
:arrow: Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
:arrow: Un topic par machine, chacun crée le sien. ;)

babylon - problème...

Messagepar alexis ginguenaud » 18 Avr 2011 20:35

bonjour
suite à une grosse bourde de ma femme,je me retrouve avec babylonsearch sur le pc...
je l'ai désinstaller mais il est toujours omniprésent et il me fait vraiment suer
merci de me donner un coup de main,j'ai antivir installé mais il ne voit rien de spécial
Dernière édition par Falkra le 18 Avr 2011 21:29, édité 1 fois.
Raison: Titre modifié, inutile d'être grossier
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar TopXm » 19 Avr 2011 15:23

Salut,

Normalement si tu l'as désinstallé correctement il ne doit rester que la page d'accueil à changer.

Quelle navigateur tu utilises ?
Image
Téléchargement gratuit Give Away Of the day
Avatar de l’utilisateur
TopXm
Libellulien Junior
Libellulien Junior
 
Messages: 421
Inscription: 22 Jan 2008 23:44

Re: babylon - problème...

Messagepar alexis ginguenaud » 19 Avr 2011 17:24

salut
j'utilise mozilla firefox
j'ai bien ma page d'accueil habituelle (igoogle)mais dès que j'ouvre un deuxième onglet je tombe systématiquement sur babylon qui plante à tout va :plaf:
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar TopXm » 20 Avr 2011 09:30

Salut,

Pour voir :
:arrow: Télécharge OTL (OldTimer) sur ton Bureau :

  • Ferme toutes les fenêtres des programmes en cours d'exécution.


  • Si tu es sous XP double-clique sur le programme pour le lancer.
    Si tu es sous Vista, Clique droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

  • L'écran principal de OTL s'affiche:

      Image

    (1) Si ce n'est déjà fait, dans le paragraphe Registre: Approfondi, cocher le bouton-radio Avec liste blanche:

    (2) Coche (en haut) la case située devant Tous les utilisateurs:

    (3) Clic sur TOUT SÉLECTIONNER et copie le contenu de la boite code suivante dans la zone "Personnalisation"

    Code: Tout sélectionner
        netsvcs
        msconfig
        safebootminimal
        safebootnetwork
        activex
        drivers32
        %SYSTEMDRIVE%\*.exe
        %ALLUSERSPROFILE%\Application Data\*.
        %ALLUSERSPROFILE%\Application Data\*.exe /s
        %APPDATA%\*.
        %APPDATA%\*.exe /s
        %systemroot%\*. /mp /s
        /md5start
        eventlog.dll
        scecli.dll
        netlogon.dll
        cngaudit.dll
        sceclt.dll
        ntelogon.dll
        logevent.dll
        tcpip.sys
        iaStor.sys
        nvstor.sys
        atapi.sys
        IdeChnDr.sys
        viasraid.sys
        AGP440.sys
        vaxscsi.sys
        nvatabus.sys
        viamraid.sys
        nvata.sys
        nvgts.sys
        iastorv.sys
        ViPrt.sys
        eNetHook.dll
        /md5stop
       


    (4) Puis cliquer sur le bouton Analyse:

  • Laisser l'outil travailler sans l'interrompre.

    • A la fin du scan un rapport va s'ouvrir à l'écran: OTL.txt, poste le en pièce jointe dans ta prochaine réponse

    • Un autre rapport se nommant Extras.txt sera visible dans ta barre des tâches. Poste le en pièce jointe dans ta prochaine réponse.
Image
Téléchargement gratuit Give Away Of the day
Avatar de l’utilisateur
TopXm
Libellulien Junior
Libellulien Junior
 
Messages: 421
Inscription: 22 Jan 2008 23:44

Re: babylon - problème...

Messagepar alexis ginguenaud » 20 Avr 2011 10:45

salut donc voilà les rapports:

OTL logfile created on: 20/04/2011 11:22:03 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\alexis ginguenaud\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

479,00 Mb Total Physical Memory | 66,00 Mb Available Physical Memory | 14,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 51,00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 9,32 Gb Free Space | 25,01% Space Free | Partition Type: NTFS

Computer Name: PORTABLE | User Name: alexis ginguenaud | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
PRC - [2011/03/24 21:10:22 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/06 10:21:32 | 012,587,696 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/07/10 14:56:34 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2010/06/21 21:36:13 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/06/21 21:36:12 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/05/28 13:04:52 | 000,911,920 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/05 18:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/02/05 18:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2004/12/22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/07/24 05:49:30 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/07/23 18:25:40 | 000,217,188 | ---- | M] (Gemtek) -- C:\Program Files\GlobespanVirata\XPFix.exe
PRC - [2003/04/29 06:08:22 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe


========== Modules (SafeList) ==========

MOD - [2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/02/05 18:20:30 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll
MOD - [2004/07/24 05:49:24 | 000,066,048 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/06/21 21:36:13 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/06/21 21:36:12 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/02/05 18:22:36 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/02/05 18:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/02/05 18:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)


========== Driver Services (SafeList) ==========

DRV - [2010/10/30 14:32:24 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010/10/26 23:49:17 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/06/21 21:36:14 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/21 21:36:14 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/28 13:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/02/06 04:21:48 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/02/06 04:21:37 | 004,658,456 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2008/02/06 04:21:25 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/02/06 04:20:40 | 000,628,760 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/02/05 18:20:08 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/02/05 18:18:12 | 000,689,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2005/07/28 09:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/12/22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/10 05:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2004/07/20 20:16:00 | 000,393,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PRISMA00.sys -- (PRISM_A00)
DRV - [2004/02/21 05:00:44 | 001,265,388 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [1998/03/03 13:55:58 | 000,040,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mgnt.sys -- (MicroGuard)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1098640
IE - HKU\S-1-5-21-746137067-152049171-1060284298-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "free-downloads.net Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/ig"
FF - prefs.js..extensions.enabledItems: {ecdee021-0d17-467f-a1ff-c7a115230949}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=68c94c7b00000000000000904bca80f9&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/02 08:24:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/06 15:42:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/06 10:21:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2011/01/29 13:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions
[2010/05/10 08:23:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/29 13:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/10/05 21:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/04/19 19:25:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions
[2011/03/11 20:17:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/04/10 00:18:07 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2011/04/10 00:18:05 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\engine@conduit.com
[2011/04/15 14:26:05 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\ffxtlbr@babylon.com
[2010/10/30 18:25:52 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\searchplugins\askcom.xml
[2010/01/20 12:16:28 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\searchplugins\conduit.xml
[2010/06/13 19:07:05 | 000,002,149 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\searchplugins\MyStart Search.xml
[2011/04/19 19:25:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/14 12:42:31 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/03/11 19:49:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/11 20:16:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/03/11 19:48:24 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/29 18:03:06 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/10/29 18:03:07 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/29 18:03:07 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/10/29 18:03:08 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/10/29 18:03:08 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/06/20 15:30:32 | 000,408,483 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14125 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe (Gemtek)
O4 - HKU\S-1-5-21-746137067-152049171-1060284298-1005..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - Startup: C:\Documents and Settings\alexis ginguenaud\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/09 16:49:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0eb9c710-60e3-11df-8df8-806d6172696f}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe
O33 - MountPoints2\{836debd0-e411-11df-a43a-0040d06ccfac}\Shell - "" = AutoRun
O33 - MountPoints2\{836debd0-e411-11df-a43a-0040d06ccfac}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe - (Logitech Inc.)
MsConfig - StartUpReg: Lexmark X1100 Series - hkey= - key= - C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
MsConfig - StartUpReg: LogitechCommunicationsManager - hkey= - key= - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe ()
MsConfig - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/20 10:54:19 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
[2011/04/18 21:59:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\alexis ginguenaud\Recent
[2011/04/16 23:50:28 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Uninstaller
[2011/04/15 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VirtualDubMOD
[2011/04/15 14:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDubMOD
[2011/04/15 14:33:25 | 002,588,349 | ---- | C] (www.virtualdub-fr.org ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\VirtualDubMOD_1.5.10.3_b2550.exe
[2011/04/10 19:01:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2011/04/10 19:01:53 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2011/04/03 11:02:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\alexis ginguenaud\Mes documents\coffinnails
[2011/03/31 20:35:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\coffinnails
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/20 11:10:02 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/20 10:55:30 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\Raccourci vers OTL.lnk
[2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
[2011/04/19 15:10:09 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/17 18:41:52 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TempFile
[2011/04/17 18:41:46 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\Registry Reviver-alexis ginguenaud-Startup.job
[2011/04/17 18:41:45 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-alexis ginguenaud-Startup.job
[2011/04/17 18:41:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/16 17:56:34 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/15 14:40:34 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\VirtualDubMOD.lnk
[2011/04/15 14:33:25 | 002,588,349 | ---- | M] (www.virtualdub-fr.org ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\VirtualDubMOD_1.5.10.3_b2550.exe
[2011/04/15 04:28:57 | 000,122,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/14 16:42:19 | 020,586,196 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\vlc-1.1.8-win32.exe
[2011/04/10 04:04:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\File Helper.job
[2011/04/08 09:04:51 | 000,439,154 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/04/08 09:04:51 | 000,374,398 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/08 09:04:51 | 000,061,302 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/04/08 09:04:51 | 000,050,866 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/07 12:48:52 | 000,002,484 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\cc_20110407_124721.reg
[2011/03/31 20:13:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/20 10:55:30 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\Raccourci vers OTL.lnk
[2011/04/15 14:40:34 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\VirtualDubMOD.lnk
[2011/04/14 16:42:09 | 020,586,196 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\vlc-1.1.8-win32.exe
[2011/04/07 12:47:53 | 000,002,484 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\cc_20110407_124721.reg
[2011/01/23 12:59:05 | 000,000,101 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010/11/02 19:32:36 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2010/10/30 14:32:24 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2010/10/30 14:32:13 | 000,021,760 | ---- | C] () -- C:\WINDOWS\System32\MG16.DLL
[2010/10/30 14:32:07 | 000,040,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\mgnt.sys
[2010/07/14 13:22:20 | 000,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/07/14 12:46:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/05/17 10:23:05 | 000,140,288 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/13 18:32:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\Javelin.dll
[2010/05/13 18:31:07 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2010/05/13 18:27:04 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/05/13 18:27:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/05/09 18:38:17 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\fusioncache.dat
[2010/05/09 18:34:11 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/05/09 18:32:33 | 000,122,136 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/09 18:23:22 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/05/09 18:13:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/05/09 18:01:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/09 17:16:16 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/05/09 16:57:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/05/09 16:53:26 | 000,000,996 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/05/09 16:45:28 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/02/05 18:20:08 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2004/08/05 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 14:00:00 | 000,439,154 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/05 14:00:00 | 000,374,398 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 14:00:00 | 000,061,302 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/05 14:00:00 | 000,050,866 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/05 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/08/18 16:55:48 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2003/08/18 16:46:38 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2003/07/30 11:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/07/30 10:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/11/13 21:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2002/09/13 17:40:06 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2001/01/19 21:50:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE

========== LOP Check ==========

[2011/02/27 19:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\BitLord
[2010/07/16 16:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\DeepBurner
[2010/07/14 13:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Leadertech
[2010/12/10 19:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Python-Eggs
[2011/04/06 13:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Spotify
[2010/05/10 08:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Thunderbird
[2011/01/29 13:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\TomTom
[2010/05/17 21:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/05/17 21:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2010/03/15 19:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCADMIN
[2010/06/27 19:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2010/05/31 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/29 13:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2010/06/26 12:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer
[2011/04/10 04:04:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\File Helper.job
[2011/04/17 18:41:46 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Reviver-alexis ginguenaud-Startup.job
[2011/04/17 18:41:45 | 000,000,384 | ---- | M] () -- C:\WINDOWS\Tasks\WinMaximizer-alexis ginguenaud-Startup.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %ALLUSERSPROFILE%\Application Data\*. >
[2010/10/30 16:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/06/21 19:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/05/09 18:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/05/17 21:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/05/17 21:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2010/07/14 13:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2010/07/14 13:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2010/06/24 17:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/15 19:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCADMIN
[2010/10/28 22:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/10/28 22:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/10/07 04:19:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/06/27 19:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2010/07/14 12:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/06/27 15:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/05/09 18:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/31 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/29 13:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2010/06/26 12:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2011/01/22 18:46:59 | 000,523,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe

< %APPDATA%\*. >
[2011/02/09 19:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Adobe
[2011/02/27 19:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\BitLord
[2010/07/16 16:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\DeepBurner
[2010/10/27 00:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\dvdcss
[2010/05/09 18:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Google
[2010/05/09 17:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Identities
[2010/07/14 13:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Leadertech
[2010/05/09 18:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Macromedia
[2010/06/24 17:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Malwarebytes
[2010/06/27 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Media Player Classic
[2011/02/11 20:06:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Microsoft
[2010/05/09 18:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla
[2010/11/01 15:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla-Cache
[2010/12/10 19:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Python-Eggs
[2011/03/14 11:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Skype
[2011/03/14 10:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\skypePM
[2011/04/06 13:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Spotify
[2010/05/09 17:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Sun
[2010/05/10 08:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Thunderbird
[2011/01/29 13:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\TomTom
[2011/04/18 23:07:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\vlc
[2010/10/27 19:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >


========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar alexis ginguenaud » 20 Avr 2011 10:47

et voilà le second:



OTL Extras logfile created on: 20/04/2011 11:22:03 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\alexis ginguenaud\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

479,00 Mb Total Physical Memory | 66,00 Mb Available Physical Memory | 14,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 51,00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 9,32 Gb Free Space | 25,01% Space Free | Partition Type: NTFS

Computer Name: PORTABLE | User Name: alexis ginguenaud | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6444D9D9-CD6C-4464-B970-55C606C944DC}" = Logitech QuickCam
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.3 - Français
"{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 Fr
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E47A61C9-A266-4EAC-B93A-47D4EB391142}" = PRISM 802.11 Adapter
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Ares" = Ares 2.1.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"ie8" = Windows Internet Explorer 8
"Lexmark X1100 Series" = Lexmark X1100 Series
"LMMS 0.4.8" = Linux MultiMedia Studio (LMMS)
"lvdrivers_11.70" = Coffret de pilotes Logitech QuickCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microcat for Land Rover" = Microcat for Land Rover
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Secunia PSI" = Secunia PSI
"Spotify" = Spotify
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.7.6.2056
"VLC media player" = VLC media player 1.1.7
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = Logiciel d'archivage WinRAR
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16/10/2010 21:10:31 | Computer Name = PORTABLE | Source = MsiInstaller | ID = 1024
Description = Produit : Microsoft Office XP Professional avec FrontPage - La mise
à jour 'Security Update for Excel 2002 (KB2345017): EXCEL' n'a pas pu être installée.
Code d'erreur 1603. Windows Installer peut créer des journaux pour faciliter la
résolution des éventuelles erreurs d'installation des packages logiciels. Utilisez
le lien suivant pour afficher des instructions concernant l'activation des journaux
: http://go.microsoft.com/fwlink/?LinkId=23127

Error - 17/10/2010 02:54:44 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 24/10/2010 03:07:30 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 26/10/2010 17:48:53 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 26/10/2010 17:54:12 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 03:24:00 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 03:24:06 | Computer Name = PORTABLE | Source = crypt32 | ID = 131075
Description = Échec de la récupération de la mise à jour automatique du fichier
CAB de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 17:48:00 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3951, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 30/10/2010 18:01:27 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3951, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 01/11/2010 09:47:30 | Computer Name = PORTABLE | Source = Application Error | ID = 1000
Description = Application défaillante pprekop.exe, version 4.2.0.172, module défaillant
ole32.dll, version 5.1.2600.2182, adresse de défaillance 0x10017bed.

[ System Events ]
Error - 07/04/2011 06:05:43 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 07/04/2011 06:35:11 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 07/04/2011 07:05:09 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 08/04/2011 03:02:16 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7023
Description = Le service Carte de performance WMI s'est arrêté avec l'erreur : %%2147500037

Error - 15/03/2011 10:34:34 | Computer Name = PORTABLE | Source = W32Time | ID = 39452706
Description = Le service de temps a détecté que l'heure système doit être modifiée
de +2502008 secondes. Le service de temps ne va pas modifier l'heure système de plus
de +54000 secondes. Vérifiez que votre heure et votre fuseau horaire sont corrects
et que la source de temps time.windows.com (ntp.m|0x1|192.168.0.10:123->207.46.232.182:123)
fonctionne correctement.

Error - 16/04/2011 17:26:52 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 16/04/2011 17:26:52 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 16/04/2011 18:26:11 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 18/04/2011 18:13:26 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 19/04/2011 18:14:10 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.


< End of report >


merci et bon courage car pour moi c'est du chinois :-D
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar TopXm » 21 Avr 2011 08:47

Salut,

Des traces d'Ask / Conduit / Babylon dans les fichiers de préférences surtout. Du coup pas de script OTL pour l'instant, il faut élaguer d'abord avec Ad-R par exemple.

:arrow: Désactive ton antivirus le temps de télécharger et exécuter Ad-Remover

  • Télécharge Ad-remover de C_XX et enregistre sur ton bureau.

  • Une fois le fichier téléchargé, ferme toutes les fenêtres de ton navigateur.

  • Si tu es sous XP, double-clique sur AD-R.exe pour le lancer.
    Si tu es sous Vista, clique droit sur AD-R.exe puis choisis Exécuter en tant qu'administrateur.

  • Clique sur le bouton Scanner pour lancer la recherche des fichiers infectés. Clique sur Oui lorsqu'il te demande de confirmer l'action. Le scan va commencer, laisse le aller jusqu'au bout sans l'interrompre.

  • A la fin, un rapport va s'ouvrir à l'écran. Poste l'intégralité de son contenu dans ta prochaine réponse.
    (Le rapport est aussi sauvegardé sous C:\Ad-report-scan.log)

NB:
- Process.exe une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Image
Téléchargement gratuit Give Away Of the day
Avatar de l’utilisateur
TopXm
Libellulien Junior
Libellulien Junior
 
Messages: 421
Inscription: 22 Jan 2008 23:44

Re: babylon - problème...

Messagepar alexis ginguenaud » 21 Avr 2011 18:54

hello!
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:50:51 le 21/04/2011, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)
alexis ginguenaud@PORTABLE ( )

============== RECHERCHE ==============


Fichier trouvé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\searchplugins\askcom.xml
Dossier trouvé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\conduit
Dossier trouvé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\ConduitEngine
Dossier trouvé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\extensions\engine@conduit.com
Fichier trouvé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\searchplugins\conduit.xml
Dossier trouvé: C:\Program Files\Ask.com
Dossier trouvé: C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\Conduit
Dossier trouvé: C:\Program Files\Conduit

-- Fichier ouvert: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\Prefs.js --
Ligne trouvée: user_pref("CT1098640.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT1098640.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT109...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/FR", "\"0\"")...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.2...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.3...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "63...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =3/13/20...
Ligne trouvée: user_pref("CommunityToolbar.EngineHiddenByUser", true);
Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", false);
Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1098640,ConduitEngine");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT1098640");
Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Mar 20 2011 22:16:29 GMT+01...
Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Apr 21 2011 09:20:38 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Apr 21 2011 09:20:30 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "674f6bfe-55c6-43c1-bdab-c7234c2d635c");
Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Oct 27 2010 00:05:04 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1098640");
Ligne trouvée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Apr 21 2011 10:13:30 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.CTID", "ConduitEngine");
Ligne trouvée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Apr 13 2011 18:25:32 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.FirstServerDate", "03/20/2011 23");
Ligne trouvée: user_pref("ConduitEngine.FirstTime", true);
Ligne trouvée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne trouvée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne trouvée: user_pref("ConduitEngine.Initialize", true);
Ligne trouvée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne trouvée: user_pref("ConduitEngine.InstalledDate", "Sun Mar 20 2011 22:16:33 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne trouvée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne trouvée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Ligne trouvée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Apr 14 2011 18:26:23 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.3.2.1", "Sun Apr 10 2011 00:03:35 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Fri Apr 15 2011 13:24:10 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne trouvée: user_pref("ConduitEngine.SettingsLastCheckTime", "Fri Apr 15 2011 13:24:08 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.UserID", "UN02938287129060546");
Ligne trouvée: user_pref("ConduitEngine.componentAlertEnabled", false);
Ligne trouvée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne trouvée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Apr 14 2011 18:25:58 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Fri Apr 15 2011 11:24:09 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.initDone", true);
Ligne trouvée: user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Ligne trouvée: user_pref("ConduitEngine.usagesFlag", 2);
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&Sea...
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\Interface\{144940B1-F191-11D0-A8E2-00A0C90F29FC}
Clé trouvée: HKLM\Software\Classes\Toolbar.CT1098640
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\Grand Virtual
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.16 (fr)] ****

Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox )

-- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default --
Extensions\engine@conduit.com (Conduit Engine )
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\{ecdee021-0d17-467f-a1ff-c7a115230949} (free-downloads.net Community Toolbar)
Searchplugins\askcom.xml (?)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.as ... e=3&amp;q={searchTerms} /)
Searchplugins\MyStart Search.xml (?)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\alexis ginguenaud\\Mes documents
Prefs.js - browser.search.defaultenginename, Ask.com
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/ig
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss ... tlRef=ss...

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://search.conduit.com?SearchSource= ... =CT1098640
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?clien ... src=crm&q={searchTer...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "free-downloads.net Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKLM_ElevationPolicy\d9796250-a4d1-4fc3-b963-0d286da3aae2 - C:\Program Files\free-downloads.net\free-downloads.netToolbarHelper.exe (x)
HKLM_ElevationPolicy\{F2DD9BC5-3851-4766-9F67-A627B3C053DD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 21/04/2011 19:51:45 (8210 Octet(s))

Fin à: 19:52:29, 21/04/2011

============== E.O.F ==============
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar alexis ginguenaud » 26 Avr 2011 08:51

bonjour
pas de solution à mon problème???
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar TopXm » 26 Avr 2011 15:45

Salut,

Super désolé pour le retard mais j'ai quelques soucis de disponibilité impromptus :oops:

  • Si tu es sous XP, Double-clique sur USBFix.exe pour le lancer.
    Si tu es sous Vista, Clique droit sur USBFix.exe et choisis Exécuter en tant qu'administrateur.
  • Clique sur le bouton Suppression et laisse l'outil travailler sans l'interrompre.
  • Une fenêtre de te demandant de bancher tous les périphériques externes que tu as pu utiliser ces derniers jours (clés USB, lecteurs MP3, disques durs externes, etc ...) va apparaitre.
    Branche le matériel puis clique sur OK pour poursuivre.
  • USBFix va continuer son exécution. Le bureau va disparaitre et ne sera plus accessible tout le temps du scan. Ne t'inquiète pas, c'est normal. Patiente le temps du nettoyage sans l'interrompre.
  • A la fin, un rapport va être généré (C:/USBFix.txt). Copie-colle l'intégralité de son contenu dans ta prochaine réponse.

puis

:arrow: Télécharge Malwarebytes Anti-Malware et enregistre le sur ton disque dur.

  • Installe le. Avant de cliquer sur Terminer veille à ce que les 2 cases Mettre à jour Malwarebytes anti-malware et Exécuter Malwarebytes anti-malware soient bien cochées.
    Le logiciel va se mettre à jour puis la page principale va s'afficher.
  • Coche la case Exécuter un examen rapide puis clique sur Rechercher.
  • A la fin du scan, clique sur Afficher les résultats.
  • Clique alors sur Supprimer la sélection.
  • Le rapport de scan va s'afficher. Copie-colle tout son contenu dans ta prochaine réponse.

    :att: Si le programme te propose de redémarrer l'ordinateur, accepte! Tu pourras ensuite retrouver le rapport dans l'onglet Rapports/Log du logiciel.
    Si au redémarrage Windows te dit qu'il a bloqué certains programmes de démarrage, clique sur la bulle puis sur Exécuter les programmes bloqués/Malwarebytes Anti-Malware.
Image
Téléchargement gratuit Give Away Of the day
Avatar de l’utilisateur
TopXm
Libellulien Junior
Libellulien Junior
 
Messages: 421
Inscription: 22 Jan 2008 23:44

Re: babylon - problème...

Messagepar alexis ginguenaud » 26 Avr 2011 17:03

salut et pas de soucis pour le retard
############################## | UsbFix 7.044 | [Suppression]

Utilisateur: alexis ginguenaud (Administrateur) # PORTABLE [ ]
Mis à jour le 25/04/2011 par TeamXscript
Lancé à 17:57:28 | 26/04/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Celeron(R) M processor 1.40GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Pare-feu Windows: Activé
Antivirus: AntiVir Desktop 9.0.1.32 [(!) Disabled | Updated]
RAM -> 479 Mo
C:\ (%systemdrive%) -> Disque fixe # 37 Go (9 Go libre(s) - 25%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 233 Go (143 Go libre(s) - 61%) [ALEXIS2] # FAT32

################## | Éléments infectieux |


Supprimé! C:\Recycler\S-1-5-21-746137067-152049171-1060284298-1005

################## | Registre |


################## | Mountpoints2 |


################## | Listing |

[21/04/2011 - 19:52:29 | N | 11543] C:\Ad-Report-SCAN[1].txt
[09/05/2010 - 16:53:29 | D ] C:\AddOn
[09/05/2010 - 16:49:27 | N | 0] C:\AUTOEXEC.BAT
[26/04/2011 - 17:51:31 | RASHD ] C:\Autorun.inf
[09/05/2010 - 16:40:06 | SH | 353] C:\boot.ini
[05/08/2004 - 14:00:00 | N | 4952] C:\Bootfont.bin
[09/05/2010 - 16:49:27 | N | 0] C:\CONFIG.SYS
[09/05/2010 - 17:05:12 | D ] C:\Documents and Settings
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 09:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 09:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.3082.txt
[13/05/2010 - 18:35:49 | N | 1481] C:\FSC-DeskUpdate.txt
[13/05/2010 - 18:25:06 | D ] C:\fsc.tmp
[07/11/2007 - 09:00:40 | N | 1110] C:\globdata.ini
[07/11/2007 - 09:03:18 | N | 562688] C:\install.exe
[07/11/2007 - 09:00:40 | N | 843] C:\install.ini
[07/11/2007 - 09:03:18 | N | 76304] C:\install.res.1028.dll
[07/11/2007 - 09:03:18 | N | 96272] C:\install.res.1031.dll
[07/11/2007 - 09:03:18 | N | 91152] C:\install.res.1033.dll
[07/11/2007 - 09:03:18 | N | 97296] C:\install.res.1036.dll
[07/11/2007 - 09:03:18 | N | 95248] C:\install.res.1040.dll
[07/11/2007 - 09:03:18 | N | 81424] C:\install.res.1041.dll
[07/11/2007 - 09:03:18 | N | 79888] C:\install.res.1042.dll
[07/11/2007 - 09:03:18 | N | 75792] C:\install.res.2052.dll
[07/11/2007 - 09:03:18 | N | 96272] C:\install.res.3082.dll
[09/05/2010 - 16:49:27 | N | 0] C:\IO.SYS
[27/06/2010 - 15:19:35 | N | 7477] C:\JavaRa.log
[02/11/2010 - 19:37:36 | D ] C:\LRE_Data
[09/02/2001 - 18:53:08 | N | 0] C:\mc1234
[02/11/2010 - 19:20:40 | N | 22] C:\Mcinst.ini
[15/03/2010 - 20:15:50 | D ] C:\MCLRE
[09/05/2010 - 16:49:27 | N | 0] C:\MSDOS.SYS
[05/08/2004 - 14:00:00 | N | 24448] C:\NTBOOTDD.SYS
[05/08/2004 - 14:00:00 | RASH | 47564] C:\NTDETECT.COM
[12/05/2010 - 00:55:03 | N | 252240] C:\ntldr
[26/04/2011 - 09:36:33 | ASH | 754974720] C:\pagefile.sys
[16/04/2011 - 23:50:28 | D ] C:\Program Files
[26/04/2011 - 17:58:49 | SHD ] C:\RECYCLER
[09/05/2010 - 17:00:25 | SHD ] C:\System Volume Information
[26/04/2011 - 17:58:49 | D ] C:\UsbFix
[26/04/2011 - 17:58:52 | A | 926] C:\UsbFix.txt
[26/04/2011 - 17:51:34 | N | 4570194] C:\UsbFix_Upload_Me_PORTABLE.zip
[15/03/2010 - 20:55:21 | N | 774] C:\USERSET.DAT
[07/11/2007 - 09:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 09:09:22 | N | 1442522] C:\VC_RED.cab
[07/11/2007 - 09:12:28 | N | 232960] C:\VC_RED.MSI
[21/04/2011 - 13:50:12 | D ] C:\WINDOWS
[20/03/2010 - 20:25:22 | N | 311078912] E:\LRL0552FRE.iso
[08/10/2006 - 19:27:46 | SHD ] E:\System Volume Information
[08/10/2006 - 19:29:24 | SHD ] E:\Recycled
[08/10/2006 - 19:32:44 | D ] E:\Mes images
[08/10/2006 - 19:34:22 | D ] E:\Ma musique
[06/02/2011 - 11:49:58 | D ] E:\2010_10_30
[07/06/2009 - 09:19:30 | N | 1636772] E:\tshirt.JPG
[09/05/2010 - 14:08:38 | D ] E:\photos de classe
[09/05/2010 - 14:08:40 | D ] E:\photos papa
[09/05/2010 - 14:08:56 | D ] E:\QuickCam
[09/05/2010 - 14:08:56 | D ] E:\rentrée scolaire 2008-2009
[09/05/2010 - 14:08:58 | D ] E:\Sortie ferme d'Antan
[06/02/2011 - 11:49:52 | D ] E:\j2010bourg d péage
[06/02/2011 - 11:50:00 | D ] E:\2010_10_31
[06/02/2011 - 11:50:06 | D ] E:\2010_11_01
[09/05/2010 - 14:09:26 | D ] E:\noel tournon
[06/02/2011 - 11:50:06 | D ] E:\2010_11_02
[26/11/2008 - 10:36:28 | N | 291935] E:\fond ecran.jpg
[09/05/2010 - 14:10:36 | D ] E:\Photos Kodak
[09/05/2010 - 14:11:00 | D ] E:\aquarium
[09/05/2010 - 14:12:32 | D ] E:\avril mai juin 2009
[09/05/2010 - 14:19:56 | D ] E:\carnaval
[09/05/2010 - 14:19:58 | D ] E:\cereste
[09/05/2010 - 14:20:26 | D ] E:\juillet aout septembre octobre 09
[09/05/2010 - 14:39:10 | D ] E:\Photos 2009
[06/02/2011 - 11:50:10 | D ] E:\2010_12_20
[02/04/2010 - 16:56:30 | N | 1857354] E:\pc range.bmp
[06/02/2011 - 11:55:06 | D ] E:\2011_01_28
[20/01/2011 - 20:26:18 | ASH | 32256] E:\Thumbs.db
[17/03/2010 - 09:36:04 | N | 23040] E:\codepannes land.pdf
[17/05/2010 - 17:53:40 | D ] E:\anniversaire mamie 05 2010
[15/05/2010 - 16:39:52 | N | 1112242] E:\2010 05 15 40 Avignon.JPG
[15/08/2007 - 07:46:52 | D ] E:\Mes vidéos
[04/07/2008 - 21:27:12 | D ] E:\LAND RACER
[20/03/2009 - 19:04:06 | D ] E:\TomTom
[20/03/2009 - 19:05:44 | D ] E:\Adobe Photoshop 7.0 FR
[20/03/2009 - 19:10:28 | D ] E:\discovery
[20/03/2009 - 19:13:40 | D ] E:\documents administratifs
[01/08/2009 - 11:48:06 | D ] E:\Adobe Illustrator 10
[09/05/2010 - 12:55:02 | D ] E:\toussuire 2010

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PORTABLE.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.

################## | E.O.F |
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar alexis ginguenaud » 26 Avr 2011 17:34

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6448

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26/04/2011 18:33:15
mbam-log-2011-04-26 (18-33-15).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 131657
Temps écoulé: 11 minute(s), 28 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar TopXm » 27 Avr 2011 09:25

Salut,

C'est OK pour les rapports, tu peux refaire un OTL pour voir : babylon-probleme-t37340.html#p253923

et poster les deux rapports en pièce jointe
Image
Téléchargement gratuit Give Away Of the day
Avatar de l’utilisateur
TopXm
Libellulien Junior
Libellulien Junior
 
Messages: 421
Inscription: 22 Jan 2008 23:44

Re: babylon - problème...

Messagepar alexis ginguenaud » 27 Avr 2011 17:44

et voilà les rapports
OTL logfile created on: 27/04/2011 18:31:07 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\alexis ginguenaud\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

479,00 Mb Total Physical Memory | 91,00 Mb Available Physical Memory | 19,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 9,22 Gb Free Space | 24,76% Space Free | Partition Type: NTFS

Computer Name: PORTABLE | User Name: alexis ginguenaud | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
PRC - [2011/03/24 21:10:22 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/06 10:21:32 | 012,587,696 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/07/10 14:56:34 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2010/06/21 21:36:13 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/06/21 21:36:12 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/05/28 13:04:52 | 000,911,920 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/05 18:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/02/05 18:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2004/12/22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/07/24 05:49:30 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/07/23 18:25:40 | 000,217,188 | ---- | M] (Gemtek) -- C:\Program Files\GlobespanVirata\XPFix.exe
PRC - [2003/04/29 06:08:22 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe


========== Modules (SafeList) ==========

MOD - [2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/02/05 18:20:30 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj02.dll
MOD - [2004/07/24 05:49:24 | 000,066,048 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/06/21 21:36:13 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/06/21 21:36:12 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/02/05 18:22:36 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/02/05 18:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/02/05 18:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)


========== Driver Services (SafeList) ==========

DRV - [2010/10/30 14:32:24 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010/10/26 23:49:17 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/06/21 21:36:14 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/21 21:36:14 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/28 13:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/02/06 04:21:48 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/02/06 04:21:37 | 004,658,456 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2008/02/06 04:21:25 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/02/06 04:20:40 | 000,628,760 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/02/05 18:20:08 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/02/05 18:18:12 | 000,689,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2005/07/28 09:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/12/22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/10 05:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2004/07/20 20:16:00 | 000,393,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PRISMA00.sys -- (PRISM_A00)
DRV - [2004/02/21 05:00:44 | 001,265,388 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [1998/03/03 13:55:58 | 000,040,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mgnt.sys -- (MicroGuard)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-746137067-152049171-1060284298-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "free-downloads.net Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/ig"
FF - prefs.js..extensions.enabledItems: {ecdee021-0d17-467f-a1ff-c7a115230949}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=68c94c7b00000000000000904bca80f9&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/02 08:24:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/26 18:13:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/06 10:21:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2011/01/29 13:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions
[2010/05/10 08:23:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/29 13:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/10/05 21:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/04/26 18:20:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions
[2011/03/11 20:17:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/04/10 00:18:07 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2011/04/10 00:18:05 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\engine@conduit.com
[2011/04/15 14:26:05 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\ffxtlbr@babylon.com
[2010/10/30 18:25:52 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\searchplugins\askcom.xml
[2010/01/20 12:16:28 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\searchplugins\conduit.xml
[2010/06/13 19:07:05 | 000,002,149 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\searchplugins\MyStart Search.xml
[2011/04/26 18:20:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/14 12:42:31 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/03/11 19:49:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/11 20:16:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/03/11 19:48:24 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/29 18:03:06 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/10/29 18:03:07 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/29 18:03:07 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/10/29 18:03:08 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/10/29 18:03:08 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/06/20 15:30:32 | 000,408,483 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14125 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe (Gemtek)
O4 - HKU\S-1-5-21-746137067-152049171-1060284298-1005..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\alexis ginguenaud\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/09 16:49:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/04/26 17:59:44 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe - (Logitech Inc.)
MsConfig - StartUpReg: Lexmark X1100 Series - hkey= - key= - C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
MsConfig - StartUpReg: LogitechCommunicationsManager - hkey= - key= - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe ()
MsConfig - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/26 18:20:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/26 18:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/04/26 18:20:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/26 18:19:15 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe
[2011/04/26 17:59:44 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/04/26 17:45:44 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011/04/26 17:42:18 | 001,227,544 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\UsbFix.exe
[2011/04/20 10:54:19 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
[2011/04/18 21:59:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\alexis ginguenaud\Recent
[2011/04/16 23:50:28 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Uninstaller
[2011/04/15 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VirtualDubMOD
[2011/04/15 14:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDubMOD
[2011/04/15 14:33:25 | 002,588,349 | ---- | C] (www.virtualdub-fr.org ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\VirtualDubMOD_1.5.10.3_b2550.exe
[2011/04/10 19:01:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2011/04/10 19:01:53 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2011/03/31 20:35:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\coffinnails
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/27 18:15:01 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/27 11:35:17 | 000,004,064 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\chauvesou.jpg
[2011/04/27 11:34:49 | 000,003,402 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\chauvesouri.jpg
[2011/04/27 10:47:21 | 019,833,870 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\DISCO ARR + LOGO.psd
[2011/04/27 10:15:29 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/26 18:19:20 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe
[2011/04/26 18:09:08 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TempFile
[2011/04/26 18:09:02 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\Registry Reviver-alexis ginguenaud-Startup.job
[2011/04/26 18:09:01 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-alexis ginguenaud-Startup.job
[2011/04/26 18:08:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/26 17:59:48 | 004,570,559 | ---- | M] () -- C:\UsbFix_Upload_Me_PORTABLE.zip
[2011/04/26 17:42:21 | 001,227,544 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\UsbFix.exe
[2011/04/24 04:04:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\File Helper.job
[2011/04/21 19:50:48 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\AD-R.lnk
[2011/04/21 13:48:21 | 000,124,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/20 10:55:30 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\Raccourci vers OTL.lnk
[2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
[2011/04/16 17:56:34 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/15 14:40:34 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\VirtualDubMOD.lnk
[2011/04/15 14:33:25 | 002,588,349 | ---- | M] (www.virtualdub-fr.org ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\VirtualDubMOD_1.5.10.3_b2550.exe
[2011/04/14 16:42:19 | 020,586,196 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\vlc-1.1.8-win32.exe
[2011/04/08 09:04:51 | 000,439,154 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/04/08 09:04:51 | 000,374,398 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/08 09:04:51 | 000,061,302 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/04/08 09:04:51 | 000,050,866 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/07 12:48:52 | 000,002,484 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\cc_20110407_124721.reg
[2011/03/31 20:13:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/27 11:35:17 | 000,004,064 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\chauvesou.jpg
[2011/04/27 11:34:47 | 000,003,402 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\chauvesouri.jpg
[2011/04/27 10:47:20 | 019,833,870 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\DISCO ARR + LOGO.psd
[2011/04/26 17:51:33 | 004,570,559 | ---- | C] () -- C:\UsbFix_Upload_Me_PORTABLE.zip
[2011/04/21 19:50:47 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\AD-R.lnk
[2011/04/20 10:55:30 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\Raccourci vers OTL.lnk
[2011/04/15 14:40:34 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\VirtualDubMOD.lnk
[2011/04/14 16:42:09 | 020,586,196 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\vlc-1.1.8-win32.exe
[2011/04/07 12:47:53 | 000,002,484 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\cc_20110407_124721.reg
[2011/01/23 12:59:05 | 000,000,101 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010/11/02 19:32:36 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2010/10/30 14:32:24 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2010/10/30 14:32:13 | 000,021,760 | ---- | C] () -- C:\WINDOWS\System32\MG16.DLL
[2010/10/30 14:32:07 | 000,040,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\mgnt.sys
[2010/07/14 13:22:20 | 000,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/07/14 12:46:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/05/17 10:23:05 | 000,140,288 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/13 18:32:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\Javelin.dll
[2010/05/13 18:31:07 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2010/05/13 18:27:04 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/05/13 18:27:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/05/09 18:38:17 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\fusioncache.dat
[2010/05/09 18:34:11 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/05/09 18:32:33 | 000,124,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/09 18:23:22 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/05/09 18:13:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/05/09 18:01:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/09 17:16:16 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/05/09 16:57:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/05/09 16:53:26 | 000,000,996 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/05/09 16:45:28 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/02/05 18:20:08 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2004/08/05 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 14:00:00 | 000,439,154 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/05 14:00:00 | 000,374,398 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 14:00:00 | 000,061,302 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/05 14:00:00 | 000,050,866 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/05 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/08/18 16:55:48 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2003/08/18 16:46:38 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2003/07/30 11:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/07/30 10:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/11/13 21:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2002/09/13 17:40:06 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2001/01/19 21:50:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %ALLUSERSPROFILE%\Application Data\*. >
[2010/10/30 16:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/06/21 19:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/05/09 18:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/05/17 21:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/05/17 21:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2010/07/14 13:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2010/07/14 13:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2010/06/24 17:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/15 19:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCADMIN
[2010/10/28 22:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/10/28 22:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/10/07 04:19:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/06/27 19:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2010/07/14 12:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/06/27 15:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/05/09 18:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/31 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/29 13:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2010/06/26 12:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2011/04/26 17:53:02 | 000,523,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe

< %APPDATA%\*. >
[2011/02/09 19:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Adobe
[2011/02/27 19:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\BitLord
[2010/07/16 16:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\DeepBurner
[2010/10/27 00:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\dvdcss
[2010/05/09 18:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Google
[2010/05/09 17:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Identities
[2010/07/14 13:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Leadertech
[2010/05/09 18:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Macromedia
[2010/06/24 17:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Malwarebytes
[2010/06/27 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Media Player Classic
[2011/02/11 20:06:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Microsoft
[2010/05/09 18:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla
[2010/11/01 15:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla-Cache
[2010/12/10 19:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Python-Eggs
[2011/03/14 11:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Skype
[2011/03/14 10:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\skypePM
[2011/04/06 13:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Spotify
[2010/05/09 17:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Sun
[2010/05/10 08:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Thunderbird
[2011/01/29 13:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\TomTom
[2011/04/18 23:07:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\vlc
[2010/10/27 19:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >


< MD5 for: AGP440.SYS >
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/05/12 00:46:56 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/05/12 00:46:56 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/05/12 00:46:56 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/05/12 00:46:56 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys
[2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2004/09/26 15:24:54 | 000,477,952 | ---- | M] (Intel Corporation) MD5=DD19FDD8BB262F64A11C50CC23FC6F70 -- C:\WINDOWS\OEM\iaStor\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2004/09/02 09:24:38 | 000,082,816 | ---- | M] (NVIDIA Corporation) MD5=EEABD98AA887DD923546F20D400B2907 -- C:\WINDOWS\OEM\nvatabus\nvatabus.sys

< MD5 for: SCECLI.DLL >
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: TCPIP.SYS >
[2008/06/20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008/06/20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004/08/05 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: VIAMRAID.SYS >
[2004/05/18 15:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\WINDOWS\OEM\viapdsk\viamraid.sys

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar alexis ginguenaud » 27 Avr 2011 17:45

OTL Extras logfile created on: 27/04/2011 18:31:07 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\alexis ginguenaud\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

479,00 Mb Total Physical Memory | 91,00 Mb Available Physical Memory | 19,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 9,22 Gb Free Space | 24,76% Space Free | Partition Type: NTFS

Computer Name: PORTABLE | User Name: alexis ginguenaud | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6444D9D9-CD6C-4464-B970-55C606C944DC}" = Logitech QuickCam
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.4 - Français
"{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 Fr
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E47A61C9-A266-4EAC-B93A-47D4EB391142}" = PRISM 802.11 Adapter
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Ad-Remover" = Ad-Remover par C_XX
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Ares" = Ares 2.1.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"ie8" = Windows Internet Explorer 8
"Lexmark X1100 Series" = Lexmark X1100 Series
"LMMS 0.4.8" = Linux MultiMedia Studio (LMMS)
"lvdrivers_11.70" = Coffret de pilotes Logitech QuickCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microcat for Land Rover" = Microcat for Land Rover
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Secunia PSI" = Secunia PSI
"Spotify" = Spotify
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Usbfix" = UsbFix By TeamXscript
"VLC media player" = VLC media player 1.1.7
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = Logiciel d'archivage WinRAR
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/10/2010 17:48:53 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 26/10/2010 17:54:12 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 03:24:00 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 03:24:06 | Computer Name = PORTABLE | Source = crypt32 | ID = 131075
Description = Échec de la récupération de la mise à jour automatique du fichier
CAB de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 17:48:00 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3951, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 30/10/2010 18:01:27 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3951, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 01/11/2010 09:47:30 | Computer Name = PORTABLE | Source = Application Error | ID = 1000
Description = Application défaillante pprekop.exe, version 4.2.0.172, module défaillant
ole32.dll, version 5.1.2600.2182, adresse de défaillance 0x10017bed.

Error - 17/03/2010 13:06:59 | Computer Name = PORTABLE | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon
la vérification par rapport à l'horloge système en cours ou le tampon daté dans
le fichier signé.

Error - 17/03/2010 13:06:59 | Computer Name = PORTABLE | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon
la vérification par rapport à l'horloge système en cours ou le tampon daté dans
le fichier signé.

Error - 17/03/2010 13:07:14 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


[ System Events ]
Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service Carte de performance WMI s'est terminé de façon inattendue
pour la 1ème fois.

Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service Process Monitor s'est terminé de façon inattendue pour
la 1ème fois.

Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service Java Quick Starter s'est terminé de façon inattendue pour
la 1ème fois.

Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service LVCOMSer s'est terminé de façon inattendue pour la 1ème
fois.

Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7031
Description = Le service Spouleur d'impression s'est terminé de manière inattendue.
Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans
60000 millisecondes : Redémarrer le service.

Error - 26/04/2011 11:57:35 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7031
Description = Le service Spouleur d'impression s'est terminé de manière inattendue.
Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans
60000 millisecondes : Redémarrer le service.

Error - 26/04/2011 11:57:35 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service LexBce Server s'est terminé de façon inattendue pour la
2ème fois.

Error - 26/04/2011 11:57:35 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service Windows Installer s'est terminé de façon inattendue pour
la 1ème fois.

Error - 26/04/2011 18:10:34 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 26/04/2011 18:10:34 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.


< End of report >
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar TopXm » 27 Avr 2011 22:29

OK

J'ai juste un peu raté une étape ...

:arrow: Veille à ce que ton antivirus soit toujours désactivé et ferme toutes les fenêtres de ton navigateur le temps d'exécuter Ad-Remover.

  • Si tu es sous XP, double-clique sur l'icone de Ad-Remover qui est sur ton bureau.
    Si tu es sous Vista, Clique droit sur l'icone de AD-Remover sur ton bureau et choisis Exécuter en tant qu'administrateur.

  • Clique sur le bouton Nettoyer pour lancer la désinfection. Confirme ton choix lorsque ça t'est demandé.

  • Patiente le temps que l'outil travaille sans l'interrompre.

  • Un rapport va s'afficher à l'écran. Poste tout son contenu dans ta prochaine réponse.
    (Le rapport est aussi enregistré sur C:/Ad-Report-(jour-mois-année).log)
Image
Téléchargement gratuit Give Away Of the day
Avatar de l’utilisateur
TopXm
Libellulien Junior
Libellulien Junior
 
Messages: 421
Inscription: 22 Jan 2008 23:44

Re: babylon - problème...

Messagepar alexis ginguenaud » 27 Avr 2011 22:52

et voilà
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 23:35:02 le 27/04/2011, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)
alexis ginguenaud@PORTABLE ( )

============== ACTION(S) ==============


Fichier supprimé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\searchplugins\askcom.xml
Dossier supprimé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\conduit
Dossier supprimé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\ConduitEngine
Dossier supprimé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\extensions\engine@conduit.com
Fichier supprimé: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\searchplugins\conduit.xml
Dossier supprimé: C:\Program Files\Ask.com
Dossier supprimé: C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Program Files\Conduit

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default\Prefs.js --
Ligne supprimée: user_pref("CT1098640.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne supprimée: user_pref("CT1098640.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT109...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/FR", "\"0\"")...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.2...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.3...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "63...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =3/13/20...
Ligne supprimée: user_pref("CommunityToolbar.EngineHiddenByUser", true);
Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", false);
Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1098640,ConduitEngine");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT1098640");
Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Mar 20 2011 22:16:29 GMT+01...
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Apr 27 2011 12:47:36 GMT+0200");
Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Apr 27 2011 12:47:28 GMT+0200");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "674f6bfe-55c6-43c1-bdab-c7234c2d635c");
Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Oct 27 2010 00:05:04 GMT+0200");
Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1098640");
Ligne supprimée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Apr 21 2011 10:13:30 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.CTID", "ConduitEngine");
Ligne supprimée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Apr 13 2011 18:25:32 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.FirstServerDate", "03/20/2011 23");
Ligne supprimée: user_pref("ConduitEngine.FirstTime", true);
Ligne supprimée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne supprimée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne supprimée: user_pref("ConduitEngine.Initialize", true);
Ligne supprimée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne supprimée: user_pref("ConduitEngine.InstalledDate", "Sun Mar 20 2011 22:16:33 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Ligne supprimée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Apr 14 2011 18:26:23 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.3.2.1", "Sun Apr 10 2011 00:03:35 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Fri Apr 15 2011 13:24:10 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne supprimée: user_pref("ConduitEngine.SettingsLastCheckTime", "Fri Apr 15 2011 13:24:08 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.UserID", "UN02938287129060546");
Ligne supprimée: user_pref("ConduitEngine.componentAlertEnabled", false);
Ligne supprimée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne supprimée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Apr 14 2011 18:25:58 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Fri Apr 15 2011 11:24:09 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.initDone", true);
Ligne supprimée: user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Ligne supprimée: user_pref("ConduitEngine.usagesFlag", 2);
Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&Sea...
Ligne supprimée: user_pref("browser.search.order.1", "Ask.com");
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\Interface\{144940B1-F191-11D0-A8E2-00A0C90F29FC}
Clé supprimée: HKLM\Software\Classes\Toolbar.CT1098640
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\Grand Virtual
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.16 (fr)] ****

Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox )

-- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\FireFox\Profiles\wu2ddwxo.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\{ecdee021-0d17-467f-a1ff-c7a115230949} (free-downloads.net Community Toolbar)
Searchplugins\MyStart Search.xml (?)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\alexis ginguenaud\\Mes documents
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/ig
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss ... tlRef=ss...

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKLM_ElevationPolicy\d9796250-a4d1-4fc3-b963-0d286da3aae2 - C:\Program Files\free-downloads.net\free-downloads.netToolbarHelper.exe (x)
HKLM_ElevationPolicy\{F2DD9BC5-3851-4766-9F67-A627B3C053DD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 108 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 27/04/2011 23:37:08 (10391 Octet(s))
C:\Ad-Report-SCAN[1].txt - 21/04/2011 19:51:45 (11543 Octet(s))

Fin à: 23:38:39, 27/04/2011

============== E.O.F ==============
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar TopXm » 28 Avr 2011 02:20

OK

Ad-R a viré pas mal de choses ça devrait aller mieux, tu peux refaire un OTL pour voir ce qu'il reste

Méthode pour OTL : babylon-probleme-t37340.html#p253923

:supers:
Image
Téléchargement gratuit Give Away Of the day
Avatar de l’utilisateur
TopXm
Libellulien Junior
Libellulien Junior
 
Messages: 421
Inscription: 22 Jan 2008 23:44

Re: babylon - problème...

Messagepar alexis ginguenaud » 28 Avr 2011 07:23

les rapports d'otl:

OTL logfile created on: 28/04/2011 08:08:41 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\alexis ginguenaud\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

479,00 Mb Total Physical Memory | 56,00 Mb Available Physical Memory | 12,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 9,45 Gb Free Space | 25,37% Space Free | Partition Type: NTFS

Computer Name: PORTABLE | User Name: alexis ginguenaud | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
PRC - [2011/03/24 21:10:22 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/06 10:21:32 | 012,587,696 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/07/10 14:56:34 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2010/06/21 21:36:13 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/06/21 21:36:12 | 000,466,689 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe
PRC - [2010/06/21 21:36:12 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/05/28 13:04:52 | 000,911,920 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/05 18:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/02/05 18:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2004/12/22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/07/24 05:49:30 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/07/23 18:25:40 | 000,217,188 | ---- | M] (Gemtek) -- C:\Program Files\GlobespanVirata\XPFix.exe
PRC - [2003/04/29 06:08:22 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe


========== Modules (SafeList) ==========

MOD - [2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/02/05 18:20:30 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj02.dll
MOD - [2004/07/24 05:49:24 | 000,066,048 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/06/21 21:36:13 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/06/21 21:36:12 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/02/05 18:22:36 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/02/05 18:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/02/05 18:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)


========== Driver Services (SafeList) ==========

DRV - [2010/10/30 14:32:24 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010/10/26 23:49:17 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/06/21 21:36:14 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/21 21:36:14 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/28 13:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/02/06 04:21:48 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/02/06 04:21:37 | 004,658,456 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2008/02/06 04:21:25 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/02/06 04:20:40 | 000,628,760 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/02/05 18:20:08 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/02/05 18:18:12 | 000,689,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2005/07/28 09:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/12/22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/10 05:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2004/07/20 20:16:00 | 000,393,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PRISMA00.sys -- (PRISM_A00)
DRV - [2004/02/21 05:00:44 | 001,265,388 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [1998/03/03 13:55:58 | 000,040,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mgnt.sys -- (MicroGuard)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-746137067-152049171-1060284298-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "free-downloads.net Customized Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/ig"
FF - prefs.js..extensions.enabledItems: {ecdee021-0d17-467f-a1ff-c7a115230949}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=68c94c7b00000000000000904bca80f9&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/02 08:24:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/26 18:13:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/06 10:21:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2011/01/29 13:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions
[2010/05/10 08:23:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/29 13:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/10/05 21:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/04/27 23:46:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions
[2011/03/11 20:17:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/04/10 00:18:07 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2011/04/15 14:26:05 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\extensions\ffxtlbr@babylon.com
[2010/06/13 19:07:05 | 000,002,149 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla\Firefox\Profiles\wu2ddwxo.default\searchplugins\MyStart Search.xml
[2011/04/27 18:36:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/14 12:42:31 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/03/11 19:49:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/11 20:16:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/03/11 19:48:24 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/29 18:03:06 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/10/29 18:03:07 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/29 18:03:07 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/10/29 18:03:08 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/10/29 18:03:08 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/06/20 15:30:32 | 000,408,483 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14125 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe (Gemtek)
O4 - HKU\S-1-5-21-746137067-152049171-1060284298-1005..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - Startup: C:\Documents and Settings\alexis ginguenaud\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/09 16:49:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/04/26 17:59:44 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe - (Logitech Inc.)
MsConfig - StartUpReg: Lexmark X1100 Series - hkey= - key= - C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
MsConfig - StartUpReg: LogitechCommunicationsManager - hkey= - key= - C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe ()
MsConfig - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/26 18:20:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/26 18:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/04/26 18:20:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/26 18:19:15 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe
[2011/04/26 17:59:44 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/04/26 17:45:44 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011/04/26 17:42:18 | 001,227,544 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\UsbFix.exe
[2011/04/20 10:54:19 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
[2011/04/18 21:59:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\alexis ginguenaud\Recent
[2011/04/16 23:50:28 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Uninstaller
[2011/04/15 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VirtualDubMOD
[2011/04/15 14:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDubMOD
[2011/04/15 14:33:25 | 002,588,349 | ---- | C] (www.virtualdub-fr.org ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\VirtualDubMOD_1.5.10.3_b2550.exe
[2011/04/10 19:01:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2011/04/10 19:01:53 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2011/03/31 20:35:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\coffinnails
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/28 08:15:04 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/27 23:44:35 | 000,439,154 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/04/27 23:44:34 | 000,374,398 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/27 23:44:34 | 000,061,302 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/04/27 23:44:34 | 000,050,866 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/27 23:41:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TempFile
[2011/04/27 23:41:47 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/27 23:41:40 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\Registry Reviver-alexis ginguenaud-Startup.job
[2011/04/27 23:41:40 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-alexis ginguenaud-Startup.job
[2011/04/27 23:41:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/27 19:16:37 | 019,833,870 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\DISCO ARR + LOGO.psd
[2011/04/26 18:19:20 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe
[2011/04/26 17:59:48 | 004,570,559 | ---- | M] () -- C:\UsbFix_Upload_Me_PORTABLE.zip
[2011/04/26 17:42:21 | 001,227,544 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\UsbFix.exe
[2011/04/24 04:04:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\File Helper.job
[2011/04/21 19:50:48 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\AD-R.lnk
[2011/04/21 13:48:21 | 000,124,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/20 10:55:30 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\Raccourci vers OTL.lnk
[2011/04/20 10:54:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\OTL.exe
[2011/04/16 17:56:34 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/15 14:40:34 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\VirtualDubMOD.lnk
[2011/04/15 14:33:25 | 002,588,349 | ---- | M] (www.virtualdub-fr.org ) -- C:\Documents and Settings\alexis ginguenaud\Mes documents\VirtualDubMOD_1.5.10.3_b2550.exe
[2011/04/14 16:42:19 | 020,586,196 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\vlc-1.1.8-win32.exe
[2011/04/07 12:48:52 | 000,002,484 | ---- | M] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\cc_20110407_124721.reg
[2011/03/31 20:13:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/27 10:47:20 | 019,833,870 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\DISCO ARR + LOGO.psd
[2011/04/26 17:51:33 | 004,570,559 | ---- | C] () -- C:\UsbFix_Upload_Me_PORTABLE.zip
[2011/04/21 19:50:47 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\AD-R.lnk
[2011/04/20 10:55:30 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\Raccourci vers OTL.lnk
[2011/04/15 14:40:34 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Bureau\VirtualDubMOD.lnk
[2011/04/14 16:42:09 | 020,586,196 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\vlc-1.1.8-win32.exe
[2011/04/07 12:47:53 | 000,002,484 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Mes documents\cc_20110407_124721.reg
[2011/01/23 12:59:05 | 000,000,101 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010/11/02 19:32:36 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2010/10/30 14:32:24 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2010/10/30 14:32:13 | 000,021,760 | ---- | C] () -- C:\WINDOWS\System32\MG16.DLL
[2010/10/30 14:32:07 | 000,040,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\mgnt.sys
[2010/07/14 13:22:20 | 000,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/07/14 12:46:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/05/17 10:23:05 | 000,140,288 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/13 18:32:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\Javelin.dll
[2010/05/13 18:31:07 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2010/05/13 18:27:04 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/05/13 18:27:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/05/09 18:38:17 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\alexis ginguenaud\Local Settings\Application Data\fusioncache.dat
[2010/05/09 18:34:11 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/05/09 18:32:33 | 000,124,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/09 18:23:22 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/05/09 18:13:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/05/09 18:01:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/09 17:16:16 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/05/09 16:57:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/05/09 16:53:26 | 000,000,996 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/05/09 16:45:28 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/02/05 18:20:08 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2004/08/05 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 14:00:00 | 000,439,154 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/05 14:00:00 | 000,374,398 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 14:00:00 | 000,061,302 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/05 14:00:00 | 000,050,866 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/05 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/08/18 16:55:48 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2003/08/18 16:46:38 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2003/07/30 11:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/07/30 10:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/11/13 21:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2002/09/13 17:40:06 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2001/01/19 21:50:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE

========== LOP Check ==========

[2011/02/27 19:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\BitLord
[2010/07/16 16:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\DeepBurner
[2010/07/14 13:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Leadertech
[2010/12/10 19:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Python-Eggs
[2011/04/06 13:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Spotify
[2010/05/10 08:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Thunderbird
[2011/01/29 13:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\TomTom
[2010/05/17 21:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/05/17 21:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2010/03/15 19:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCADMIN
[2010/06/27 19:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2010/05/31 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/29 13:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2010/06/26 12:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer
[2011/04/24 04:04:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\File Helper.job
[2011/04/27 23:41:40 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Reviver-alexis ginguenaud-Startup.job
[2011/04/27 23:41:40 | 000,000,384 | ---- | M] () -- C:\WINDOWS\Tasks\WinMaximizer-alexis ginguenaud-Startup.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %ALLUSERSPROFILE%\Application Data\*. >
[2010/10/30 16:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/06/21 19:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/05/09 18:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/05/17 21:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2010/05/17 21:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2010/07/14 13:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2010/07/14 13:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2010/06/24 17:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/15 19:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCADMIN
[2010/10/28 22:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/10/28 22:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/10/07 04:19:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/06/27 19:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2010/07/14 12:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/06/27 15:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/05/09 18:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/31 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/29 13:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2010/06/26 12:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2011/04/26 17:53:02 | 000,523,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe

< %APPDATA%\*. >
[2011/02/09 19:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Adobe
[2011/02/27 19:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\BitLord
[2010/07/16 16:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\DeepBurner
[2010/10/27 00:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\dvdcss
[2010/05/09 18:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Google
[2010/05/09 17:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Identities
[2010/07/14 13:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Leadertech
[2010/05/09 18:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Macromedia
[2010/06/24 17:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Malwarebytes
[2010/06/27 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Media Player Classic
[2011/02/11 20:06:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Microsoft
[2010/05/09 18:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla
[2010/11/01 15:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Mozilla-Cache
[2010/12/10 19:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Python-Eggs
[2011/03/14 11:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Skype
[2011/03/14 10:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\skypePM
[2011/04/06 13:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Spotify
[2010/05/09 17:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Sun
[2010/05/10 08:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\Thunderbird
[2011/01/29 13:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\TomTom
[2011/04/18 23:07:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\vlc
[2010/10/27 19:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\alexis ginguenaud\Application Data\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >


< MD5 for: AGP440.SYS >
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/05/12 00:46:56 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/05/12 00:46:56 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/05/12 00:46:56 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/05/12 00:46:56 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys
[2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2004/09/26 15:24:54 | 000,477,952 | ---- | M] (Intel Corporation) MD5=DD19FDD8BB262F64A11C50CC23FC6F70 -- C:\WINDOWS\OEM\iaStor\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2004/09/02 09:24:38 | 000,082,816 | ---- | M] (NVIDIA Corporation) MD5=EEABD98AA887DD923546F20D400B2907 -- C:\WINDOWS\OEM\nvatabus\nvatabus.sys

< MD5 for: SCECLI.DLL >
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: TCPIP.SYS >
[2008/06/20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008/06/20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004/08/05 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: VIAMRAID.SYS >
[2004/05/18 15:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\WINDOWS\OEM\viapdsk\viamraid.sys

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\alexis ginguenaud\Mes documents\DISCO ARR + LOGO.psd:SummaryInformation
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Re: babylon - problème...

Messagepar alexis ginguenaud » 28 Avr 2011 07:24

OTL Extras logfile created on: 28/04/2011 08:08:41 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\alexis ginguenaud\Mes documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

479,00 Mb Total Physical Memory | 56,00 Mb Available Physical Memory | 12,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 9,45 Gb Free Space | 25,37% Space Free | Partition Type: NTFS

Computer Name: PORTABLE | User Name: alexis ginguenaud | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6444D9D9-CD6C-4464-B970-55C606C944DC}" = Logitech QuickCam
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.4 - Français
"{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 Fr
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E47A61C9-A266-4EAC-B93A-47D4EB391142}" = PRISM 802.11 Adapter
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Ad-Remover" = Ad-Remover par C_XX
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Ares" = Ares 2.1.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"ie8" = Windows Internet Explorer 8
"Lexmark X1100 Series" = Lexmark X1100 Series
"LMMS 0.4.8" = Linux MultiMedia Studio (LMMS)
"lvdrivers_11.70" = Coffret de pilotes Logitech QuickCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microcat for Land Rover" = Microcat for Land Rover
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Secunia PSI" = Secunia PSI
"Spotify" = Spotify
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Usbfix" = UsbFix By TeamXscript
"VLC media player" = VLC media player 1.1.7
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = Logiciel d'archivage WinRAR
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-746137067-152049171-1060284298-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17/10/2010 02:54:44 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 24/10/2010 03:07:30 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 26/10/2010 17:48:53 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 26/10/2010 17:54:12 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 03:24:00 | Computer Name = PORTABLE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 03:24:06 | Computer Name = PORTABLE | Source = crypt32 | ID = 131075
Description = Échec de la récupération de la mise à jour automatique du fichier
CAB de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 30/10/2010 17:48:00 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3951, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 30/10/2010 18:01:27 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3951, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 01/11/2010 09:47:30 | Computer Name = PORTABLE | Source = Application Error | ID = 1000
Description = Application défaillante pprekop.exe, version 4.2.0.172, module défaillant
ole32.dll, version 5.1.2600.2182, adresse de défaillance 0x10017bed.

Error - 17/03/2010 13:06:59 | Computer Name = PORTABLE | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon
la vérification par rapport à l'horloge système en cours ou le tampon daté dans
le fichier signé.

[ System Events ]
Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service Process Monitor s'est terminé de façon inattendue pour
la 1ème fois.

Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service Java Quick Starter s'est terminé de façon inattendue pour
la 1ème fois.

Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service LVCOMSer s'est terminé de façon inattendue pour la 1ème
fois.

Error - 26/04/2011 11:49:07 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7031
Description = Le service Spouleur d'impression s'est terminé de manière inattendue.
Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans
60000 millisecondes : Redémarrer le service.

Error - 26/04/2011 11:57:35 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7031
Description = Le service Spouleur d'impression s'est terminé de manière inattendue.
Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans
60000 millisecondes : Redémarrer le service.

Error - 26/04/2011 11:57:35 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service LexBce Server s'est terminé de façon inattendue pour la
2ème fois.

Error - 26/04/2011 11:57:35 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7034
Description = Le service Windows Installer s'est terminé de façon inattendue pour
la 1ème fois.

Error - 26/04/2011 18:10:34 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 26/04/2011 18:10:34 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.

Error - 27/04/2011 17:44:38 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7023
Description = Le service Carte de performance WMI s'est arrêté avec l'erreur : %%2147500037


< End of report >
alexis ginguenaud
 
Messages: 33
Inscription: 23 Juin 2010 18:48

Suivante

Retourner vers Désinfections et demandes d'analyse

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 0 invités