> Tous les forums > Forum Sécurité
 Connexion internet lente
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
cineaction
  Posté le 02/11/2009 @ 19:35 
Aller en bas de la page 
Petit astucien

Bonjour à toutes et à tous,

Depuis quelques jours, la connexion internet est lente lorsque je surfe. Les fenêtres ne se ferment pas ou deviennent blanches ... puis se ferment ... il est demandé d'envoyer un rapport que je n'envoie pas. Le pc semble bloqué dans l'attente qu'une autre fenêtre internet s'ouvre.
L'analyse antivirale a été faite via antivir. Quelques éléments indésirables (chevaux de Troie) ont été trouvés et mis en quarantaine avant d'être supprimés.

Pouvez-vous m'aider ? Merci.

Publicité
pear
 Posté le 02/11/2009 à 20:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Quelques éléments indésirables (chevaux de Troie) ont été trouvés et mis en quarantaine avant d'être supprimés.

Et ça continue ?

Téléchargez Random's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

Double-cliquez sur RSIT.exe afin de lancer RSIT.
* Cliquez Continue à l'écran Disclaimer.
* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.
* L'analyse terminée, deux fichiers texte s'ouvriront.:
Poster le contenu de log.txt (qui sera affiché)
ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).
* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit


cineaction
 Posté le 02/11/2009 à 20:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Merci Pear pour votre réponse rapide.

Chaque fois que j'essaye de publier les rapports, il est marqué erreur 500. (?)

500 - Internal server error.

There is a problem with the resource you are looking for, and it cannot be displayed.

Que dois-je faire ?



Modifié par cineaction le 02/11/2009 20:46
cineaction
 Posté le 02/11/2009 à 21:22 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

J'essaye autrement en postant uniquement le rapport HJthis

Voici le rapport demandé :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:51:13, on 2/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
J:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
E:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCSVR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: UltimateEnhancer - {42F64121-5B8C-E553-E3E3-31CB9B3ABD9D} - C:\Program Files\UltimateEnhancer\UltimateEnhancer-2.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [RmbNotes] C:\QnnO\RememberNotes\RememberNotes.exe SHOWPUBLIC
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "J:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [L07FXLRD_28132390] "R:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - E:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - I:\Casino\PartyCasino\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - I:\Casino\PartyCasino\RunApp.exe
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/ ... xiaIIA.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.c ... urrent.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/33.02/uploader2.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex ... 0-3-30.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/res ... nPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/24a7d7918e1 ... 601_fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2162820312
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} - http://www2.incredimail.com/contents/se ... loader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe

--
End of file - 9405 bytes

pear
 Posté le 02/11/2009 à 21:42 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Bonsoir,

Ce n'est pas grave.
Si cela se produisait, une prochaine fois, postez le rapport en 2 fois.


Télécharger sur le bureauOTM by OldTimer .
Double-clic sur OTM.exe pour le lancer.
Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur
Vérifier que Unregister Dll's and Ocx's soit coché.
* Copiez /Collez les lignes ci dessous):

:Processes
:Files
c:\program files\ultimateenhancer\ultimateenhancer-2.dll

:Services
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42F64121-5B8C-E553-E3E3-31CB9B3ABD9D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42F64121-5B8C-E553-E3E3-31CB9B3ABD9D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]

:Commands
[purity]
[emptytemp]
[Reboot]

Revenez dans OTM,
Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).
* Click le bouton rouge Moveit!
* Fermez OTM
Votre Pc va redémarrer.
Rendez vous dans le dossier C:\_OTM\MovedFiles ,
ouvrez le dernier fichier .log
Copiez/collez en le contenu dans votre prochaine réponse



cineaction
 Posté le 02/11/2009 à 22:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Je suis désolé mais j'ai fixé une ligne concernant Ultimate... avec HJThis c'est pour cela qu'on ne le retrouve pas dans le rapport que je vous transmets.

Voici :

All processes killed
========== PROCESSES ==========
========== FILES ==========
File/Folder c:\program files\ultimateenhancer\ultimateenhancer-2.dll not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42F64121-5B8C-E553-E3E3-31CB9B3ABD9D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42F64121-5B8C-E553-E3E3-31CB9B3ABD9D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42F64121-5B8C-E553-E3E3-31CB9B3ABD9D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42F64121-5B8C-E553-E3E3-31CB9B3ABD9D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Administrator

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32969 bytes

User: Popol
->Temp folder emptied: 1139101047 bytes
->Temporary Internet Files folder emptied: 597800506 bytes
->Java cache emptied: 19974412 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 1138663 bytes
%systemroot%\System32 .tmp files removed: 3129078 bytes
Windows Temp folder emptied: 28065722 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1706,42 mb


OTM by OldTimer - Version 3.0.0.6 log created on 11022009_222430

Files moved on Reboot...

Registry entries deleted on Reboot...

pear
 Posté le 12/11/2009 à 12:47 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Bonjour,

et désolé our pour tout.

Relancez Rsit , et si le rapport est trop long, postez le en plusieurs fois.

cineaction
 Posté le 12/11/2009 à 18:00 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Logfile of random's system information tool 1.06 (written by random/random)
Run by Popol at 2009-11-12 17:59:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 3 GB (11%) free of 30 GB
Total RAM: 1535 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:59:26, on 12/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
J:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
E:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCSVR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
E:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Documents and Settings\Popol\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Popol.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [RmbNotes] C:\QnnO\RememberNotes\RememberNotes.exe SHOWPUBLIC
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "J:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [L07FXLRD_28132390] "R:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - E:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - I:\Casino\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - I:\Casino\PartyCasino\RunApp.exe (file missing)
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/33.02/uploader2.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/24a7d7918e184a688305/netzip/RdxIE601_fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202162820312
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1257281644531
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe

--
End of file - 9070 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\{21907294-DB72-4FFD-AB11-E8FE2174B161}_PRIVEE-Z93UJZRN_Popol.job
C:\WINDOWS\tasks\{5EC2CA91-978A-4AA2-8102-34679E1599EF}_PRIVEE-Z93UJZRN_Popol.job
C:\WINDOWS\tasks\{9F2F9A0D-0A9C-4DF7-81B4-E93B1D518D86}_PRIVEE-Z93UJZRN_Popol.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2003-02-07 98356]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{955BE0B8-BC85-4CAF-856E-8E0D8B610560}]
BHO pour Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-13 256792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-31 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{147D6308-0614-4112-89B1-31402F9B82C4} - Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-13 256792]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{E0E899AB-F487-11D5-8D29-0050BA6940E3}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2006-02-28 7557120]
"PAC7311_Monitor"=C:\WINDOWS\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]
"RmbNotes"=C:\QnnO\RememberNotes\RememberNotes.exe [2004-03-12 799744]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-31 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=J:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2004-01-12 376915]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2006-03-01 90112]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"L07FXLRD_28132390"=R:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE -m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2006-12-14 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent]
C:\Program Files\CyberLink\PowerVCRII\Agent.exe [2002-10-01 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioHQ]
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE [1999-04-12 203264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoUpdate]
C:\Program Files\Serials3k\s3k_autoupdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL]
E:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe /L ElbyCDFL []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cloneur Expert Monitor]
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe [2006-12-14 437675]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\System32\ctfmon.exe [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2005-11-08 128920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
E:\Program Files\D-Tools\daemon.exe -lang 1033 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe [2003-02-07 114741]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Détecteur de disque]
C:\Program Files\Creative\ShareDLL\CtNotify.exe [1998-12-16 185856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX7400 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExitKiller]
C:\Program Files\Exit Killer\Ekiller.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-09-24 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstaFinderK]
C:\Program Files\INSTAFINK\InstaFinderK_inst.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
M:\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_10112062]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1014125]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_10965593]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1202046]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_12922468]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1505312]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_16048843]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_17562890]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_18201625]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_18290984]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_200156]
R:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE -m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_24226140]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_2587375]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_33405703]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_43178359]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_5127437]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_845984]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_8551609]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_8637500]
-m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 3100 Series]
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXBRKsk]
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nar]
C:\WINDOWS\nar.vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\System32\NvCpl.dll [2006-02-28 7557120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\System32\NvMcTray.dll [2006-02-28 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
C:\Program Files\Pando Networks\Pando\Pando.exe /Automation []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PopUp Destroy]
C:\Program Files\PopUp Destroy\Popup-Destroy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote_Agent]
C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe [2002-11-06 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2004-02-09 65024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickIt]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickIt Note Launcher (Required to load StickIt notes on Windows startup)]
C:\Program Files\Stickit\StickItLauncher.exe [2004-05-09 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-02-13 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TV Media]
C:\Program Files\TV Media\Tvm.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
F:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-09-12 2560000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN]
C:\Program Files\VVSN\VVSN.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebRebates0]
C:\Program Files\Web_Rebates\WebRebates0.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\windows_validation.exe]
windows_validation.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]
C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk]
C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BTTray.lnk]
C:\PROGRA~1\Belkin\LOGICI~1\BTTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2005-09-24 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-09-24 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LG SyncManager.lnk]
C:\PROGRA~1\LGPCSU~1\LGPCSY~1\LGSYNC~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
E:\PROGRA~1\MICROS~1\Office10\OSA.EXE -b -l []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MioSync.lnk]
C:\PROGRA~1\MIOTEC~1\MioSync\mioSync.exe [2006-04-16 638976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Remote Process Manager"=2
"MDM"=2
"iPodService"=3
"IDriverT"=3
"Boonty Games"=3
"BlueSoleil Hid Service"=2
"AcrSch2Svc"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"J:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"="J:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE:*:Enabled:Connection Manager"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"I:\Program Files\UBISOFT\SCRABBLE® 2005 EDITION\Scrabble2005.exe"="I:\Program Files\UBISOFT\SCRABBLE® 2005 EDITION\Scrabble2005.exe:*:Enabled:Scrabble 2005 Edition"
"R:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="R:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"J:\Program Files\eMule\emule.exe"="J:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"F:\Program Files\Ubisoft\Splinter Cell Pandora Tomorrow\pandora.exe"="F:\Program Files\Ubisoft\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:pandora"
"C:\Documents and Settings\Popol\Local Settings\Temp\WZSE0.TMP\SymNRT.exe"="C:\Documents and Settings\Popol\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Program Files\EasyPHP 3.0\mysql\bin\mysqld.exe"="C:\Program Files\EasyPHP 3.0\mysql\bin\mysqld.exe:*:Enabled:mysqld"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60b50c8e-58f3-11de-99e9-001109668b4f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe nar.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c51c2d74-6471-11dc-b104-00102c300101}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe nar.vbs


======List of files/folders created in the last 1 months======

2009-11-11 22:45:13 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-02 22:24:30 ----D---- C:\_OTM
2009-11-02 20:12:02 ----D---- C:\rsit
2009-10-21 12:36:09 ----A---- C:\WINDOWS\system32\javaws.exe
2009-10-21 12:36:09 ----A---- C:\WINDOWS\system32\javaw.exe
2009-10-21 12:36:09 ----A---- C:\WINDOWS\system32\java.exe
2009-10-15 20:30:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 20:30:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 20:27:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 20:27:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 20:27:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 20:25:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 20:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 20:23:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 20:23:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$

======List of files/folders modified in the last 1 months======

2009-11-12 17:29:30 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-12 17:29:21 ----D---- C:\WINDOWS\TEMP
2009-11-12 11:29:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-12 09:53:24 ----D---- C:\WINDOWS\Prefetch
2009-11-12 09:17:19 ----D---- C:\WINDOWS
2009-11-12 08:58:56 ----D---- C:\WINDOWS\system32
2009-11-11 22:45:20 ----HD---- C:\WINDOWS\inf
2009-11-11 22:45:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-11 22:29:11 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-03 23:36:19 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-03 21:54:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-03 21:46:52 ----A---- C:\WINDOWS\imsins.BAK
2009-11-03 21:17:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-02 23:50:46 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-02 22:18:04 ----RD---- C:\Program Files
2009-11-02 21:14:47 ----D---- C:\WINDOWS\system32\drivers
2009-10-28 00:09:30 ----D---- C:\winimage
2009-10-25 23:07:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-22 19:55:35 ----D---- C:\Config.Msi
2009-10-22 19:53:52 ----D---- C:\WINDOWS\WinSxS
2009-10-22 19:50:00 ----D---- C:\Program Files\Internet Explorer
2009-10-22 19:47:19 ----SHD---- C:\WINDOWS\Installer
2009-10-21 12:36:06 ----D---- C:\Program Files\Java
2009-10-21 05:07:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-16 20:02:38 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 20:02:33 ----RSD---- C:\WINDOWS\assembly
2009-10-15 20:26:34 ----D---- C:\WINDOWS\system32\fr-fr

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2005-10-16 12928]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2003-02-05 5589]
R1 ssmdrv;ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2003-02-05 23059]
R2 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R2 atksgt;atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [2007-12-15 278728]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-18 55656]
R2 BT848;Bt878, WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.sys [2002-06-25 207154]
R2 BTTUNER;BtTuner, WDM TvTuner; C:\WINDOWS\system32\drivers\BTTUNER.sys [2002-02-22 8680]
R2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.sys [2002-03-07 7930]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2003-02-05 40416]
R2 lirsgt;lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [2007-12-15 25416]
R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\System32\DRIVERS\nvcap.sys [2005-02-01 141246]
R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2005-02-01 16176]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2003-02-07 23957]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2003-02-07 34773]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2003-02-07 4053]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2003-02-07 2201]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2003-02-07 55540]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2003-02-07 14133]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2003-02-07 6293]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2003-02-07 96596]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2003-02-07 99029]
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [2006-12-14 28768]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-12-14 223128]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-09-04 41984]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-02-28 3645600]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-03-21 9856]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-09-28 5888]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\System32\DRIVERS\zebrceb.sys [2006-07-25 53408]
S2 Haspnt;Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys []
S3 aaudstum;aaudstum; \??\C:\DOCUME~1\Popol\LOCALS~1\Temp\aaudstum.sys []
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-18 610988]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys []
S3 Bridge;Pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys []
S3 BtAudio;Bluetooth Audio; C:\WINDOWS\System32\DRIVERS\btaudio.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\System32\DRIVERS\btport.sys []
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\DRIVERS\vbtenum.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Popol\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ctljystk;Creative SBLive! Port de jeux; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 DCamUSBSTK02N;Standard Camera; C:\WINDOWS\system32\DRIVERS\STK02NW2.sys []
S3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
S3 emu10k1;Pilote du Gestionnaire d'interface Creative (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\System32\2F7.tmp []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SDTHOOK;SDTHOOK; C:\WINDOWS\System32\DRIVERS\SDTHOOK.sys [2007-06-05 44928]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 sfman;Pilote du Gestionnaire SoundFont Creative (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\System32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 wanusb;Eicon Networks USB ADSL WAN Modem; C:\WINDOWS\System32\DRIVERS\gwausb.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [2003-12-22 104064]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WUDFRd;WUDFRd; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\System32\DRIVERS\zebrbus.sys [2006-07-25 66656]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\System32\DRIVERS\zebrmdfl.sys [2006-07-25 9264]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\System32\DRIVERS\zebrmdm.sys [2006-07-25 100640]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\System32\DRIVERS\zebrmdmc.sys [2006-07-25 100672]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\System32\DRIVERS\zebrsce.sys [2006-07-25 84960]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-02-28 143427]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S2 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe [2008-05-29 382320]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 qbovcrxrrcnc;qbovcrxrrcnc; C:\WINDOWS\system32\drivers\qbovcrxrrcnc.sys []
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2006-12-14 122880]
S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S4 iPodService;iPodService; M:\iPod\bin\iPodService.exe []
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Remote Process Manager;Remote Process Manager; C:\WINDOWS\system32\spoolvc.exe []

-----------------EOF-----------------

cineaction
 Posté le 12/11/2009 à 18:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Pas problème, c'est déjà bien que vous passez votre temps à aider les autres. Merci encore !

Publicité
pear
 Posté le 12/11/2009 à 18:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

System drive C: has 3 GB (11%) free of 30 GB

Il va falloir que vous fassiez de la place sans quoi vous ne pourrez plus rien faire.


Téléchargez CCleaner
et installez le
à l'installation penser à decocher l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner.
Lancez le en double cliquant sur CCleaner.exe
-=Suppression des fichiers temporaires=-

*Dans la section "Options" situé dans la marge gauche,aller dans "Avancé" et décocher "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Dans la section "Nettoyeur"
* Cocher toutes les cases dans la marge gauche pour Internet Explorer et Windows Explorer
Faites de même pour Système sauf les 2 dernières
Dans Avancé, ne cochez que les 3 dernières.
* Cliquer sur Analyse
* Le scan, qui peut prendre un peu de temps si c'est la première fois.
* Une fois le scan terminé, cliquer sur Lancer le Nettoyage

Désinstallez la Restauration Système.

Poste de Travail->Propriétés->Restauration Système.
Cocher la case "Désactiver la Restauration sur tous les lecteurs".
Vous la décocherez par la suite
Un nouveau point de restauration sera créé au redémarrage.

C'est là le plus urgent.

Votre disque est petit.

Vous en avez un autre ou est-ce seulement votre partition système ?

Dans ce cas , vous pouvez déplacer Mes documents et le pagefiles.sys sur une autre partition.

Et pour en revenir à la désinfection:

Télécharger Toolbar-S&D (Team IDN).
ou
Toolbar-S&D
sur le Bureau

  • Lancer l'installation du programme en exécutant le fichier téléchargé.
  • Double-cliquer sur le raccourci de Toolbar-S&D.
  • Sélectionner la langue en tapant la lettre de votre choix puis en validant par Entrée.
  • Choisir maintenant l'option 1 (Recherche).
    Patienter jusqu'à la fin de la recherche.
  • Poster le rapport généré. (C:\TB.txt)

    Relancer Toolbar-S&D en double-cliquant sur le raccourci.
    Taper sur "2" puis valider par"Entrée".
    ! Ne fermez pas la fenêtre lors de la suppression !
    Un rapport sera généré, postez son contenu ici.

    NOTE :Si le Bureau ne réapparait pas, appuyer simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches .
    Sur l'onglet "Processus". Cliquer en haut à gauche sur Fichier et choisir "Exécuter..."
    Taper explorer puis valider.

  • cineaction
     Posté le 12/11/2009 à 20:16 
    Aller en bas de la page Revenir au message précédent Revenir en haut de la page
    Petit astucien

    1er rapport


    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2400+ )
    BIOS : Version 07.00T
    USER : Popol ( Administrator )
    BOOT : Normal boot
    Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:29 Go (Free:8 Go)
    D:\ (CD or DVD)
    E:\ (Local Disk) - NTFS - Total:24 Go (Free:2 Go)
    F:\ (Local Disk) - NTFS - Total:22 Go (Free:1 Go)
    G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    H:\ (Local Disk) - NTFS - Total:9 Go (Free:1 Go)
    I:\ (Local Disk) - NTFS - Total:24 Go (Free:1 Go)
    J:\ (Local Disk) - NTFS - Total:23 Go (Free:2 Go)
    K:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    L:\ (CD or DVD)
    M:\ (CD or DVD)
    P:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [1] ( jeu. 12/11/2009|20:01 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\KaZaA
    C:\Program Files\KaZaA\BGP2P
    C:\Program Files\KaZaA\Db
    C:\Program Files\KaZaA\My Shared Folder
    C:\Program Files\KaZaA\BGP2P\versions.dat
    C:\Program Files\KaZaA\Db\ctx4-050823.cab
    C:\Program Files\KaZaA\Db\data1024.dbb
    C:\Program Files\KaZaA\Db\data256.dbb
    C:\Program Files\KaZaA\Db\k7tqkgkk_tssv125.dat
    C:\Program Files\KaZaA\Db\np.tmp
    C:\Program Files\KaZaA\Db\ova4-050823.cab
    C:\Program Files\KaZaA\Db\tsi4-050801a.cab
    C:\Program Files\KaZaA\Db\tss4.cab
    C:\Program Files\KaZaA\My Shared Folder\kazaa267_fr.exe
    C:\Program Files\Need2Find
    C:\Program Files\Need2Find\bar
    C:\Program Files\Need2Find\bar\History
    C:\Program Files\Need2Find\bar\Settings
    C:\Program Files\Need2Find\bar\History\search
    C:\WINDOWS\iun6002.exe
    C:\WINDOWS\smdat32a.sys
    C:\WINDOWS\smdat32m.sys

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://www.google.com/"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Start Page_bak"="http://www.google.be/"
    "Search Page_bak"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - jeu. 12/11/2009|20:03 - Option : [1]

    -----------\\ Fin du rapport a 20:03:49,31

    cineaction
     Posté le 12/11/2009 à 20:24 
    Aller en bas de la page Revenir au message précédent Revenir en haut de la page
    Petit astucien

    2è rapport


    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2400+ )
    BIOS : Version 07.00T
    USER : Popol ( Administrator )
    BOOT : Normal boot
    Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:29 Go (Free:8 Go)
    D:\ (CD or DVD)
    E:\ (Local Disk) - NTFS - Total:24 Go (Free:2 Go)
    F:\ (Local Disk) - NTFS - Total:22 Go (Free:1 Go)
    G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    H:\ (Local Disk) - NTFS - Total:9 Go (Free:1 Go)
    I:\ (Local Disk) - NTFS - Total:24 Go (Free:1 Go)
    J:\ (Local Disk) - NTFS - Total:23 Go (Free:2 Go)
    K:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    L:\ (CD or DVD)
    M:\ (CD or DVD)
    P:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [2] ( jeu. 12/11/2009|20:18 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\KaZaA\BGP2P
    Supprime! - C:\Program Files\KaZaA\Db
    Supprime! - C:\Program Files\KaZaA\My Shared Folder
    Supprime! - C:\Program Files\Need2Find\bar
    Supprime! - C:\WINDOWS\iun6002.exe
    Supprime! - C:\WINDOWS\smdat32a.sys
    Supprime! - C:\WINDOWS\smdat32m.sys
    Supprime! - C:\Program Files\KaZaA
    Supprime! - C:\Program Files\Need2Find

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://www.google.com/"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Start Page_bak"="http://www.google.be/"
    "Search Page_bak"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - jeu. 12/11/2009|20:03 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - jeu. 12/11/2009|20:20 - Option : [2]

    -----------\\ Fin du rapport a 20:20:41,25

    pear
     Posté le 13/11/2009 à 10:41 
    Aller en bas de la page Revenir au message précédent Revenir en haut de la page
      Astucien

    Bonjour,

    Télécharger sur le bureauOTM by OldTimer .
    Double-clic sur OTM.exe pour le lancer.
    Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur
    Vérifier que Unregister Dll's and Ocx's soit coché.
    * Copiez /Collez les lignes ci dessous):

    :Processes
    :Files
    :Services
    :Reg
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "L07FXLRD_28132390"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoUpdate]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExitKiller]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstaFinderK]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_10112062]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1014125]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_10965593]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1202046]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_12922468]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1505312]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_16048843]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_17562890]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_18201625]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_18290984]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_200156]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_24226140]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_2587375]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_33405703]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_43178359]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_5127437]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_845984]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_8551609]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_8637500]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 3100 Series]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXBRKsk]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nar]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PopUp Destroy]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickIt]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TV Media]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebRebates0]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\windows_validation.exe]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BTTray.lnk]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LG SyncManager.lnk]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60b50c8e-58f3-11de-99e9-001109668b4f}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c51c2d74-6471-11dc-b104-00102c300101}]
    :Commands
    [purity]
    [emptytemp]
    [Reboot]

    Revenez dans OTM,
    Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).
    * Click le bouton rouge Moveit!
    * Fermez OTM
    Votre Pc va redémarrer.
    Rendez vous dans le dossier C:\_OTM\MovedFiles ,
    ouvrez le dernier fichier .log
    Copiez/collez en le contenu dans votre prochaine réponse








    cineaction
     Posté le 13/11/2009 à 16:35 
    Aller en bas de la page Revenir au message précédent Revenir en haut de la page
    Petit astucien

    Bonjour Pear,

    Avant OTM, j'avais décoché la case concernant la restauration. Fallait-il ne pas le faire ?

    Voici le rapport :

    All processes killed
    ========== PROCESSES ==========
    ========== FILES ==========
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\L07FXLRD_28132390 deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoUpdate\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExitKiller\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstaFinderK\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_10112062\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1014125\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_10965593\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1202046\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_12922468\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_1505312\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_16048843\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_17562890\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_18201625\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_18290984\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_200156\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_24226140\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_2587375\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_33405703\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_43178359\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_5127437\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_845984\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_8551609\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L07FXLRD_8637500\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 3100 Series\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXBRKsk\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nar\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PopUp Destroy\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickIt\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TV Media\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebRebates0\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\windows_validation.exe\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BTTray.lnk\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LG SyncManager.lnk\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk\ deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60b50c8e-58f3-11de-99e9-001109668b4f}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60b50c8e-58f3-11de-99e9-001109668b4f}\ not found.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c51c2d74-6471-11dc-b104-00102c300101}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c51c2d74-6471-11dc-b104-00102c300101}\ not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Administrator

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Popol
    ->Temp folder emptied: 1194099 bytes
    ->Temporary Internet Files folder emptied: 5220209 bytes
    ->Java cache emptied: 13689532 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 19,24 mb


    OTM by OldTimer - Version 3.0.0.6 log created on 11132009_162649

    OTM by OldTimer - Version 3.0.0.6 log created on 11132009_162649

    Files moved on Reboot...

    Registry entries deleted on Reboot...

    pear
     Posté le 13/11/2009 à 18:37 
    Aller en bas de la page Revenir au message précédent Revenir en haut de la page
      Astucien

    Avant OTM, j'avais décoché la case concernant la restauration. Fallait-il ne pas le faire ?

    Je n'ai pas compris .

    cineaction
     Posté le 14/11/2009 à 22:20 
    Aller en bas de la page Revenir au message précédent Revenir en haut de la page
    Petit astucien

    En fait, si l'on remonte dans le sujet, il était question que je doive désactiver la restauration système et que je pouvais décocher la case par la suite.

    pear
     Posté le 15/11/2009 à 09:49 
    Aller en bas de la page Revenir au message précédent Revenir en haut de la page
      Astucien

    Ah , oui .Ceci:

    Désinstallez la Restauration Système.

    Poste de Travail->Propriétés->Restauration Système.
    Cocher la case "Désactiver la Restauration sur tous les lecteurs".
    Vous la décocherez par la suite
    Un nouveau point de restauration sera créé au redémarrage.

    C'est là le plus urgent.

    C'est bien ainsi, si vous avez redémarré.



    Modifié par pear le 15/11/2009 09:53
    Publicité
    cineaction
     Posté le 15/11/2009 à 17:56 
    Aller en bas de la page Revenir au message précédent Revenir en haut de la page
    Petit astucien

    Oui, j'ai réactivé la restauration avant de faire OTM

    Page : [1] 
    Page 1 sur 1

    Vous devez être connecté pour participer à la discussion.
    Cliquez ici pour vous identifier.

    Vous n'avez pas de compte ? Créez-en un gratuitement !
    Recevoir PC Astuces par e-mail


    La Lettre quotidienne +226 000 inscrits
    Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

    Les bonnes affaires
    Une fois par semaine, un récap des meilleurs offres.

    Les fonds d'écran
    De jolies photos pour personnaliser votre bureau. Une fois par semaine.

    Les nouveaux Bons Plans
    Des notifications pour ne pas rater les bons plans publiés sur le site.

    Les bons plans du moment PC Astuces

    Tous les Bons Plans
    21,16 €Clé USB Sandisk Ultra 128 Go à double connectique USB 3.1 Type A et C à 21,16 €
    Valable jusqu'au 20 Avril

    Amazon fait une promotion sur la clé USB Sandisk Ultra 128 Go à double connectique USB 3.1 Type A et C qui passe à 21,16 €. Cette clé USB  dispose d'un connecteur réversible USB Type C et d'un connecteur classique de type A. Grâce à elle, transférez en toute simplicité et rapidement (jusqu'à 150 Mo/s) vos fichiers entre vos smartphones, tablettes et ordinateurs. On la trouve ailleurs à plus de 40 €.


    > Voir l'offre
    40,99 €SSD Crucial BX500 480 Go à 45,99 €
    Valable jusqu'au 21 Avril

    Amazon propose actuellement le SSD Crucial BX500 480 Go à 45,99 € livré gratuitement alors qu'on le trouve ailleurs à plus de 60 €. Ce SSD offre des débits de 540 Mo/s en lecture et 500 Mo/s en écriture. Le SSD est accompagné du logiciel Acronis true image qui vous permettra de transférer tout le contenu de votre ancien disque dur sur le SSD. Il est garanti 3 ans. 


    > Voir l'offre
    93,48 €Disque dur externe portable Western Digital Elements USB 3.0 5 To à 93,48 € livré
    Valable jusqu'au 22 Avril

    Amazon Italie propose actuellement le disque dur externe portable Western Digital Elements USB 3.0 5 To à 88,51 € (avec la TVA ajustée). Comptez 4,97 € pour la livraison en France soit un total de 93,48 € livré. On le trouve ailleurs à partir de 1015 €. Ce disque dur qui tient dans la main est silencieux, ne chauffe pas et dispose d'une connectique USB 3.0 qui vous offrira des transferts rapides. Il est compatible USB 2.0. Une très bonne affaire.

    Vous pouvez utiliser votre compte Amazon France sur Amazon Italie et il n'y a pas de douane.


    > Voir l'offre

    Sujets relatifs
    Démarrages et arrêts lents, connexion internet lente, logiciels lents
    ouverture de connexion internet lente
    connexion internet lente
    Connexion internet lente-Possible virus
    Connexion internet anormalement lente
    Connexion internet super lente, suis je infecté ?
    Connexion internet très lente
    pb connexion internet lente + rapport hijackthis
    connexion internet lente + rapport hijackthis
    Pc et connexion internet très lente-Hijackthis-
    Plus de sujets relatifs à Connexion internet lente
     > Tous les forums > Forum Sécurité