Hi
This is a Tread that is a result from post:

http://www.d-a-l.com/help/general-in...ternet-ie.html

I read the instrcutions from Broni and here are the requested logs:

Malwarebytes Log:
Malwarebytes' Anti-Malware 1.46
Malwarebytes

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

2010-10-16 21:50:13
mbam-log-2010-10-16 (21-50-13).txt

Scan type: Quick scan
Objects scanned: 148614
Time elapsed: 18 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER Log:
GMER 1.0.15.15319 - GMER - Rootkit Detector and Remover
Rootkit scan 2010-10-16 22:45:50
Windows 5.1.2600 Service Pack 3
Running: im2khtv9.exe; Driver: C:\DOCUME~1\automate\LOCALS~1\Temp\pwryapow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xF5BB8CF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xF5BB8BAC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xF5BB9160]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xF5BB908A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xF5BB8782]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xF5BB8C86]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xF5BB86C2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xF5BB8726]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xF5BB8DA6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xF5BB922E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xF5BB8D66]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xF5BB8EE6]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xF5BC5BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xF5BC59D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xF5BC5B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntoskrnl.exe!ObInsertObject 8056503A 5 Bytes JMP F5BC2FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!NtCreateSection 805652B3 7 Bytes JMP F5BC59D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwCreateProcessEx 8057FE4C 7 Bytes JMP F5BC5BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ObMakeTemporaryObject 8059F8CA 5 Bytes JMP F5BC15D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwLoadDriver 805A3B73 7 Bytes JMP F5BC5B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xF81CA340, 0xFFF3F, 0xF8000020]
.text C:\WINDOWS\System32\nv4_disp.dll section is writeable [0xBF012300, 0x234A20, 0xF8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1224] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[756] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[756] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----


MBRcheck Log:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 120):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EF000 \WINDOWS\system32\hal.dll
0xF8A36000 \WINDOWS\system32\KDCOM.DLL
0xF8946000 \WINDOWS\system32\BOOTVID.dll
0xF84E6000 ACPI.sys
0xF8A38000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF84D5000 pci.sys
0xF8536000 isapnp.sys
0xF8AFE000 pciide.sys
0xF87B6000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xF8A3A000 aliide.sys
0xF8A3C000 viaide.sys
0xF8A3E000 intelide.sys
0xF8546000 MountMgr.sys
0xF84B6000 ftdisk.sys
0xF8A40000 dmload.sys
0xF8490000 dmio.sys
0xF87BE000 PartMgr.sys
0xF8556000 VolSnap.sys
0xF8478000 atapi.sys
0xF8566000 disk.sys
0xF8576000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF8458000 fltmgr.sys
0xF8446000 sr.sys
0xF842F000 KSecDD.sys
0xF83A2000 Ntfs.sys
0xF8375000 NDIS.sys
0xF835B000 Mup.sys
0xF8586000 agp440.sys
0xF89EA000 \SystemRoot\system32\DRIVERS\tunmp.sys
0xF86D6000 \SystemRoot\System32\DRIVERS\processr.sys
0xF81CA000 \SystemRoot\System32\DRIVERS\nv4_mini.sys
0xF81B6000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xF8190000 \SystemRoot\System32\DRIVERS\e100b325.sys
0xF882E000 \SystemRoot\System32\DRIVERS\fdc.sys
0xF817F000 \SystemRoot\System32\DRIVERS\serial.sys
0xF89EE000 \SystemRoot\System32\DRIVERS\serenum.sys
0xF816B000 \SystemRoot\System32\DRIVERS\parport.sys
0xF86E6000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xF86F6000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF8148000 \SystemRoot\System32\DRIVERS\ks.sys
0xF8836000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xF8101000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xF8080000 \SystemRoot\system32\drivers\smwdm.sys
0xF805C000 \SystemRoot\system32\drivers\portcls.sys
0xF8706000 \SystemRoot\system32\drivers\drmk.sys
0xF8A58000 \SystemRoot\system32\drivers\aeaudio.sys
0xF8C81000 \SystemRoot\System32\DRIVERS\audstub.sys
0xF8716000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xF89F6000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF8045000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF8726000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF8736000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xF883E000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xF8034000 \SystemRoot\System32\DRIVERS\psched.sys
0xF8746000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xF8846000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xF884E000 \SystemRoot\System32\DRIVERS\raspti.sys
0xF8004000 \SystemRoot\System32\DRIVERS\rdpdr.sys
0xF8756000 \SystemRoot\System32\DRIVERS\termdd.sys
0xF8856000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xF885E000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xF8A5A000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF7F7E000 \SystemRoot\System32\DRIVERS\update.sys
0xF8A12000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xF8766000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF8776000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xF8A62000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xF886E000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xF8A64000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8B24000 \SystemRoot\System32\Drivers\Null.SYS
0xF8A66000 \SystemRoot\System32\Drivers\Beep.SYS
0xF887E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF8886000 \SystemRoot\System32\drivers\vga.sys
0xF8A68000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF8A6A000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF888E000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF8896000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF5E13000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xF5DBA000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xF87A6000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xF5D94000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xF85A6000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xF5CCC000 \SystemRoot\System32\DRIVERS\netbt.sys
0xF5C94000 \SystemRoot\system32\DRIVERS\tcpip6.sys
0xF5C72000 \SystemRoot\System32\drivers\afd.sys
0xF85B6000 \SystemRoot\System32\DRIVERS\netbios.sys
0xF5C47000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xF5BD7000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xF85E6000 \SystemRoot\System32\Drivers\Fips.SYS
0xF85F6000 \SystemRoot\system32\drivers\ip6fw.sys
0xF5BB0000 \SystemRoot\System32\Drivers\aswSP.SYS
0xF88AE000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xF8626000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF89D2000 \SystemRoot\System32\DRIVERS\hidusb.sys
0xF8636000 \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
0xF89D6000 \SystemRoot\System32\DRIVERS\mouhid.sys
0xF89DE000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF5B70000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF8A70000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF7FF0000 \SystemRoot\System32\drivers\Dxapi.sys
0xF88B6000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF8BA1000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xF8000000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xF5800000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xF5643000 \SystemRoot\System32\DRIVERS\mrxdav.sys
0xF57CC000 \SystemRoot\System32\drivers\klognt.sys
0xF8ABA000 \SystemRoot\System32\drivers\nstrcnt.sys
0xF8ABC000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xF8ABE000 \SystemRoot\System32\Drivers\ASCTRM.SYS
0xF54AC000 \SystemRoot\System32\DRIVERS\srv.sys
0xF87F6000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xF5357000 \SystemRoot\system32\drivers\wdmaud.sys
0xF5728000 \SystemRoot\system32\drivers\sysaudio.sys
0xF4EB2000 \??\C:\DOCUME~1\automate\LOCALS~1\Temp\pwryapow.sy s
0x7C910000 \WINDOWS\system32\ntdll.dll

Processes (total 25):
0 System Idle Process
4 System
612 C:\WINDOWS\system32\smss.exe
688 csrss.exe
712 C:\WINDOWS\system32\winlogon.exe
756 C:\WINDOWS\system32\services.exe
768 C:\WINDOWS\system32\lsass.exe
920 C:\WINDOWS\system32\svchost.exe
1004 svchost.exe
1044 C:\WINDOWS\system32\svchost.exe
1092 svchost.exe
1168 svchost.exe
1224 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1492 C:\WINDOWS\system32\spoolsv.exe
1564 svchost.exe
1696 C:\WINDOWS\system32\nvsvc32.exe
432 C:\WINDOWS\explorer.exe
452 alg.exe
888 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
940 C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
1160 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1156 C:\WINDOWS\system32\ctfmon.exe
1256 C:\Program Files\Messenger\msmsgs.exe
2292 C:\Program Files\Network Associates\Common Framework\McTray.exe
3056 D:\Programs that fixed computer oglf\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000006`0eb53600 (NTFS)

PhysicalDrive0 Model Number: IC35L040AVVN07-0, Rev: VA2OAF1A

Size Device Name MBR Status
--------------------------------------------
37 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: 8637A6CD1F8DC55758E12C0B860CDE1133CA5719


Done!

OTL log:
OTL logfile created on: 2010-10-16 22:55:01 - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = D:\Programs that fixed computer oglf
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 283,00 Mb Available Physical Memory | 55,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,23 Gb Total Space | 14,86 Gb Free Space | 61,35% Space Free | Partition Type: NTFS
Drive D: | 13,03 Gb Total Space | 11,80 Gb Free Space | 90,59% Space Free | Partition Type: NTFS
Drive F: | 1,88 Gb Total Space | 0,10 Gb Free Space | 5,15% Space Free | Partition Type: FAT

Computer Name: GIT-25975 | User Name: automate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010-10-16 22:49:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Programs that fixed computer oglf\OTL.exe
PRC - [2010-09-07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009-09-22 17:00:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
PRC - [2009-09-22 17:00:00 | 000,091,456 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\McTray.exe
PRC - [2008-04-13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010-10-16 22:49:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Programs that fixed computer oglf\OTL.exe
MOD - [2008-04-13 19:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-22 17:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2003-06-20 03:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2002-08-14 05:06:04 | 000,028,672 | ---- | M] (IBM Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\trcboot.exe -- (TrcBoot)
SRV - [2000-01-25 19:00:16 | 000,408,568 | ---- | M] () [Disabled | Stopped] -- C:\Orant\bin\ONRSD.EXE -- (OracleOraHomeClientCache)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ipsecw2k.sys -- (IPSECSHM)
DRV - [2010-09-07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-09-07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-09-07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-09-07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-09-07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-09-07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-02-11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2003-10-30 09:55:50 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2003-07-28 15:19:00 | 001,341,339 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003-04-25 17:10:52 | 000,220,176 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003-01-07 17:41:12 | 000,166,016 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2002-08-14 05:06:04 | 000,012,060 | ---- | M] (IBM Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\nstrcnt.sys -- (NsTrcNT)
DRV - [2002-08-14 05:06:03 | 000,024,588 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\klognt.sys -- (KLOGNT)
DRV - [2001-08-17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 15:12:02 | 000,109,085 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IBMTRP.SYS -- (IBMTRP) Carte IBM PCI Token Ring (générique)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Astronomy News Articles, Classifieds and Telescope Reviews
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: D:\FIREFOX\components [2010-10-15 21:38:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: D:\FIREFOX\plugins [2010-10-15 21:38:46 | 000,000,000 | ---D | M]

[2010-10-15 21:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\Mozilla\Extensions
[2010-06-04 08:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\Mozilla\Firefox\Profiles\bdy10jm8.default\ext ensions
[2010-06-04 08:37:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\automate\Application Data\Mozilla\Firefox\Profiles\bdy10jm8.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b}

O1 HOSTS File: ([2002-08-30 08:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\Network Associates\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableCAD = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKCU\..Trusted Domains: astromart.com ([]http in Sites de confiance)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] https in Sites de confiance)
O15 - HKCU\..Trusted Domains: mozilla.com ([en-us.start3] http in Sites de confiance)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeup...ntent/opuc.cab (Office Update Installation Engine)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0011-0000-0000-ABCDEFFEDCBA} Java Plug-in Technology (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/...ll-140-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ad.git.cginet
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\automate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\automate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003-10-22 1007 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-10-08 18:12:01 | 000,000,086 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{77d5e793-d329-11df-b00d-00096b323fd2}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O33 - MountPoints2\{dd0ca3dd-a38f-11de-aff0-444553544200}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-13 19:34:22 | 000,023,040 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010-10-16 21:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\automate\Application Data\Malwarebytes
[2010-10-16 21:30:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-10-16 21:30:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-10-16 21:30:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-10-16 21:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-10-16 2114 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010-10-16 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010-10-16 21:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-10-16 21:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\automate\Local Settings\Application Data\Google
[2010-10-16 21:16:43 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-10-16 21:16:43 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-10-16 21:16:42 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-10-16 21:16:40 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-10-16 21:16:38 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-10-16 21:16:38 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-10-16 21:16:37 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-10-16 21:16:22 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010-10-16 21:16:21 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-10-16 21:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-10-16 21:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010-10-15 22:25:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010-10-15 15:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2004-06-14 15:39:44 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll

========== Files - Modified Within 90 Days ==========

[2010-10-16 2209 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-10-16 21:54:15 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-10-16 21:53:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-10-16 21:30:07 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-10-16 21:16:44 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010-10-16 21:16:38 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-10-15 23:30:56 | 000,142,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-10-15 22:43:27 | 000,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-10-15 21:38:49 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-10-15 21:38:48 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010-10-15 15:36:00 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Access.lnk
[2010-10-15 15:35:49 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel.lnk
[2010-10-15 15:35:47 | 000,002,627 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2010-10-15 15:35:40 | 000,002,509 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft PowerPoint.lnk
[2010-10-15 1557 | 000,000,292 | RHS- | M] () -- C:\boot.ini
[2010-10-15 13:57:25 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Explorateur Windows.lnk
[2010-10-15 13:52:57 | 000,576,466 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010-10-15 13:52:57 | 000,502,906 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-10-15 13:52:57 | 000,104,944 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010-10-15 13:52:57 | 000,088,430 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-10-14 10:44:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-10-08 18:00:01 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010-10-08 17:00:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010-10-08 16:50:49 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010-10-08 09:51:34 | 000,001,422 | ---- | M] () -- D:\Mes documents\automate\Bureau\Windows Explorer.lnk
[2010-10-08 09:05:10 | 000,000,527 | ---- | M] () -- D:\Mes documents\automate\Bureau\Virtual Moonexe.lnk
[2010-10-08 09:04:47 | 000,000,517 | ---- | M] () -- D:\Mes documents\automate\Bureau\Stellarium.lnk
[2010-10-07 23:34:33 | 000,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-10-07 18:00:05 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Outlook.lnk
[2010-09-29 12:47:17 | 000,013,358 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010-09-29 11:55:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-09-08 08:01:25 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010-09-08 07:08:04 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010-09-07 11:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010-09-07 11:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-09-07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-09-07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-09-07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-09-07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-09-07 10:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-09-07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-09-07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

========== Files Created - No Company Name ==========

[2010-10-16 21:30:07 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-10-16 21:16:58 | 000,001,058 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-10-16 21:16:58 | 000,001,054 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-10-16 21:16:44 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010-10-15 21:38:49 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-10-15 15:13:00 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
[2010-10-15 14:50:05 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\automate\Local Settings\Application Data\FASTWiz.log
[2010-10-08 09:05:10 | 000,000,527 | ---- | C] () -- D:\Mes documents\automate\Bureau\Virtual Moonexe.lnk
[2010-10-08 09:04:47 | 000,000,517 | ---- | C] () -- D:\Mes documents\automate\Bureau\Stellarium.lnk
[2010-09-30 13:28:06 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Outlook.lnk
[2010-09-30 13:23:53 | 000,001,422 | ---- | C] () -- D:\Mes documents\automate\Bureau\Windows Explorer.lnk
[2007-03-08 15:25:30 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\automate\Local Settings\Application Data\fusioncache.dat
[2007-03-05 17:07:06 | 000,000,076 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2007-02-27 10:46:48 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2004-06-21 14:22:06 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004-01-28 18:24:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2004-01-28 18:23:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcsmig.INI
[2003-11-11 17:19:49 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003-11-03 10:13:51 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2003-10-28 12:52:27 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003-10-24 15:26:37 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003-10-24 13:18:48 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003-10-22 14:13:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003-10-22 0419 | 000,004,372 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1999-07-30 09:24:34 | 000,000,218 | ---- | C] () -- C:\WINDOWS\ORAODBC.INI
[1999-03-10 01:23:00 | 000,222,928 | ---- | C] () -- C:\WINDOWS\System32\lobas09.dll
[1998-01-13 13:52:30 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\lotrn13.dll
[1997-11-14 01:23:00 | 000,031,008 | ---- | C] () -- C:\WINDOWS\System32\ivtrn09.dll
[1994-07-25 01:23:00 | 000,014,928 | ---- | C] () -- C:\WINDOWS\System32\wingen.drv

========== LOP Check ==========

[2010-10-16 21:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2004-01-28 18:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2005-06-18 09:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2007-03-08 16:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\IBM
[2010-09-08 08:01:25 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010-10-08 17:00:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010-10-08 18:00:01 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010-09-08 07:08:04 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2003-10-22 1007 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2003-11-10 18:13:46 | 000,000,194 | -HS- | M] () -- C:\BOOT.BAK
[2010-10-15 1557 | 000,000,292 | RHS- | M] () -- C:\boot.ini
[2001-09-28 08:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2002-08-29 01:06:00 | 000,249,136 | RHS- | M] () -- C:\cmldr
[2003-10-22 1007 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2003-10-22 1007 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2003-10-22 1007 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007-03-06 09:59:37 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-05-20 15:33:25 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2010-10-16 21:53:42 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2005-11-28 12:12:27 | 000,010,032 | ---- | M] () -- C:\toto

< %systemroot%\Fonts\*.com >
[2006-04-18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-06-29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-06-29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2003-10-22 10:20:43 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008-07-06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpi pelineprintproc.dll
[2008-07-06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfil terpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010-09-07 11:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010-10-08 18:18:17 | 000,001,858 | -H-- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2003-10-22 05:54:44 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003-10-22 05:54:44 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003-10-22 05:54:44 | 000,397,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2003-10-22 10:32:41 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2010-10-08 16:50:49 | 000,000,166 | -HS- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

OTL Extras Log:
OTL Extras logfile created on: 2010-10-16 22:55:01 - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = D:\Programs that fixed computer oglf
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 283,00 Mb Available Physical Memory | 55,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,23 Gb Total Space | 14,86 Gb Free Space | 61,35% Space Free | Partition Type: NTFS
Drive D: | 13,03 Gb Total Space | 11,80 Gb Free Space | 90,59% Space Free | Partition Type: NTFS
Drive F: | 1,88 Gb Total Space | 0,10 Gb Free Space | 5,15% Space Free | Partition Type: FAT

Computer Name: GIT-25975 | User Name: automate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\FIREFOX\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 21
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Visionneuse Journal Windows Microsoft
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6B908BF7-A583-4962-B068-69657D87CD56}" = Microsoft .NET Framework (French)
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{9011040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A817B3CA-6DF3-4A21-A9BE-0C217E9673D1}" = IBM 32-bit SDK for Java 2, v1.4.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-000000000001}" = Adobe Reader 6.0 - Français
"{BBC7FB20-FE98-403B-A4FC-71776E2FDB16}" = Visionneuse Microsoft Visio 2002
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C26FC7AE-2A5E-11D6-982D-006094EB6655}" = IBM Personal Communications
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E008BEB1-AB63-46C1-BD3D-08D3A1F8E26D}" = McAfee Agent
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP
"avast5" = avast! Free Antivirus
"InstallShield_{A817B3CA-6DF3-4A21-A9BE-0C217E9673D1}" = IBM 32-bit SDK for Java 2, v1.4.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Microsoft Office Converter Pack" = Microsoft Office Converter Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"QuickTime" = QuickTime
"RapidPlayer Runtime v2.2" = RapidPlayer Runtime v2.2
"Real Player 8.0 Basic (Francais)" = Real Player 8.0 Basic (Francais)
"RealPlayer 6.0" = RealPlayer Basic
"Remedy User 4.0" = Remedy User 4.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media*11
"Windows XP Service" = Windows XP Service Pack*3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010-10-15 23:47:21 | Computer Name = GIT-25975 | Source = AutoEnrollment | ID = 15
Description = L'inscription de certificat automatique pour Système local n'a pas
pu contacter Active directory (0x8007054b) Le domaine spécifié n'existe pas ou
n'a pas pu être contacté. . L'inscription ne sera pas effectuée.

Error - 2010-10-16 21:01:55 | Computer Name = GIT-25975 | Source = Userenv | ID = 1054
Description = Windows ne peut pas obtenir le nom du contrôleur de domaine pour votre
réseau. (Le domaine spécifié n'existe pas ou n'a pas pu être contacté. ). Le traitement
de la stratégie de groupe est interrompu.

Error - 2010-10-16 21:01:56 | Computer Name = GIT-25975 | Source = AutoEnrollment | ID = 15
Description = L'inscription de certificat automatique pour Système local n'a pas
pu contacter Active directory (0x8007054b) Le domaine spécifié n'existe pas ou
n'a pas pu être contacté. . L'inscription ne sera pas effectuée.

Error - 2010-10-16 21:17:06 | Computer Name = GIT-25975 | Source = Google Update | ID = 20
Description =

Error - 2010-10-16 2129 | Computer Name = GIT-25975 | Source = Google Update | ID = 20
Description =

Error - 2010-10-16 21:27:39 | Computer Name = GIT-25975 | Source = Userenv | ID = 1054
Description = Windows ne peut pas obtenir le nom du contrôleur de domaine pour votre
réseau. (Le domaine spécifié n'existe pas ou n'a pas pu être contacté. ). Le traitement
de la stratégie de groupe est interrompu.

Error - 2010-10-16 21:27:40 | Computer Name = GIT-25975 | Source = AutoEnrollment | ID = 15
Description = L'inscription de certificat automatique pour Système local n'a pas
pu contacter Active directory (0x8007054b) Le domaine spécifié n'existe pas ou
n'a pas pu être contacté. . L'inscription ne sera pas effectuée.

Error - 2010-10-16 21:53:53 | Computer Name = GIT-25975 | Source = Userenv | ID = 1054
Description = Windows ne peut pas obtenir le nom du contrôleur de domaine pour votre
réseau. (Le domaine spécifié n'existe pas ou n'a pas pu être contacté. ). Le traitement
de la stratégie de groupe est interrompu.

Error - 2010-10-16 21:53:55 | Computer Name = GIT-25975 | Source = AutoEnrollment | ID = 15
Description = L'inscription de certificat automatique pour Système local n'a pas
pu contacter Active directory (0x8007054b) Le domaine spécifié n'existe pas ou
n'a pas pu être contacté. . L'inscription ne sera pas effectuée.

Error - 2010-10-16 2208 | Computer Name = GIT-25975 | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 2010-10-15 23:02:16 | Computer Name = GIT-25975 | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 15 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 2010-10-15 23:17:33 | Computer Name = GIT-25975 | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 29 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 2010-10-15 23:31:26 | Computer Name = GIT-25975 | Source = NETLOGON | ID = 5719
Description = Aucun contrôleur de domaine n'est disponible pour le domaine AD pour
la raison suivante*: %%1311. Vérifiez que l'ordinateur est connecté au réseau et
tentez une nouvelle fois. Si le problème persiste, contactez votre administrateur
système.

Error - 2010-10-15 23:31:26 | Computer Name = GIT-25975 | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 2010-10-15 23:31:27 | Computer Name = GIT-25975 | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 15 minutes.
NtpClient
n'a pas de source de temps précis.

Error - 2010-10-15 23:47:20 | Computer Name = GIT-25975 | Source = NETLOGON | ID = 5719
Description = Aucun contrôleur de domaine n'est disponible pour le domaine AD pour
la raison suivante*: %%1311. Vérifiez que l'ordinateur est connecté au réseau et
tentez une nouvelle fois. Si le problème persiste, contactez votre administrateur
système.

Error - 2010-10-16 21:01:55 | Computer Name = GIT-25975 | Source = NETLOGON | ID = 5719
Description = Aucun contrôleur de domaine n'est disponible pour le domaine AD pour
la raison suivante*: %%1311. Vérifiez que l'ordinateur est connecté au réseau et
tentez une nouvelle fois. Si le problème persiste, contactez votre administrateur
système.

Error - 2010-10-16 21:22:38 | Computer Name = GIT-25975 | Source = Service Control Manager | ID = 7034
Description = Le service NVIDIA Driver Helper Service s'est terminé de façon inattendue
pour la 1ème fois.

Error - 2010-10-16 21:27:39 | Computer Name = GIT-25975 | Source = NETLOGON | ID = 5719
Description = Aucun contrôleur de domaine n'est disponible pour le domaine AD pour
la raison suivante*: %%1311. Vérifiez que l'ordinateur est connecté au réseau et
tentez une nouvelle fois. Si le problème persiste, contactez votre administrateur
système.

Error - 2010-10-16 21:53:53 | Computer Name = GIT-25975 | Source = NETLOGON | ID = 5719
Description = Aucun contrôleur de domaine n'est disponible pour le domaine AD pour
la raison suivante*: %%1311. Vérifiez que l'ordinateur est connecté au réseau et
tentez une nouvelle fois. Si le problème persiste, contactez votre administrateur
système.


< End of report >


Please note that this PC has a French version of Windows.

Zee had asked me to install Firefox to identify if it's only an internet explorer issue or something else and indeed it may not be IE because I was not able to connect to the Internet with either IE or Firefox.

I also noticed that my Local Network Connection Icon in the right bottom of the screen is active and when I put my cursor on it I can see
"Local Area is connected @ 100Mbs" .. so it looks like I have a connection but I cannot use Internet Explorer or Firefox

Tks
Photiost

You're running two AV programs, Avast and McAfee.
One of them has to go.
If McAfee (preferably), use these instructions to remove Enterprise edition: https://community.mcafee.com/thread/4506

================================================== ================================================== =========

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  Code:

  :OTL
  O16 - DPF: {CAFEEFAC-0011-0000-0000-ABCDEFFEDCBA} Java Plug-in Technology (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/...ll-140-win.cab (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
  O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
  O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
  O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ad.git.cginet
  O33 - MountPoints2\{77d5e793-d329-11df-b00d-00096b323fd2}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
  O33 - MountPoints2\{dd0ca3dd-a38f-11de-aff0-444553544200}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-13 19:34:22 | 000,023,040 | ---- | M] (Microsoft Corporation)
  [2010-09-08 08:01:25 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
  [2010-09-08 07:08:04 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
  [2010-10-08 18:00:01 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
  [2010-10-08 17:00:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
  
  
  :Services
  
  :Reg
  
  :Files
  ipconfig /flushdns /c
  
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply. Only one log will be created.

I tried removing it through the Control Panel (Add/Remove pgms- will not allow me - NO GO) This PC is running McAfee Agent version 4.0.0.1494 - I cannot find the Doc to remove it manually.

I do not particularly like McAfee myself - so if one has to go (right now) it would have to be Avast (until I find the Doc to remove McAfee) - I will remove Avast if you want me to.

I went ahead and ran OTL with the supplied Code.
Here is the Run Fix log:
All processes killed
========== OTL ==========
Starting removal of ActiveX control {CAFEEFAC-0011-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0011-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0011-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0011-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0011-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}
Downloaded Program Files\jinstall.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0014-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0014-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0016-0000-0000-ABCDEFFEDCBA}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\Tcpip\Parameters\\Domain| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{77d5e793-d329-11df-b00d-00096b323fd2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77d5e79 3-d329-11df-b00d-00096b323fd2}\ not found.
File F:\setupSNK.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{dd0ca3dd-a38f-11de-aff0-444553544200}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dd0ca3d d-a38f-11de-aff0-444553544200}\ not found.
C:\WINDOWS\system32\setup.exe moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At7.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Configuration IP de Windows
Cache de résolution DNS vidé.
D:\Programs that fixed computer oglf\cmd.bat deleted successfully.
D:\Programs that fixed computer oglf\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: automate
->Temp folder emptied: 1875 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes


User: Default User
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes



User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: Administrateur

User: All Users

User: automate

User: Default User

User: LocalService

User: michel

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.15.2 log created on 10172010_163810

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


Here is the Quick Scan Log after Reboot:
OTL logfile created on: 2010-10-17 16:41:26 - Run 2
OTL by OldTimer - Version 3.2.15.2 Folder = D:\Programs that fixed computer oglf
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 313,00 Mb Available Physical Memory | 61,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,23 Gb Total Space | 14,83 Gb Free Space | 61,22% Space Free | Partition Type: NTFS
Drive D: | 13,03 Gb Total Space | 11,80 Gb Free Space | 90,59% Space Free | Partition Type: NTFS
Drive F: | 1,88 Gb Total Space | 0,10 Gb Free Space | 5,14% Space Free | Partition Type: FAT

Computer Name: GIT-25975 | User Name: automate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010-10-16 22:49:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Programs that fixed computer oglf\OTL.exe
PRC - [2010-09-07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009-09-22 17:00:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
PRC - [2009-09-22 17:00:00 | 000,091,456 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\McTray.exe
PRC - [2008-04-13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010-10-16 22:49:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Programs that fixed computer oglf\OTL.exe
MOD - [2008-04-13 19:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-22 17:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2003-06-20 03:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2002-08-14 05:06:04 | 000,028,672 | ---- | M] (IBM Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\trcboot.exe -- (TrcBoot)
SRV - [2000-01-25 19:00:16 | 000,408,568 | ---- | M] () [Disabled | Stopped] -- C:\Orant\bin\ONRSD.EXE -- (OracleOraHomeClientCache)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ipsecw2k.sys -- (IPSECSHM)
DRV - [2010-09-07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-09-07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-09-07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-09-07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-09-07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-09-07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-02-11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2003-10-30 09:55:50 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2003-07-28 15:19:00 | 001,341,339 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003-04-25 17:10:52 | 000,220,176 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003-01-07 17:41:12 | 000,166,016 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2002-08-14 05:06:04 | 000,012,060 | ---- | M] (IBM Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\nstrcnt.sys -- (NsTrcNT)
DRV - [2002-08-14 05:06:03 | 000,024,588 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\klognt.sys -- (KLOGNT)
DRV - [2001-08-17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 15:12:02 | 000,109,085 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IBMTRP.SYS -- (IBMTRP) Carte IBM PCI Token Ring (générique)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Astronomy News Articles, Classifieds and Telescope Reviews
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: D:\FIREFOX\components [2010-10-15 21:38:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: D:\FIREFOX\plugins [2010-10-15 21:38:46 | 000,000,000 | ---D | M]

[2010-10-15 21:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\Mozilla\Extensions
[2010-06-04 08:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\Mozilla\Firefox\Profiles\bdy10jm8.default\ext ensions
[2010-06-04 08:37:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\automate\Application Data\Mozilla\Firefox\Profiles\bdy10jm8.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b}

O1 HOSTS File: ([2002-08-30 08:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\Network Associates\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableCAD = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKCU\..Trusted Domains: astromart.com ([]http in Sites de confiance)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] https in Sites de confiance)
O15 - HKCU\..Trusted Domains: mozilla.com ([en-us.start3] http in Sites de confiance)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeup...ntent/opuc.cab (Office Update Installation Engine)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ad.git.cginet
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\automate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\automate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003-10-22 1007 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-10-08 18:12:01 | 000,000,086 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010-10-16 21:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\automate\Application Data\Malwarebytes
[2010-10-16 21:30:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-10-16 21:30:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-10-16 21:30:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-10-16 21:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-10-16 2114 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010-10-16 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010-10-16 21:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-10-16 21:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\automate\Local Settings\Application Data\Google
[2010-10-16 21:16:43 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-10-16 21:16:43 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-10-16 21:16:42 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-10-16 21:16:40 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-10-16 21:16:38 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-10-16 21:16:38 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-10-16 21:16:37 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-10-16 21:16:22 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010-10-16 21:16:21 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-10-16 21:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-10-16 21:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010-10-15 22:25:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010-10-15 15:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2004-06-14 15:39:44 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll

========== Files - Modified Within 90 Days ==========

[2010-10-17 16:39:36 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-10-17 16:39:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-10-17 1605 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-10-16 21:30:07 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-10-16 21:16:44 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010-10-16 21:16:38 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-10-15 23:30:56 | 000,142,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-10-15 22:43:27 | 000,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-10-15 21:38:49 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-10-15 21:38:48 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010-10-15 15:36:00 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Access.lnk
[2010-10-15 15:35:49 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel.lnk
[2010-10-15 15:35:47 | 000,002,627 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2010-10-15 15:35:40 | 000,002,509 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft PowerPoint.lnk
[2010-10-15 1557 | 000,000,292 | RHS- | M] () -- C:\boot.ini
[2010-10-15 13:57:25 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Explorateur Windows.lnk
[2010-10-15 13:52:57 | 000,576,466 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010-10-15 13:52:57 | 000,502,906 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-10-15 13:52:57 | 000,104,944 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010-10-15 13:52:57 | 000,088,430 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-10-14 10:44:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-10-08 16:50:49 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010-10-08 09:51:34 | 000,001,422 | ---- | M] () -- D:\Mes documents\automate\Bureau\Windows Explorer.lnk
[2010-10-08 09:05:10 | 000,000,527 | ---- | M] () -- D:\Mes documents\automate\Bureau\Virtual Moonexe.lnk
[2010-10-08 09:04:47 | 000,000,517 | ---- | M] () -- D:\Mes documents\automate\Bureau\Stellarium.lnk
[2010-10-07 23:34:33 | 000,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-10-07 18:00:05 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Outlook.lnk
[2010-09-29 12:47:17 | 000,013,358 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010-09-29 11:55:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-09-07 11:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010-09-07 11:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-09-07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-09-07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-09-07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-09-07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-09-07 10:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-09-07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-09-07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

========== Files Created - No Company Name ==========

[2010-10-16 21:30:07 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-10-16 21:16:58 | 000,001,058 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-10-16 21:16:58 | 000,001,054 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-10-16 21:16:44 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010-10-15 21:38:49 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-10-15 15:13:00 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
[2010-10-15 14:50:05 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\automate\Local Settings\Application Data\FASTWiz.log
[2010-10-08 09:05:10 | 000,000,527 | ---- | C] () -- D:\Mes documents\automate\Bureau\Virtual Moonexe.lnk
[2010-10-08 09:04:47 | 000,000,517 | ---- | C] () -- D:\Mes documents\automate\Bureau\Stellarium.lnk
[2010-09-30 13:28:06 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Outlook.lnk
[2010-09-30 13:23:53 | 000,001,422 | ---- | C] () -- D:\Mes documents\automate\Bureau\Windows Explorer.lnk
[2007-03-08 15:25:30 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\automate\Local Settings\Application Data\fusioncache.dat
[2007-03-05 17:07:06 | 000,000,076 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2007-02-27 10:46:48 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2004-06-21 14:22:06 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004-01-28 18:24:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2004-01-28 18:23:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcsmig.INI
[2003-11-11 17:19:49 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003-11-03 10:13:51 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2003-10-28 12:52:27 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003-10-24 15:26:37 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003-10-24 13:18:48 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003-10-22 14:13:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003-10-22 0419 | 000,004,372 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1999-07-30 09:24:34 | 000,000,218 | ---- | C] () -- C:\WINDOWS\ORAODBC.INI
[1999-03-10 01:23:00 | 000,222,928 | ---- | C] () -- C:\WINDOWS\System32\lobas09.dll
[1998-01-13 13:52:30 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\lotrn13.dll
[1997-11-14 01:23:00 | 000,031,008 | ---- | C] () -- C:\WINDOWS\System32\ivtrn09.dll
[1994-07-25 01:23:00 | 000,014,928 | ---- | C] () -- C:\WINDOWS\System32\wingen.drv

========== LOP Check ==========

[2010-10-16 21:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2004-01-28 18:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2005-06-18 09:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2007-03-08 16:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\IBM

========== Purity Check ==========



< End of report >

McAfee Agent version 4.0.0.1494 applies to all 8.x versions of Enterprise Editions.
Go back to my link and try one of three manuals listed there.
In worst case scenario, it'll tell you "wrong version", or such.
Then, try next manual.

When done, post fresh OTL log, so we can check for leftovers.

OK -

I tried all 3 starting with 8.0 then 8.5 and finally 8.7 and nothing happen.
So I removed the /q option at the end to see what was going on:

The first 2 gave me messages "do you really want to unistall this product" (I replied <OK>) and then Message from windows installer "This action is valid uniquely for products already installed" this I interpreted as it was telliing me that this product was NOT installed so I moved to the next.

When I tried VirusScan Enterprise 8.7i - (without the /q at the end)
msiexec /x {147BCE03-C0F1-4C9F-8157-6A89B6D2D973} REMOVE=ALL REBOOT=R

This brought me to Windows installer with what looks like a list of all the options
See messages below : (these are in French)
Windows ® Installer. V 3.01.4001.5512

msiexec /Option <Paramètre requis> [Paramètre facultatif]

Options d'installation
</package | /i> <Produit.msi>
Installe ou configure un produit
/a <Produit.msi>
Installation administrative - Installe un produit sur le réseau
/j<u|m> <Produit.msi> [/t <Liste de transformations>] [/g <ID de langue>]
Publie un produit - m pour tous les utilisateurs, u pour l'utilisateur actuel
</uninstall | /x> <Produit.msi | Code produit>
Désinstalle le produit
Options d'affichage
/quiet
Mode silencieux, aucune interaction avec l'utilisateur
/passive
Mode automatique - barre de progression uniquement
/q[n|b|r|f]
Définit le niveau d'interface utilisateur
n - Pas d'interface utilisateur
b - IU de base
r - IU réduite
f - IU complète (option par défaut)
/help
Affiche des informations
Options de redémarrage
/norestart
Ne pas redémarrer à la fin de l'installation
/promptrestart
Proposer à l'utilisateur de redémarrer si nécessaire
/forcerestart
Toujours redémarrer l'ordinateur après l'installation
Options de journalisation
/l[i|w|e|a|r|u|c|m|o|p|v|x|+|!|*] <fichier journal>
i - Messages d'état
w - Avertissements récupérables
e - Tous les messages d'erreur
a - Démarrage des actions
r - Enregistrements spécifiques à certaines actions
u - Requêtes de l'utilisateur
c - Paramètres initiaux de l'interface utilisateur
m - Mémoire insuffisante ou informations de sortie irrécupérables
o - Message d'espace disque insuffisant
p - Propriétés du terminal
v - Mode documenté
x - Autres informations de débogage
+ - Ajouter au fichier journal existant
! - Forcer l'écriture de chaque ligne dans le journal
* - Écrire toutes les informations, sauf les options v et x
/log <Fichier journal>
Identique à /l* <Fichier journal>
Options MAJ
/update <Update1.msp>[;Update2.msp]
Applique les mises à jour
/uninstall <Guid du code correctif>[;Update2.msp] /package <Product.msi | Code produit>
Supprimer les mises à jour d'un produit
Options de réparation
/f[p|e|c|m|s|o|d|a|u|v] <Product.msi | Code produit>
Réparer un produit
p - uniquement si un fichier est manquant
o - si un fichier est manquant ou si une version antérieure est installée (option par défaut)
e - si un fichier est manquant ou si une version égale ou antérieure est installée
d - si un fichier est manquant ou si une version différente est installée
c - si un fichier est manquant ou si la somme de contrôle ne correspond pas à la valeur calculée
a - force la réinstallation de tous les fichiers
u - toutes les entrées de Registre requises et spécifiques à l'utilisateur (option par défaut)
m - toutes les entrées de Registre requises et spécifiques à l'ordinateur (option par défaut)
s - tous les raccourcis existants (option par défaut)
v - s'exécute depuis la source et remet en mémoire cache le package local
Définition des propriétés publiques
[PROPERTY=valeur de la propriété]

Consultez le Kit de développement Windows® Installer pour une aide détaillée
concernant la syntaxe de la ligne de commande.

Copyright © Microsoft Corporation. Tous droits réservés.
Certaines parties de ce logiciel sont basées sur des documents créés par la société indépendante JPEG Group.


Anway I could not remove McAfee so I renamed Network Associates (and deleted from Program files) - they are now in my Recycled Bin

I rebooted and ran OTL and here is the Log:
OTL logfile created on: 2010-10-17 19:44:50 - Run 4
OTL by OldTimer - Version 3.2.15.2 Folder = D:\Programs that fixed computer oglf
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 326,00 Mb Available Physical Memory | 64,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,23 Gb Total Space | 14,87 Gb Free Space | 61,37% Space Free | Partition Type: NTFS
Drive D: | 13,03 Gb Total Space | 11,81 Gb Free Space | 90,61% Space Free | Partition Type: NTFS
Drive F: | 1,88 Gb Total Space | 0,10 Gb Free Space | 5,16% Space Free | Partition Type: FAT

Computer Name: GIT-25975 | User Name: automate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010-10-16 22:49:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Programs that fixed computer oglf\OTL.exe
PRC - [2010-09-07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008-04-13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010-10-16 22:49:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Programs that fixed computer oglf\OTL.exe
MOD - [2008-04-13 19:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-09-07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2003-06-20 03:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2002-08-14 05:06:04 | 000,028,672 | ---- | M] (IBM Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\trcboot.exe -- (TrcBoot)
SRV - [2000-01-25 19:00:16 | 000,408,568 | ---- | M] () [Disabled | Stopped] -- C:\Orant\bin\ONRSD.EXE -- (OracleOraHomeClientCache)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ipsecw2k.sys -- (IPSECSHM)
DRV - [2010-09-07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-09-07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-09-07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-09-07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-09-07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-09-07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-02-11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2003-10-30 09:55:50 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2003-07-28 15:19:00 | 001,341,339 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003-04-25 17:10:52 | 000,220,176 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003-01-07 17:41:12 | 000,166,016 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2002-08-14 05:06:04 | 000,012,060 | ---- | M] (IBM Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\nstrcnt.sys -- (NsTrcNT)
DRV - [2002-08-14 05:06:03 | 000,024,588 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\klognt.sys -- (KLOGNT)
DRV - [2001-08-17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 15:12:02 | 000,109,085 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IBMTRP.SYS -- (IBMTRP) Carte IBM PCI Token Ring (générique)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Astronomy News Articles, Classifieds and Telescope Reviews
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: D:\FIREFOX\components [2010-10-15 21:38:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: D:\FIREFOX\plugins [2010-10-15 21:38:46 | 000,000,000 | ---D | M]

[2010-10-15 21:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\Mozilla\Extensions
[2010-06-04 08:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\Mozilla\Firefox\Profiles\bdy10jm8.default\ext ensions
[2010-06-04 08:37:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\automate\Application Data\Mozilla\Firefox\Profiles\bdy10jm8.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b}

O1 HOSTS File: ([2002-08-30 08:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\Network Associates\Common Framework\udaterui.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableCAD = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKCU\..Trusted Domains: astromart.com ([]http in Sites de confiance)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] https in Sites de confiance)
O15 - HKCU\..Trusted Domains: mozilla.com ([en-us.start3] http in Sites de confiance)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeup...ntent/opuc.cab (Office Update Installation Engine)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ad.git.cginet
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\automate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\automate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003-10-22 1007 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-10-08 18:12:01 | 000,000,086 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010-10-16 21:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\automate\Application Data\Malwarebytes
[2010-10-16 21:30:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-10-16 21:30:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-10-16 21:30:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-10-16 21:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-10-16 2114 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010-10-16 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010-10-16 21:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-10-16 21:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\automate\Local Settings\Application Data\Google
[2010-10-16 21:16:43 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-10-16 21:16:43 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-10-16 21:16:42 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-10-16 21:16:40 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-10-16 21:16:38 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-10-16 21:16:38 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-10-16 21:16:37 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-10-16 21:16:22 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010-10-16 21:16:21 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-10-16 21:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-10-16 21:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010-10-15 22:25:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010-10-15 15:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2004-06-14 15:39:44 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll

========== Files - Modified Within 90 Days ==========

[2010-10-17 19:41:32 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-10-17 19:41:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-10-17 1905 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-10-16 21:30:07 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-10-16 21:16:44 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010-10-16 21:16:38 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-10-15 23:30:56 | 000,142,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-10-15 22:43:27 | 000,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-10-15 21:38:49 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-10-15 21:38:48 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010-10-15 15:36:00 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Access.lnk
[2010-10-15 15:35:49 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel.lnk
[2010-10-15 15:35:47 | 000,002,627 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2010-10-15 15:35:40 | 000,002,509 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft PowerPoint.lnk
[2010-10-15 1557 | 000,000,292 | RHS- | M] () -- C:\boot.ini
[2010-10-15 13:57:25 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Explorateur Windows.lnk
[2010-10-15 13:52:57 | 000,576,466 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010-10-15 13:52:57 | 000,502,906 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-10-15 13:52:57 | 000,104,944 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010-10-15 13:52:57 | 000,088,430 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-10-14 10:44:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-10-08 16:50:49 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2010-10-08 09:51:34 | 000,001,422 | ---- | M] () -- D:\Mes documents\automate\Bureau\Windows Explorer.lnk
[2010-10-08 09:05:10 | 000,000,527 | ---- | M] () -- D:\Mes documents\automate\Bureau\Virtual Moonexe.lnk
[2010-10-08 09:04:47 | 000,000,517 | ---- | M] () -- D:\Mes documents\automate\Bureau\Stellarium.lnk
[2010-10-07 23:34:33 | 000,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-10-07 18:00:05 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Outlook.lnk
[2010-09-29 12:47:17 | 000,013,358 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010-09-29 11:55:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-09-07 11:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010-09-07 11:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-09-07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-09-07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-09-07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-09-07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-09-07 10:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-09-07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-09-07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

========== Files Created - No Company Name ==========

[2010-10-16 21:30:07 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-10-16 21:16:58 | 000,001,058 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-10-16 21:16:58 | 000,001,054 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-10-16 21:16:44 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010-10-15 21:38:49 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-10-15 15:13:00 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
[2010-10-15 14:50:05 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\automate\Local Settings\Application Data\FASTWiz.log
[2010-10-08 09:05:10 | 000,000,527 | ---- | C] () -- D:\Mes documents\automate\Bureau\Virtual Moonexe.lnk
[2010-10-08 09:04:47 | 000,000,517 | ---- | C] () -- D:\Mes documents\automate\Bureau\Stellarium.lnk
[2010-09-30 13:28:06 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\automate\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Outlook.lnk
[2010-09-30 13:23:53 | 000,001,422 | ---- | C] () -- D:\Mes documents\automate\Bureau\Windows Explorer.lnk
[2007-03-08 15:25:30 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\automate\Local Settings\Application Data\fusioncache.dat
[2007-03-05 17:07:06 | 000,000,076 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2007-02-27 10:46:48 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2004-06-21 14:22:06 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004-01-28 18:24:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2004-01-28 18:23:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcsmig.INI
[2003-11-11 17:19:49 | 000,000,298 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003-11-03 10:13:51 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2003-10-28 12:52:27 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003-10-24 15:26:37 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003-10-24 13:18:48 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003-10-22 14:13:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003-10-22 0419 | 000,004,372 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1999-07-30 09:24:34 | 000,000,218 | ---- | C] () -- C:\WINDOWS\ORAODBC.INI
[1999-03-10 01:23:00 | 000,222,928 | ---- | C] () -- C:\WINDOWS\System32\lobas09.dll
[1998-01-13 13:52:30 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\lotrn13.dll
[1997-11-14 01:23:00 | 000,031,008 | ---- | C] () -- C:\WINDOWS\System32\ivtrn09.dll
[1994-07-25 01:23:00 | 000,014,928 | ---- | C] () -- C:\WINDOWS\System32\wingen.drv

========== LOP Check ==========

[2010-10-16 21:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2004-01-28 18:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2005-06-18 09:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2007-03-08 16:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\automate\Application Data\IBM

========== Purity Check ==========



< End of report >

OK, let me check for active leftovers.
Give me a sec....

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  Code:

  :OTL
  SRV - File not found [Disabled | Stopped] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
  DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk)
  O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\Network Associates\Common Framework\udaterui.exe File not found
  
  
  :Services
  
  :Reg
  
  :Files
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

Done -

Here is the OTL Log:

All processes killed
========== OTL ==========
Service McAfeeFramework stopped successfully!
Service McAfeeFramework deleted successfully!
File C:\Program Files\Network Associates\Common Framework\FrameworkService.exe not found.
Service mferkdk stopped successfully!
Service mferkdk deleted successfully!
File C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\McAfeeUpdaterUI deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: automate
->Temp folder emptied: 5124 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes


User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 20091609 bytes

Total Files Cleaned = 19,00 mb


[EMPTYFLASH]

User: Administrateur

User: All Users

User: automate



User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.15.2 log created on 10172010_202352

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\automate\Local Settings\Temp\~DF7842.tmp not found!
File\Folder C:\Documents and Settings\automate\Local Settings\Temp\~DF794F.tmp not found!
File\Folder C:\Documents and Settings\automate\Local Settings\Temp\~DF8390.tmp not found!
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

2. Download Temp File Cleaner (TFC)

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• IMPORTANT! UN-check Remove found threats
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, push List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

1- Ran Security check here is the log:
Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 3
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
avast! Free Antivirus
McAfee Agent
Antivirus out of date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
IBM 32-bit SDK for Java 2, v1.4.0
Java(TM) 6 Update 21
Java(TM) SE Runtime Environment 6
IBM 32-bit SDK for Java 2, v1.4.0
Adobe Reader 6.0 - Français
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.10) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 avastUI.exe
````````````````````````````````
DNS Vulnerability Check:
Unknown. This method cannot test your vulnerability to DNS cache poisoning. (Wireless connection?)

``````````End of Log````````````


2) - Ran TFC,exe and it rebooted the PC

3) - Tried to go to the ESET online Scanner (on the non-working PC) and I cannot connect to the Intrenet with IE or Firefox
On Firefox I get messages: Problem Loading Page and Server not found

I did notice that my Local Network Connection Icon in the right bottom of the screen is active and when I put my cursor on it I can see
"Local Area is connected @ 100Mbs" .. so it looks like I have a connection but no Internet Explorer or Firefox

.