letitive

Bonjour, Merci pour ton aide. Je n'ai plus remarqué de gros blocages. Seulement de temps en temps, mais visiblement dus à bitdefender. Ce n'est pas la panacée ce truc là ! Merci encore. letitive

Bonjour, Je te remercie de ton aide, ça à l'air d'aller mieux question blocage, même si je n'ai pas beaucoup soliciter ma machine ce soir. Il m'arrive que bitdefender ne réponde plus. J'ai fait une mise à jour. on verra demain ... Si j'ai bien compris ce que tu m'as aidé à faire, la prochaine fois que j'ai un problème, 1 – Nettoyage avec un truc du genre CCleaner 2 – Analyse BitDefender (c'est mon anti-virus pour l'instant) 3 – Analyse avec MalwaresBytes Anti-Malwares (Free) 4 – Analyse online avec ESET 5 – Analyse avec ZHP Peut-être après faire une analyse ciblé sur les fichiers qui pourraient être douteux :http://virusscan.jotti.org/ ou http://www.virustotal.com/ …. puis je demande de l'aide ... Est-ce correcte ? ---- Eset avait trouvé ça : C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP26\A0008195.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP27\A0008352.exe a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP31\A0008763.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP32\A0008811.exe a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016110.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016129.exe a variant of Win32/Casino application Comment est-ce qu'on les enlève ? avec CCcleaner ? Merci

Bonjour, ci-joint le rapport OTL : All processes killed ========== OTL ========== Service HidServ stopped successfully! Service HidServ deleted successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Extensions folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions folder moved successfully. Folder C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\ not found. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found. Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5} C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}\ not found. ========== SERVICES/DRIVERS ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 208896 bytes ->Temporary Internet Files folder emptied: 32768 bytes ->Flash cache emptied: 56502 bytes User: LocalService ->Temp folder emptied: 65748 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: yves ->Temp folder emptied: 11767997 bytes ->Temporary Internet Files folder emptied: 116810116 bytes ->Java cache emptied: 7460293 bytes ->FireFox cache emptied: 101772583 bytes ->Flash cache emptied: 150859 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19569 bytes %systemroot%\System32 .tmp files removed: 22469890 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 360946 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 932494 bytes Total Files Cleaned = 250,00 mb [EMPTYFLASH] User: Administrateur User: All Users User: Default User ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService User: yves ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.6 log created on 02122011_142207 Files\Folders moved on Reboot... C:\WINDOWS\temp\Perflib_Perfdata_ff8.dat moved successfully. Registry entries deleted on Reboot... **** Qu'y a-t-il d'autre à faire ? Merci.

Suite du précédent : Extras.txt : OTL Extras logfile created on: 30/01/2011 14:11:21 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\yves\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71,33 Gb Total Space | 46,89 Gb Free Space | 65,73% Space Free | Partition Type: NTFS Drive D: | 71,84 Gb Total Space | 49,17 Gb Free Space | 68,45% Space Free | Partition Type: FAT32 Drive F: | 124,47 Mb Total Space | 40,51 Mb Free Space | 32,55% Space Free | Partition Type: FAT Drive G: | 981,80 Mb Total Space | 808,79 Mb Free Space | 82,38% Space Free | Partition Type: FAT32 Computer Name: ACER-564DF136B7 | User Name: yves | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DoNotAllowExceptions" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "5985:TCP" = 5985:TCP:*:Disabled:Gestion à distance de Windows ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{0DFF6117-CBBC-4F5C-9C57-6936644F10D4}" = BitDefender Internet Security 2010 "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1 "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807" = CanoScan LiDE 200 Scanner Driver "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7 "{1F24E48F-7692-4E89-8784-68DD4D2712A0}" = Microsoft SQL Server Native Client "{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 23 "{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3F900346-A316-BA88-B83C-2513F1260AD7}" = Reg (DOFUS Audio Subsystem) "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}" = Dofus "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2 "{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{A30179B7-997A-4D47-AA43-57AE59A9C78B}" = Microsoft SQL Server VSS Writer "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X - Français "{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}" = pdfforge Toolbar v4.1 "{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite "{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger "{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live "{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC48747D-095F-4CF6-B54E-37D4F4738A15}_is1" = Gestionnaire de Connexion SFR 3.1 "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2 "CanonSolutionMenu" = Canon Utilities Solution Menu "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Dofus "EPSON Printer and Utilities" = EPSON Logiciel imprimante "Everest Poker.fr" = Everest Poker.fr (Remove Only) "GridVista" = Acer GridVista "Guitar Pro 5_is1" = Guitar Pro 5.2 "HDMI" = Intel® Graphics Media Accelerator Driver "ie8" = Windows Internet Explorer 8 "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7 "InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.4088 "InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow "InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers. "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MP Navigator EX 2.0" = Canon MP Navigator EX 2.0 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Pixia_is1" = Pixia 3.3b "Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Reg (DOFUS Audio Subsystem) "SynTPDeinstKey" = Synaptics Pointing Device Driver "VLC media player" = VLC media player 1.1.6 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "ZHPDiag_is1" = ZHPDiag 1.27 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 23/01/2011 12:22:44 | Computer Name = ACER-564DF136B7 | Source = MsiInstaller | ID = 10005 Description = Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product. Error - 23/01/2011 12:22:44 | Computer Name = ACER-564DF136B7 | Source = MsiInstaller | ID = 1024 Description = Produit : Microsoft Office 2007 Primary Interop Assemblies - La mise à jour 'Security Update for Microsoft Office PowerPoint 2007 (KB982158)' n'a pas pu être installée. Code d'erreur 1603. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d'installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l'activation des journaux : How to enable Windows Installer logging Error - 24/01/2011 07:22:07 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 24/01/2011 07:22:25 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs -2138425584. Error - 26/01/2011 05:21:48 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 26/01/2011 05:21:56 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs -2138425584. Error - 26/01/2011 05:24:49 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 26/01/2011 05:24:52 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs -2138425584. Error - 26/01/2011 07:12:49 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 26/01/2011 07:12:57 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs -2138425584. [ System Events ] Error - 23/01/2011 08:59:43 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706). Error - 23/01/2011 09:20:04 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft .NET Framework 3.0 : Module linguistique x86 (KB928416). Error - 23/01/2011 11:36:56 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office PowerPoint 2007 (KB957789). Error - 23/01/2011 11:40:50 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706). Error - 23/01/2011 12:13:05 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office PowerPoint 2007 (KB957789). Error - 23/01/2011 12:15:31 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706). Error - 23/01/2011 12:22:48 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706). Error - 23/01/2011 12:22:48 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office PowerPoint 2007 (KB982158). Error - 26/01/2011 17:12:46 | Computer Name = ACER-564DF136B7 | Source = BROWSER | ID = 8032 Description = Le service Explorateur d'ordinateur a rencontré un nombre d'échecs trop important en essayant de retrouver la copie de sauvegarde de la liste sur le transport \Device\NetBT_Tcpip_{0060D964-370E-442D-A455-8544B9585D39}. L'explorateur secondaire s'arrête. Error - 29/01/2011 17:53:57 | Computer Name = ACER-564DF136B7 | Source = Service Control Manager | ID = 7034 Description = Le service Application Updater s'est terminé de façon inattendue pour la 1ème fois. < End of report > Petits commentaires : Je n'utilise pas la suite Microsoft Office (même pas installé sur mes PC), mais Open Office ... donc leurs mise à jour je m'en tape. Il y a plusieurs key avec des erreurs : Error: Key error. il y a plusieurs key avec des File not found. Serait-ce la source de mes problèmes ou y a-t-il autres choses ? Merci de ton aide. Bonne Journée.

Bonjour, Supprime le dossier complet (en gras): D:\Telechargement\everest : OK FAIT Relancer Malwarebytes' Anti-Malware, tout cocher ce qu'il affiche et cliquer sur Supprimer la sélection. : OK FAIT OTL.txt : OTL logfile created on: 30/01/2011 14:11:21 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\yves\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71,33 Gb Total Space | 46,89 Gb Free Space | 65,73% Space Free | Partition Type: NTFS Drive D: | 71,84 Gb Total Space | 49,17 Gb Free Space | 68,45% Space Free | Partition Type: FAT32 Drive F: | 124,47 Mb Total Space | 40,51 Mb Free Space | 32,55% Space Free | Partition Type: FAT Drive G: | 981,80 Mb Total Space | 808,79 Mb Free Space | 82,38% Space Free | Partition Type: FAT32 Computer Name: ACER-564DF136B7 | User Name: yves | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe PRC - [2011/01/26 15:17:16 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\yves\Local Settings\Temp\RtkBtMnt.exe PRC - [2011/01/23 16:29:06 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011/01/23 16:29:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/07/26 12:20:08 | 000,018,272 | ---- | M] (SFR) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe PRC - [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe PRC - [2010/03/18 16:25:08 | 001,123,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe PRC - [2010/03/18 16:04:52 | 001,091,984 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe PRC - [2010/01/11 14:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe PRC - [2009/08/19 10:31:42 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\Office\OpenOffice.org 3\program\soffice.bin PRC - [2009/08/19 10:31:40 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\Office\OpenOffice.org 3\program\soffice.exe PRC - [2009/02/23 17:52:08 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/10/17 18:59:44 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2007/07/12 11:36:40 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe PRC - [2007/07/11 14:07:46 | 000,421,888 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe PRC - [2007/07/04 11:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2007/06/13 20:55:52 | 000,166,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe PRC - [2007/05/28 15:56:16 | 000,342,528 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007/03/02 11:25:08 | 000,208,896 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe PRC - [2007/03/01 18:21:52 | 000,024,576 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe PRC - [2007/01/17 11:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe PRC - [2005/01/27 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIABE.EXE ========== Modules (SafeList) ========== MOD - [2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe MOD - [2011/01/06 16:00:42 | 000,249,864 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_74\midas32.dll MOD - [2010/09/18 07:53:24 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2007/05/28 15:55:16 | 000,024,064 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\MSNChatHook.dll MOD - [2007/05/28 15:54:22 | 000,077,824 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\ShowErrMsg.dll MOD - [2007/05/28 15:54:18 | 000,167,936 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\sysenv.dll MOD - [2007/01/04 15:04:52 | 000,199,168 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\CryptoAPI.dll MOD - [2006/02/22 11:19:46 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc71u.dll MOD - [2005/10/11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll MOD - [2004/08/05 05:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010/07/26 12:20:08 | 000,018,272 | ---- | M] (SFR) [Auto | Running] -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe -- (SFR.DashBoard.Service) SRV - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV) SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/12 16:40:10 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan) SRV - [2010/01/11 14:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV) SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3) SRV - [2009/02/23 17:52:08 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc) SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2007/03/01 18:21:52 | 000,024,576 | ---- | M] ( ) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService) SRV - [2007/01/17 11:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - [2010/11/23 23:33:58 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos) DRV - [2010/11/23 23:33:58 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos) DRV - [2010/11/23 23:33:57 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif) DRV - [2010/11/23 23:33:57 | 000,111,312 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf) DRV - [2010/07/22 15:55:48 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010/04/23 17:43:52 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr) DRV - [2010/02/22 14:58:40 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr) DRV - [2010/02/03 13:57:36 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm) DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK) DRV - [2008/04/13 19:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA) DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008/03/22 20:42:10 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2007/12/10 17:59:36 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport) DRV - [2007/12/10 17:59:36 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport) DRV - [2007/12/10 17:59:34 | 000,014,120 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15) DRV - [2007/09/21 05:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2007/09/07 11:16:08 | 000,215,904 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2007/06/05 23:48:58 | 005,761,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm) DRV - [2007/05/30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/05/28 15:55:20 | 000,060,416 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdvdisk.sys -- (psdvdisk) DRV - [2007/05/28 15:54:40 | 000,012,800 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdfilter.sys -- (psdfilter) DRV - [2007/05/02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2007/03/21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2007/02/16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2006/12/22 19:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2006/12/22 19:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2006/12/22 19:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2006/08/28 18:30:04 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper) DRV - [2006/01/20 22:42:38 | 000,017,408 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr) DRV - [2005/01/13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys) DRV - [2001/08/23 17:04:44 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde) DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra) DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc) DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 EA 94 55 65 5A CA 01 [binary data] IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: [email protected]:2.0 FF - prefs.js..extensions.enabledItems: [email protected]:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97 FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/11/24 15:06:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/25 00:06:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/23 16:29:18 | 000,000,000 | ---D | M] [2010/11/24 16:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Extensions [2011/01/23 19:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions [2010/11/26 14:12:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/01/23 16:13:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011/01/23 19:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/11/24 23:52:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/01/22 19:40:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010/11/24 15:06:47 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2010\BDAPHFFEXT [2010/11/24 19:04:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2011/01/23 16:29:11 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2011/01/23 16:29:11 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/01/23 16:29:11 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2011/01/23 16:29:12 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2011/01/23 16:29:12 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/26 15:16:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST) O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [bDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [bitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe () O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST) O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe () O4 - HKLM..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [EPSON Stylus D88 Series BOX] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - HKCU..\Run: [iSUSPM] C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.) O4 - Startup: C:\Documents and Settings\yves\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.1.lnk = C:\Program Files\Office\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17465059307421696) ========== Files/Folders - Created Within 30 Days ========== [2011/01/30 14:07:00 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe [2011/01/30 13:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Menu Démarrer\Programmes\CyberLink PowerDVD [2011/01/26 19:11:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/01/26 15:00:12 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/01/26 14:58:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/01/26 14:58:14 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/01/26 14:58:14 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/01/26 14:58:14 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/01/26 14:58:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/01/26 14:57:57 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/01/25 09:20:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Application Data\vlc [2011/01/25 09:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN [2011/01/25 09:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2011/01/24 19:34:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\yves\Mes documents\Mes vidéos [2011/01/24 19:33:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Mes documents\Humour [2011/01/24 11:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDFCreator [2011/01/24 11:11:20 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX [2011/01/24 11:11:17 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL [2011/01/24 11:11:17 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL [2011/01/24 11:11:17 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2FR.DLL [2011/01/24 11:11:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL [2011/01/24 11:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2011/01/23 16:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp [2011/01/23 14:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell [2011/01/23 14:22:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm [2011/01/23 14:22:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$ [2011/01/23 14:22:10 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2011/01/23 14:19:35 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2011/01/23 14:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2011/01/23 14:14:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2011/01/23 13:56:00 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2011/01/23 13:55:10 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2011/01/22 22:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP [2011/01/22 22:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2011/01/22 19:40:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011/01/22 19:40:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011/01/22 19:40:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011/01/21 18:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Application Data\Malwarebytes [2011/01/21 18:49:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/01/21 18:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/01/21 18:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/01/21 18:49:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/01/21 18:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/01/19 21:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\P5JavaClientSettings [2011/01/03 18:53:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2010/11/23 20:23:17 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll [12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\yves\*.tmp files -> C:\Documents and Settings\yves\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe [2011/01/30 13:57:31 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\yves\Application Dataprivacy.xml [2011/01/30 13:57:16 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/30 13:56:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/30 13:56:35 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys [2011/01/30 01:11:16 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv [2011/01/26 15:16:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/01/26 15:00:18 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2011/01/26 11:48:32 | 000,879,047 | ---- | M] () -- C:\Documents and Settings\yves\Bureau\SecurityCheck.exe [2011/01/26 11:48:24 | 004,160,520 | R--- | M] () -- C:\Documents and Settings\yves\Bureau\ComboFix.exe [2011/01/26 10:46:39 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk [2011/01/25 21:40:59 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\Mes dossiers de partage.lnk [2011/01/23 16:52:20 | 000,346,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/01/23 16:36:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/01/23 16:30:28 | 000,536,079 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\à effecer.pdf [2011/01/23 14:30:09 | 000,631,916 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/01/23 14:30:09 | 000,529,896 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/01/23 14:30:09 | 000,127,630 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/01/23 14:30:09 | 000,098,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/01/23 14:19:18 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2011/01/23 14:19:18 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2011/01/23 14:14:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2011/01/23 01:43:06 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System32\eDataSecurity.dat [2011/01/20 21:58:04 | 000,016,817 | ---- | M] () -- C:\Documents and Settings\yves\Bureau\pok.odt [2011/01/20 11:30:47 | 000,001,654 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Everest Poker.fr.lnk [2011/01/19 15:18:13 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_1 [2011/01/19 12:45:35 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\D2Info0 [2011/01/18 00:41:22 | 000,018,034 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\emotiocne.odt [2011/01/17 18:26:00 | 000,016,012 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\prix train.ods [2011/01/17 10:48:09 | 000,023,527 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\valmond.odt [2011/01/12 17:37:57 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_2 [2011/01/09 17:44:00 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_3 [2011/01/09 17:26:38 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_4 [2011/01/05 08:22:33 | 000,000,025 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\bdfvconp.ini [12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\yves\*.tmp files -> C:\Documents and Settings\yves\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/26 15:00:18 | 000,000,212 | ---- | C] () -- C:\Boot.bak [2011/01/26 15:00:15 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011/01/26 14:58:14 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/01/26 14:58:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/01/26 14:58:14 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/01/26 14:58:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/01/26 14:58:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/01/26 11:48:32 | 000,879,047 | ---- | C] () -- C:\Documents and Settings\yves\Bureau\SecurityCheck.exe [2011/01/26 11:48:15 | 004,160,520 | R--- | C] () -- C:\Documents and Settings\yves\Bureau\ComboFix.exe [2011/01/23 16:30:25 | 000,536,079 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\à effecer.pdf [2011/01/23 15:19:29 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk [2011/01/23 15:19:29 | 000,001,738 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk [2011/01/23 14:19:11 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\yves\Menu Démarrer\Programmes\Windows Media Player.lnk [2011/01/23 14:14:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2011/01/23 01:43:06 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\eDataSecurity.dat [2011/01/20 21:58:03 | 000,016,817 | ---- | C] () -- C:\Documents and Settings\yves\Bureau\pok.odt [2011/01/18 00:41:22 | 000,018,034 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\emotiocne.odt [2011/01/17 18:25:59 | 000,016,012 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\prix train.ods [2011/01/16 20:14:50 | 000,023,527 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\valmond.odt [2011/01/05 08:22:33 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\bdfvconp.ini [2010/12/21 22:27:21 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_5 [2010/12/03 20:21:09 | 002,208,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/12/02 01:28:01 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_4 [2010/11/29 01:32:23 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/27 18:42:15 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_3 [2010/11/27 13:01:10 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_2 [2010/11/24 22:51:39 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\D2Info0 [2010/11/24 22:51:39 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_1 [2010/11/24 20:21:09 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010/11/24 18:47:39 | 000,001,428 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\FASTWiz.html [2010/11/24 18:42:09 | 000,075,861 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\FASTWiz.log [2010/11/24 04:02:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini [2010/11/23 20:26:42 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys [2010/11/23 20:24:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NATTraversal.dll [2010/11/23 20:23:17 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll [2010/11/23 20:19:06 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\fusioncache.dat [2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll [2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008/03/22 23:58:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2008/03/22 20:42:40 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll [2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll [2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll [2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll [2007/06/05 16:24:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4837.dll [2007/06/05 15:48:58 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2007/05/28 15:56:14 | 001,411,584 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll [2007/05/28 15:55:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll [2007/05/28 15:54:32 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll [2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2007/01/04 15:10:22 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys [2006/08/28 18:30:04 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys [2006/03/10 14:18:16 | 000,037,706 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/09/06 16:00:02 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004/08/05 05:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2003/11/24 15:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll [2003/11/24 15:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll [2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll [2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll [2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll [2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/01/28 19:48:02 | 000,024,140 | ---- | M] () -- C:\bdlog.txt [2008/03/22 20:42:46 | 000,715,550 | ---- | M] () -- C:\bknowsetup.log [2010/11/23 20:17:34 | 000,000,212 | ---- | M] () -- C:\Boot.bak [2011/01/26 15:00:18 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2004/08/05 05:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004/09/06 15:40:26 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS [2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr [2011/01/30 13:56:35 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys [2004/09/06 16:00:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2004/09/06 16:00:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/05 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010/11/23 22:24:13 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/01/30 13:56:34 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2008/04/09 21:09:28 | 000,006,326 | -HS- | M] () -- C:\Patch.rev [2007/04/25 23:45:58 | 000,000,631 | ---- | M] () -- C:\PDVD.iss [2008/03/23 08:05:28 | 000,000,073 | RHS- | M] () -- C:\preload.aaa [2008/03/23 08:05:28 | 000,000,073 | RHS- | M] () -- C:\Preload.rev [2008/03/22 20:42:04 | 000,000,595 | ---- | M] () -- C:\RHDSetup.log [2008/03/22 20:42:46 | 000,000,032 | ---- | M] () -- C:\setup.log [2008/03/22 20:17:44 | 000,000,004 | ---- | M] () -- C:\wps.dat < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [12 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2004/09/06 15:50:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2004/09/06 15:50:50 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2004/09/06 15:50:50 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2010/11/23 23:33:57 | 000,111,312 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\system32\drivers\bdfndisf.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2010/11/02 16:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-28 15:09:50 < End of report > Suite prochain message

Bonsoir, Ci-joint le scan : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5631 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 28/01/2011 19:14:17 mbam-log-2011-01-28 (19-14-17).txt Type d'examen: Examen rapide Elément(s) analysé(s): 153134 Temps écoulé: 8 minute(s), 33 seconde(s) Processus mémoire infecté(s): 2 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 332 -> Not selected for removal. c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 2236 -> Not selected for removal. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal. c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal. Les "PUP.Dealio) -> Not selected for removal" posent-ils des problèmes ? Si je les efface, il se passe quoi ? Par exemple Spigot (pdfcreator, je crois, je ne utilise jamais la tool bar ) Le scan result de Eset C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP26\A0008195.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP27\A0008352.exe a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP31\A0008763.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP32\A0008811.exe a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016110.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016129.exe a variant of Win32/Casino application D:\Telechargement\everest\Everest Poker.fr.exe a variant of Win32/Casino application Everest Poker.fr.exe est sans doute la source de ces lignes ... y-a-t-il un problème ? Ce soir je n'ai pas remarque de blocage particulier. Dois-je faire des actions supplémentaires suite à ces deux rapports ? Merci. Bonne journée.

Bonsoir, ok, excuse. ci-dessous les 3 liens bda18.tmp - Le scanner antivirus de Jotti bdaB.tmp - Le scanner antivirus de Jotti SETB0.tmp - Le scanner antivirus de Jotti en synthèse rien trouvé. Que fais-je maintenant ? Merci

Bonjour, Merci de m'aider à résoudre mes problèmes. 1 - Sauvegarde de "mes documents" : fait en faisant la sauvegarde sur D: j'ai découvert un répertoire "erUBK_Folder" que je n'avais pas vu avant. Vous savez ce que c'est ? 2 - Désactivation parefeu et antivirus de bit defender 3 - Combofix, redémarre ordi et sort son rapport : Cijoint.fr - Service gratuit de dépôt de fichiers 4 - SecurityCheck.exe, sort son rapport : Cijoint.fr - Service gratuit de dépôt de fichiers 5 - Activation parefeu et antivirus de bit defender Que pensez-vous de ces rapports ? Merci encore.

Bonjour, Je crois qu'on m'a oublié. Mon PC est parait-il fortement infecté Par Quoi ? Quels sont mes risques ? Comment me débarrassé de l'infection ? Faut-il que je change des mots de passe après ? (ordi, web, acces certains fichier ?) http://forum.zebulon.fr/hdd-tourne-et-bloque-lordi-t182359.html Merci pour votre aide.

Merci, OK, c'est fait. Je fais quoi maintenant ? Merci pour votre aide.

Bonjour, comment as-tu détecté ces bestiole ? JE ne suis pas un spécialiste mais j'aurai fait ça : Hijacker.DosPop_Toolbar - Détails sur la menace dans ton cas. Ou essayé d'utiliser Malwarebytes' Anti-Malware. Bonne Chance

Le problème avec les alertes sécu du centre de sécu windows, sont dues au fait que je le désactive moi-même ... pour la simple raison que je fais les mises à jour manuellement, parce que je ne les fait que quand je ne suis pas connecté en clé 3G .... J'ai supprimé les fichiers cochés par défaut avec Malwaresbytes. Redémarré Fait une analyse ZHP, rapport : Cijoint.fr - Service gratuit de dépôt de fichiers Que pensez-vous ? Merci.

oui, j'élève ces bidule sur ma machine en ce moment ... Pourquoi ?

Merci, Donc, il vaut mieux supprimer : PUP.Dealio ADWARE.WidgiToolbar Trojan.Dropper ... et PUM.Disabled.SecurityCenter est probablement dû à l'instal de Bitdefender, donc à garder. Correct ? Si malwarebytes met en quarantaine et supprime les PUP.Dealio ADWARE.WidgiToolbar Trojan.Dropper LEs fichiers qui les contiennent focntionneront-ils encore où faut-il trouver un moyen des les réinstaller ? Merci encore.

Bonjours, QUELS sont les risques avec ???? PUP.Dealio ADWARE.WidgiToolbar Trojan.Dropper PUM.Disabled.SecurityCenter S'ils sont mis en quarantaine, les fichiers qui les contiennent ne fonctionneront-ils encore ? Quels sont les conséquences ? Merci.