Aller au contenu

letitive

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    75

  • Inscription

  • Dernière visite

  • Jours gagnés

    1

 Type de contenu 

Tout ce qui a été posté par letitive

  1. letitive
    Bonjour, Merci pour ton aide. Je n'ai plus remarqué de gros blocages. Seulement de temps en temps, mais visiblement dus à bitdefender. Ce n'est pas la panacée ce truc là ! Merci encore. letitive
  2. letitive
    Bonjour, Je te remercie de ton aide, ça à l'air d'aller mieux question blocage, même si je n'ai pas beaucoup soliciter ma machine ce soir. Il m'arrive que bitdefender ne réponde plus. J'ai fait une mise à jour. on verra demain ... Si j'ai bien compris ce que tu m'as aidé à faire, la prochaine fois que j'ai un problème, 1 – Nettoyage avec un truc du genre CCleaner 2 – Analyse BitDefender (c'est mon anti-virus pour l'instant) 3 – Analyse avec MalwaresBytes Anti-Malwares (Free) 4 – Analyse online avec ESET 5 – Analyse avec ZHP Peut-être après faire une analyse ciblé sur les fichiers qui pourraient être douteux :http://virusscan.jotti.org/ ou http://www.virustotal.com/ …. puis je demande de l'aide ... Est-ce correcte ? ---- Eset avait trouvé ça : C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP26\A0008195.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP27\A0008352.exe a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP31\A0008763.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP32\A0008811.exe a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016110.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016129.exe a variant of Win32/Casino application Comment est-ce qu'on les enlève ? avec CCcleaner ? Merci
  3. letitive
    Bonjour, ci-joint le rapport OTL : All processes killed ========== OTL ========== Service HidServ stopped successfully! Service HidServ deleted successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Extensions folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully. C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions folder moved successfully. Folder C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\ not found. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found. Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5} C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}\ not found. ========== SERVICES/DRIVERS ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 208896 bytes ->Temporary Internet Files folder emptied: 32768 bytes ->Flash cache emptied: 56502 bytes User: LocalService ->Temp folder emptied: 65748 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: yves ->Temp folder emptied: 11767997 bytes ->Temporary Internet Files folder emptied: 116810116 bytes ->Java cache emptied: 7460293 bytes ->FireFox cache emptied: 101772583 bytes ->Flash cache emptied: 150859 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19569 bytes %systemroot%\System32 .tmp files removed: 22469890 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 360946 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 932494 bytes Total Files Cleaned = 250,00 mb [EMPTYFLASH] User: Administrateur User: All Users User: Default User ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService User: yves ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.6 log created on 02122011_142207 Files\Folders moved on Reboot... C:\WINDOWS\temp\Perflib_Perfdata_ff8.dat moved successfully. Registry entries deleted on Reboot... **** Qu'y a-t-il d'autre à faire ? Merci.
  4. letitive
    Suite du précédent : Extras.txt : OTL Extras logfile created on: 30/01/2011 14:11:21 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\yves\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71,33 Gb Total Space | 46,89 Gb Free Space | 65,73% Space Free | Partition Type: NTFS Drive D: | 71,84 Gb Total Space | 49,17 Gb Free Space | 68,45% Space Free | Partition Type: FAT32 Drive F: | 124,47 Mb Total Space | 40,51 Mb Free Space | 32,55% Space Free | Partition Type: FAT Drive G: | 981,80 Mb Total Space | 808,79 Mb Free Space | 82,38% Space Free | Partition Type: FAT32 Computer Name: ACER-564DF136B7 | User Name: yves | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DoNotAllowExceptions" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "5985:TCP" = 5985:TCP:*:Disabled:Gestion à distance de Windows ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{0DFF6117-CBBC-4F5C-9C57-6936644F10D4}" = BitDefender Internet Security 2010 "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1 "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807" = CanoScan LiDE 200 Scanner Driver "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7 "{1F24E48F-7692-4E89-8784-68DD4D2712A0}" = Microsoft SQL Server Native Client "{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 23 "{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3F900346-A316-BA88-B83C-2513F1260AD7}" = Reg (DOFUS Audio Subsystem) "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}" = Dofus "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2 "{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{A30179B7-997A-4D47-AA43-57AE59A9C78B}" = Microsoft SQL Server VSS Writer "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X - Français "{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}" = pdfforge Toolbar v4.1 "{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite "{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger "{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live "{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC48747D-095F-4CF6-B54E-37D4F4738A15}_is1" = Gestionnaire de Connexion SFR 3.1 "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2 "CanonSolutionMenu" = Canon Utilities Solution Menu "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Dofus "EPSON Printer and Utilities" = EPSON Logiciel imprimante "Everest Poker.fr" = Everest Poker.fr (Remove Only) "GridVista" = Acer GridVista "Guitar Pro 5_is1" = Guitar Pro 5.2 "HDMI" = Intel® Graphics Media Accelerator Driver "ie8" = Windows Internet Explorer 8 "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7 "InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.4088 "InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow "InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers. "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MP Navigator EX 2.0" = Canon MP Navigator EX 2.0 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Pixia_is1" = Pixia 3.3b "Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Reg (DOFUS Audio Subsystem) "SynTPDeinstKey" = Synaptics Pointing Device Driver "VLC media player" = VLC media player 1.1.6 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "ZHPDiag_is1" = ZHPDiag 1.27 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 23/01/2011 12:22:44 | Computer Name = ACER-564DF136B7 | Source = MsiInstaller | ID = 10005 Description = Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product. Error - 23/01/2011 12:22:44 | Computer Name = ACER-564DF136B7 | Source = MsiInstaller | ID = 1024 Description = Produit : Microsoft Office 2007 Primary Interop Assemblies - La mise à jour 'Security Update for Microsoft Office PowerPoint 2007 (KB982158)' n'a pas pu être installée. Code d'erreur 1603. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d'installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l'activation des journaux : How to enable Windows Installer logging Error - 24/01/2011 07:22:07 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 24/01/2011 07:22:25 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs -2138425584. Error - 26/01/2011 05:21:48 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 26/01/2011 05:21:56 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs -2138425584. Error - 26/01/2011 05:24:49 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 26/01/2011 05:24:52 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs -2138425584. Error - 26/01/2011 07:12:49 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 26/01/2011 07:12:57 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs -2138425584. [ System Events ] Error - 23/01/2011 08:59:43 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706). Error - 23/01/2011 09:20:04 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft .NET Framework 3.0 : Module linguistique x86 (KB928416). Error - 23/01/2011 11:36:56 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office PowerPoint 2007 (KB957789). Error - 23/01/2011 11:40:50 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706). Error - 23/01/2011 12:13:05 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office PowerPoint 2007 (KB957789). Error - 23/01/2011 12:15:31 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706). Error - 23/01/2011 12:22:48 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706). Error - 23/01/2011 12:22:48 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20 Description = Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office PowerPoint 2007 (KB982158). Error - 26/01/2011 17:12:46 | Computer Name = ACER-564DF136B7 | Source = BROWSER | ID = 8032 Description = Le service Explorateur d'ordinateur a rencontré un nombre d'échecs trop important en essayant de retrouver la copie de sauvegarde de la liste sur le transport \Device\NetBT_Tcpip_{0060D964-370E-442D-A455-8544B9585D39}. L'explorateur secondaire s'arrête. Error - 29/01/2011 17:53:57 | Computer Name = ACER-564DF136B7 | Source = Service Control Manager | ID = 7034 Description = Le service Application Updater s'est terminé de façon inattendue pour la 1ème fois. < End of report > Petits commentaires : Je n'utilise pas la suite Microsoft Office (même pas installé sur mes PC), mais Open Office ... donc leurs mise à jour je m'en tape. Il y a plusieurs key avec des erreurs : Error: Key error. il y a plusieurs key avec des File not found. Serait-ce la source de mes problèmes ou y a-t-il autres choses ? Merci de ton aide. Bonne Journée.
  5. letitive
    Bonjour, Supprime le dossier complet (en gras): D:\Telechargement\everest : OK FAIT Relancer Malwarebytes' Anti-Malware, tout cocher ce qu'il affiche et cliquer sur Supprimer la sélection. : OK FAIT OTL.txt : OTL logfile created on: 30/01/2011 14:11:21 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\yves\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71,33 Gb Total Space | 46,89 Gb Free Space | 65,73% Space Free | Partition Type: NTFS Drive D: | 71,84 Gb Total Space | 49,17 Gb Free Space | 68,45% Space Free | Partition Type: FAT32 Drive F: | 124,47 Mb Total Space | 40,51 Mb Free Space | 32,55% Space Free | Partition Type: FAT Drive G: | 981,80 Mb Total Space | 808,79 Mb Free Space | 82,38% Space Free | Partition Type: FAT32 Computer Name: ACER-564DF136B7 | User Name: yves | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe PRC - [2011/01/26 15:17:16 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\yves\Local Settings\Temp\RtkBtMnt.exe PRC - [2011/01/23 16:29:06 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011/01/23 16:29:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/07/26 12:20:08 | 000,018,272 | ---- | M] (SFR) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe PRC - [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe PRC - [2010/03/18 16:25:08 | 001,123,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe PRC - [2010/03/18 16:04:52 | 001,091,984 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe PRC - [2010/01/11 14:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe PRC - [2009/08/19 10:31:42 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\Office\OpenOffice.org 3\program\soffice.bin PRC - [2009/08/19 10:31:40 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\Office\OpenOffice.org 3\program\soffice.exe PRC - [2009/02/23 17:52:08 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/10/17 18:59:44 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2007/07/12 11:36:40 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe PRC - [2007/07/11 14:07:46 | 000,421,888 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe PRC - [2007/07/04 11:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2007/06/13 20:55:52 | 000,166,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe PRC - [2007/05/28 15:56:16 | 000,342,528 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007/03/02 11:25:08 | 000,208,896 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe PRC - [2007/03/01 18:21:52 | 000,024,576 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe PRC - [2007/01/17 11:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe PRC - [2005/01/27 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIABE.EXE ========== Modules (SafeList) ========== MOD - [2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe MOD - [2011/01/06 16:00:42 | 000,249,864 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_74\midas32.dll MOD - [2010/09/18 07:53:24 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2007/05/28 15:55:16 | 000,024,064 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\MSNChatHook.dll MOD - [2007/05/28 15:54:22 | 000,077,824 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\ShowErrMsg.dll MOD - [2007/05/28 15:54:18 | 000,167,936 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\sysenv.dll MOD - [2007/01/04 15:04:52 | 000,199,168 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\CryptoAPI.dll MOD - [2006/02/22 11:19:46 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc71u.dll MOD - [2005/10/11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll MOD - [2004/08/05 05:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010/07/26 12:20:08 | 000,018,272 | ---- | M] (SFR) [Auto | Running] -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe -- (SFR.DashBoard.Service) SRV - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV) SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/12 16:40:10 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan) SRV - [2010/01/11 14:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV) SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3) SRV - [2009/02/23 17:52:08 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc) SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2007/03/01 18:21:52 | 000,024,576 | ---- | M] ( ) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService) SRV - [2007/01/17 11:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - [2010/11/23 23:33:58 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos) DRV - [2010/11/23 23:33:58 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos) DRV - [2010/11/23 23:33:57 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif) DRV - [2010/11/23 23:33:57 | 000,111,312 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf) DRV - [2010/07/22 15:55:48 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010/04/23 17:43:52 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr) DRV - [2010/02/22 14:58:40 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr) DRV - [2010/02/03 13:57:36 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm) DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK) DRV - [2008/04/13 19:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA) DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008/03/22 20:42:10 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2007/12/10 17:59:36 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport) DRV - [2007/12/10 17:59:36 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport) DRV - [2007/12/10 17:59:34 | 000,014,120 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15) DRV - [2007/09/21 05:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2007/09/07 11:16:08 | 000,215,904 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2007/06/05 23:48:58 | 005,761,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm) DRV - [2007/05/30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/05/28 15:55:20 | 000,060,416 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdvdisk.sys -- (psdvdisk) DRV - [2007/05/28 15:54:40 | 000,012,800 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdfilter.sys -- (psdfilter) DRV - [2007/05/02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2007/03/21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2007/02/16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2006/12/22 19:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2006/12/22 19:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2006/12/22 19:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2006/08/28 18:30:04 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper) DRV - [2006/01/20 22:42:38 | 000,017,408 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr) DRV - [2005/01/13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys) DRV - [2001/08/23 17:04:44 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde) DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra) DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc) DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 EA 94 55 65 5A CA 01 [binary data] IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97 FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/11/24 15:06:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/25 00:06:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/23 16:29:18 | 000,000,000 | ---D | M] [2010/11/24 16:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Extensions [2011/01/23 19:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions [2010/11/26 14:12:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/01/23 16:13:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011/01/23 19:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/11/24 23:52:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/01/22 19:40:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010/11/24 15:06:47 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2010\BDAPHFFEXT [2010/11/24 19:04:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2011/01/23 16:29:11 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2011/01/23 16:29:11 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/01/23 16:29:11 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2011/01/23 16:29:12 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2011/01/23 16:29:12 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/26 15:16:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST) O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [bDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [bitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe () O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST) O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe () O4 - HKLM..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [EPSON Stylus D88 Series BOX] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - HKCU..\Run: [iSUSPM] C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.) O4 - Startup: C:\Documents and Settings\yves\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.1.lnk = C:\Program Files\Office\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17465059307421696) ========== Files/Folders - Created Within 30 Days ========== [2011/01/30 14:07:00 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe [2011/01/30 13:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Menu Démarrer\Programmes\CyberLink PowerDVD [2011/01/26 19:11:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/01/26 15:00:12 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/01/26 14:58:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/01/26 14:58:14 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/01/26 14:58:14 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/01/26 14:58:14 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/01/26 14:58:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/01/26 14:57:57 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/01/25 09:20:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Application Data\vlc [2011/01/25 09:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN [2011/01/25 09:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2011/01/24 19:34:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\yves\Mes documents\Mes vidéos [2011/01/24 19:33:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Mes documents\Humour [2011/01/24 11:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDFCreator [2011/01/24 11:11:20 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX [2011/01/24 11:11:17 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL [2011/01/24 11:11:17 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL [2011/01/24 11:11:17 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2FR.DLL [2011/01/24 11:11:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL [2011/01/24 11:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2011/01/23 16:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp [2011/01/23 14:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell [2011/01/23 14:22:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm [2011/01/23 14:22:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$ [2011/01/23 14:22:10 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2011/01/23 14:19:35 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2011/01/23 14:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2011/01/23 14:14:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2011/01/23 13:56:00 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2011/01/23 13:55:10 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2011/01/22 22:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP [2011/01/22 22:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2011/01/22 19:40:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011/01/22 19:40:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011/01/22 19:40:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011/01/21 18:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Application Data\Malwarebytes [2011/01/21 18:49:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/01/21 18:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/01/21 18:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/01/21 18:49:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/01/21 18:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/01/19 21:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\P5JavaClientSettings [2011/01/03 18:53:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2010/11/23 20:23:17 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll [12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\yves\*.tmp files -> C:\Documents and Settings\yves\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe [2011/01/30 13:57:31 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\yves\Application Dataprivacy.xml [2011/01/30 13:57:16 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/30 13:56:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/30 13:56:35 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys [2011/01/30 01:11:16 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv [2011/01/26 15:16:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/01/26 15:00:18 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2011/01/26 11:48:32 | 000,879,047 | ---- | M] () -- C:\Documents and Settings\yves\Bureau\SecurityCheck.exe [2011/01/26 11:48:24 | 004,160,520 | R--- | M] () -- C:\Documents and Settings\yves\Bureau\ComboFix.exe [2011/01/26 10:46:39 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk [2011/01/25 21:40:59 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\Mes dossiers de partage.lnk [2011/01/23 16:52:20 | 000,346,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/01/23 16:36:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/01/23 16:30:28 | 000,536,079 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\à effecer.pdf [2011/01/23 14:30:09 | 000,631,916 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/01/23 14:30:09 | 000,529,896 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/01/23 14:30:09 | 000,127,630 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/01/23 14:30:09 | 000,098,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/01/23 14:19:18 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2011/01/23 14:19:18 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2011/01/23 14:14:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2011/01/23 01:43:06 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System32\eDataSecurity.dat [2011/01/20 21:58:04 | 000,016,817 | ---- | M] () -- C:\Documents and Settings\yves\Bureau\pok.odt [2011/01/20 11:30:47 | 000,001,654 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Everest Poker.fr.lnk [2011/01/19 15:18:13 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_1 [2011/01/19 12:45:35 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\D2Info0 [2011/01/18 00:41:22 | 000,018,034 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\emotiocne.odt [2011/01/17 18:26:00 | 000,016,012 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\prix train.ods [2011/01/17 10:48:09 | 000,023,527 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\valmond.odt [2011/01/12 17:37:57 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_2 [2011/01/09 17:44:00 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_3 [2011/01/09 17:26:38 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_4 [2011/01/05 08:22:33 | 000,000,025 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\bdfvconp.ini [12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\yves\*.tmp files -> C:\Documents and Settings\yves\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/26 15:00:18 | 000,000,212 | ---- | C] () -- C:\Boot.bak [2011/01/26 15:00:15 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011/01/26 14:58:14 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/01/26 14:58:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/01/26 14:58:14 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/01/26 14:58:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/01/26 14:58:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/01/26 11:48:32 | 000,879,047 | ---- | C] () -- C:\Documents and Settings\yves\Bureau\SecurityCheck.exe [2011/01/26 11:48:15 | 004,160,520 | R--- | C] () -- C:\Documents and Settings\yves\Bureau\ComboFix.exe [2011/01/23 16:30:25 | 000,536,079 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\à effecer.pdf [2011/01/23 15:19:29 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk [2011/01/23 15:19:29 | 000,001,738 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk [2011/01/23 14:19:11 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\yves\Menu Démarrer\Programmes\Windows Media Player.lnk [2011/01/23 14:14:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2011/01/23 01:43:06 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\eDataSecurity.dat [2011/01/20 21:58:03 | 000,016,817 | ---- | C] () -- C:\Documents and Settings\yves\Bureau\pok.odt [2011/01/18 00:41:22 | 000,018,034 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\emotiocne.odt [2011/01/17 18:25:59 | 000,016,012 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\prix train.ods [2011/01/16 20:14:50 | 000,023,527 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\valmond.odt [2011/01/05 08:22:33 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\bdfvconp.ini [2010/12/21 22:27:21 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_5 [2010/12/03 20:21:09 | 002,208,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/12/02 01:28:01 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_4 [2010/11/29 01:32:23 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/27 18:42:15 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_3 [2010/11/27 13:01:10 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_2 [2010/11/24 22:51:39 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\D2Info0 [2010/11/24 22:51:39 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_1 [2010/11/24 20:21:09 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010/11/24 18:47:39 | 000,001,428 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\FASTWiz.html [2010/11/24 18:42:09 | 000,075,861 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\FASTWiz.log [2010/11/24 04:02:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini [2010/11/23 20:26:42 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys [2010/11/23 20:24:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NATTraversal.dll [2010/11/23 20:23:17 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll [2010/11/23 20:19:06 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\fusioncache.dat [2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll [2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008/03/22 23:58:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2008/03/22 20:42:40 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll [2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll [2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll [2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll [2007/06/05 16:24:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4837.dll [2007/06/05 15:48:58 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2007/05/28 15:56:14 | 001,411,584 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll [2007/05/28 15:55:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll [2007/05/28 15:54:32 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll [2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2007/01/04 15:10:22 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys [2006/08/28 18:30:04 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys [2006/03/10 14:18:16 | 000,037,706 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/09/06 16:00:02 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004/08/05 05:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2003/11/24 15:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll [2003/11/24 15:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll [2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll [2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll [2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll [2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/01/28 19:48:02 | 000,024,140 | ---- | M] () -- C:\bdlog.txt [2008/03/22 20:42:46 | 000,715,550 | ---- | M] () -- C:\bknowsetup.log [2010/11/23 20:17:34 | 000,000,212 | ---- | M] () -- C:\Boot.bak [2011/01/26 15:00:18 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2004/08/05 05:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004/09/06 15:40:26 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS [2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr [2011/01/30 13:56:35 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys [2004/09/06 16:00:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2004/09/06 16:00:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/05 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010/11/23 22:24:13 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/01/30 13:56:34 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2008/04/09 21:09:28 | 000,006,326 | -HS- | M] () -- C:\Patch.rev [2007/04/25 23:45:58 | 000,000,631 | ---- | M] () -- C:\PDVD.iss [2008/03/23 08:05:28 | 000,000,073 | RHS- | M] () -- C:\preload.aaa [2008/03/23 08:05:28 | 000,000,073 | RHS- | M] () -- C:\Preload.rev [2008/03/22 20:42:04 | 000,000,595 | ---- | M] () -- C:\RHDSetup.log [2008/03/22 20:42:46 | 000,000,032 | ---- | M] () -- C:\setup.log [2008/03/22 20:17:44 | 000,000,004 | ---- | M] () -- C:\wps.dat < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [12 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2004/09/06 15:50:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2004/09/06 15:50:50 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2004/09/06 15:50:50 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2010/11/23 23:33:57 | 000,111,312 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\system32\drivers\bdfndisf.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2010/11/02 16:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-28 15:09:50 < End of report > Suite prochain message
  6. letitive
    Bonsoir, Ci-joint le scan : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5631 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 28/01/2011 19:14:17 mbam-log-2011-01-28 (19-14-17).txt Type d'examen: Examen rapide Elément(s) analysé(s): 153134 Temps écoulé: 8 minute(s), 33 seconde(s) Processus mémoire infecté(s): 2 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 332 -> Not selected for removal. c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 2236 -> Not selected for removal. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal. c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal. Les "PUP.Dealio) -> Not selected for removal" posent-ils des problèmes ? Si je les efface, il se passe quoi ? Par exemple Spigot (pdfcreator, je crois, je ne utilise jamais la tool bar ) Le scan result de Eset C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP26\A0008195.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP27\A0008352.exe a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP31\A0008763.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP32\A0008811.exe a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016110.old a variant of Win32/Casino application C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016129.exe a variant of Win32/Casino application D:\Telechargement\everest\Everest Poker.fr.exe a variant of Win32/Casino application Everest Poker.fr.exe est sans doute la source de ces lignes ... y-a-t-il un problème ? Ce soir je n'ai pas remarque de blocage particulier. Dois-je faire des actions supplémentaires suite à ces deux rapports ? Merci. Bonne journée.
  7. letitive
    Bonsoir, ok, excuse. ci-dessous les 3 liens bda18.tmp - Le scanner antivirus de Jotti bdaB.tmp - Le scanner antivirus de Jotti SETB0.tmp - Le scanner antivirus de Jotti en synthèse rien trouvé. Que fais-je maintenant ? Merci
  8. letitive
    Bonjour, Merci de m'aider à résoudre mes problèmes. 1 - Sauvegarde de "mes documents" : fait en faisant la sauvegarde sur D: j'ai découvert un répertoire "erUBK_Folder" que je n'avais pas vu avant. Vous savez ce que c'est ? 2 - Désactivation parefeu et antivirus de bit defender 3 - Combofix, redémarre ordi et sort son rapport : Cijoint.fr - Service gratuit de dépôt de fichiers 4 - SecurityCheck.exe, sort son rapport : Cijoint.fr - Service gratuit de dépôt de fichiers 5 - Activation parefeu et antivirus de bit defender Que pensez-vous de ces rapports ? Merci encore.
  9. letitive
    Bonjour, Je crois qu'on m'a oublié. Mon PC est parait-il fortement infecté Par Quoi ? Quels sont mes risques ? Comment me débarrassé de l'infection ? Faut-il que je change des mots de passe après ? (ordi, web, acces certains fichier ?) http://forum.zebulon.fr/hdd-tourne-et-bloque-lordi-t182359.html Merci pour votre aide.
  10. letitive
    Merci, OK, c'est fait. Je fais quoi maintenant ? Merci pour votre aide.
  11. letitive
    Bonjour, comment as-tu détecté ces bestiole ? JE ne suis pas un spécialiste mais j'aurai fait ça : Hijacker.DosPop_Toolbar - Détails sur la menace dans ton cas. Ou essayé d'utiliser Malwarebytes' Anti-Malware. Bonne Chance
  12. letitive
    Le problème avec les alertes sécu du centre de sécu windows, sont dues au fait que je le désactive moi-même ... pour la simple raison que je fais les mises à jour manuellement, parce que je ne les fait que quand je ne suis pas connecté en clé 3G .... J'ai supprimé les fichiers cochés par défaut avec Malwaresbytes. Redémarré Fait une analyse ZHP, rapport : Cijoint.fr - Service gratuit de dépôt de fichiers Que pensez-vous ? Merci.
  13. letitive
    oui, j'élève ces bidule sur ma machine en ce moment ... Pourquoi ?
  14. letitive
    Merci, Donc, il vaut mieux supprimer : PUP.Dealio ADWARE.WidgiToolbar Trojan.Dropper ... et PUM.Disabled.SecurityCenter est probablement dû à l'instal de Bitdefender, donc à garder. Correct ? Si malwarebytes met en quarantaine et supprime les PUP.Dealio ADWARE.WidgiToolbar Trojan.Dropper LEs fichiers qui les contiennent focntionneront-ils encore où faut-il trouver un moyen des les réinstaller ? Merci encore.
  15. letitive
    Bonjours, QUELS sont les risques avec ???? PUP.Dealio ADWARE.WidgiToolbar Trojan.Dropper PUM.Disabled.SecurityCenter S'ils sont mis en quarantaine, les fichiers qui les contiennent ne fonctionneront-ils encore ? Quels sont les conséquences ? Merci.
  16. letitive
    Bonsoir, J'ai fait l'analyse avec Bit Defender, il a rien trouvé l'animal !!! Par contre Malwarebytes il a un flaire différent. Je n'arrive pas à trouver sur internet ce qu'est cette bestiole PUP.Dealio, qui peux me dire. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5565 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 21/01/2011 21:13:50 mbam-log-2011-01-21 (21-12-35).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 229217 Temps écoulé: 1 heure(s), 3 minute(s), 55 seconde(s) Processus mémoire infecté(s): 2 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 6 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 632 -> No action taken. c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 4044 -> No action taken. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> No action taken. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> No action taken. c:\program files\pdfforge toolbar\IE\4.1\pdfforgetoolbarie.dll (PUP.Dealio) -> No action taken. c:\program files\fichiers communs\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken. c:\program files\pdfforge toolbar\widgihelper.exe (PUP.Dealio) -> No action taken. d:\telechargement\vlc média player\vlcplayer.exe (Trojan.Dropper) -> No action taken. c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> No action taken. QUELS sont les risques avec ???? PUP.Dealio ADWARE.WidgiToolbar Trojan.Dropper PUM.Disabled.SecurityCenter Quels sont les informations qu'ils m'ont pris ? (i.e. quels sont les mots de passe que je doit changer quelque part ???? Je met tout en quarantaine et j'attends votre aide. merci.
  17. letitive
    Bonjour, Depuis un certains temps j'ai un problème de ralentissement non identifié : à des moments non prédictibles, mon disque dur tourne sans s'arrêter et l'ordi se bloque, ça peut durer une quinzaine de seconde, même la fonction ctrl+alt+sup est alors inopérante. 1 - J'ai scanné le HDD avec bitdefender, ccleaner, et spybot : pas d'infection détecté. POourtant le problème devenait de plus en plus fréquent. J'ai donc fini par faire le vide. 2 - J'ai réinstallé XP (+ huit heures de mise à jour LOL) et uniquement les softs que j'utilise habituellement. Le problème est moins fréquents (~1 à 2 fois par heure au lieu de ~ 4 à 5 fois) Ma config : ACER Extensa 1,732 Mhz XP à jour Mémoire Physique 2048Mo utilisée à 40% ~ 60% (je ne l'ai jamais vu saturée) Espace pour les fichiers d'échanges 3,84 Go Navigateur par défaut Mozilla TT par défaut Open Office Quelqu'un a-t-il une idée sur ce problème ? Est-ce un malware virus ou autres bestiole du genre ?? J'ai cherché un peu sur le forum mais pas trouvé de réponse à mes questions. Connaissez vous ce problème ? Solution ? Merci Cordialement. Merci de
  18. letitive

    IE7 et YAHOO

    letitive a répondu à un(e) sujet de letitive dans Windows Vista

    Bonjour, Merci de l'information. Je n'ai pas la "yahoo/toolbar" et yahoo n'apparait pas dans le menu "ajout/suppression" de programme. Mais je l'ai bien dans en moteur de recherche. Connaissez-vous autres choses ? Merci.
  19. letitive

    IE7 et YAHOO

    letitive a posté un sujet dans Windows Vista

    Bonjour, Je ne sais pas pourquoi, dans les moteurs de recherche de IE7 j'ai Yahoo. J'ai beau le déselectionner, l'effacer, je n'arrive pas à le faire disparaitre. J'ouvre une nouvelle fenêtre et hop il est là. En plus, me sort des erreurs du genre : http://urlseek20.vmn.net/search.php?q=http%3A%2F%2F (etc) Je crois encore que là il est fautif .... Je ne sais pas quelle soft j'ai télécharger mais je voudrais me débarasser de cette m...e Comment faire ? Nota : sur l'ordinateur j'ai 5 comptes utilisateurs. Merci de votre aide.
  20. letitive
    Donc pas de solutions avec IE7 ?
  21. letitive
    Meric pour l'info. Je connais effectivement plusieurs effaceurs, mais ce que je cherche et plus en empêcheur de s'installer qu'un effaceur. Je souhaiterai ne plus voir ces cookies sans avoir à m'ennnuyer à autoriser toutes les autres .... Y a-t-il un soft pour ça ?
  22. letitive
    Bonsoir, J'ai des cookies qui reviennent inlassablement. Le problème c'est que certains sites ne peuvent pas se passer de donner des cookies pour fonctionner .... J'ai passé Spybot et j'ai listé tout ça : (!) alors que je nettoie tous les jours et c'est toujours les mêmes ! Comment faire pour qu'elles ne s'installent pas à nouveau tout en gardant une navigation fluide de page bloquée parce que cookies bloquées ? Merci. Coockies list : Société: AdRevolver media.adrevolver.com adrevolver.com media.adrevolver.com/adrevolver/ Produit: Cookie Menace: Tracking cookie or cookie of tracking site. Description Uses information about your web surfing that could include any information, like accounts and passwords. Société: Adviva adviva.net Société: BlueStreak bluestreak.com Produit: Cookie Menace: Tracking cookie or cookie of tracking site. Société: CasaleMedia casalemedia.com Société: DoubleClick doubleclick.net Produit: Cookie Menace: Cookie traceur ou cookie d'un site qui vous surveille URL de la société: _http://www.doubleclick.com/_ URL vie privée: _http://www.doubleclick.com/us/corporate/privacy/privacy/default.asp?asp_object_1=&_ Description Utilise des informations sur vos habitudes de surf sur le web… ça pourrait englober n'importe quelle information, comme des comptes et des mots de passe. Déclaration vie privée Société: FastClick Fastclick.net Société: HitBox ehg-neuftelecom.hitbox.com hitbox.com ehg-quechoisir.hitbox.com Produit: Cookie Menace: Cookie traceur ou cookie d'un site qui vous surveille URL vie privée: _http://www.websidestory.com/cgi-bin/wss.cgi?privacy&privacy&index_ Description Comment veulent-ils délivrer un contenu spécifique, si ce n'est en surveillant mon comportement lorsque je surfe? Déclaration vie privée Société: LinkSynergy linksynergie.com Société: Mediaplex mediaplex.com apmebf.com Produit: Cookie Menace: Tracking cookie or cookie of tracking site. Société: Right Media ad.yieldmanager.com Société: Statcounter statcounter.com Produit: Cookie Menace: Tracking cookie or cookie of tracking site. Description Uses information about your web surfing that could include personal information like the IP address. This information is used to track unique users through websites using statcounter. Statcounter states that the webmaster can adjust the time to live of the tracking cookie from 30min to on week, while years are also possible. Déclaration vie privée Société: Tradedoubler tradedouler.com Produit: Cookie Menace: Tracking cookie or cookie of tracking site. Description Uses information about your web surfing that could include any information, like accounts and passwords. Société: WebTrends live states.webtrendslive.com Produit: Cookie Menace: Tracking cookie or cookie of tracking site. Description Uses information about your web surfing that could include any information, like accounts and passwords. Société: Zedo zedo.com Produit: Cookie Menace: Tracking cookie or cookie of tracking site.
  23. letitive
    Dans Windows XP, tout est relativement simple est accessible. Windows Vista est pour moi une galère. à vouloir faire du beau, je trouve qu'ils ont réussi à faire du pas pratique. L'utilitaire de Fax XP est TRES facil à mettre en route. Je ne l'ai troujour pas trouvé dans windows Vista. Ni dans l'aide VISTA. Quelqu'un peut-il me dire où il est ? Y a-t-il en fait un utilitaire de fax dans Vista ? Merci de votre aide.
  24. letitive
    Bonjour, J'ai un nouveau toshiba avec Vista , 5 comptes utilisateurs. Dans un des 2 comptes administrateurs, avec l'explorateur Windows, je ne peux pas : 1 - utiliser la fonction ctrl+A 2 - selectionner des fichiers en bloc en utilisant la touche maj 3 - selectionner des fichiers en bloc en utilisant la sourie 4 - selectionner des fichiers discrait en utilisant la touche ctrl .... où est la case à cocher qui manque : je ne trouve plus ! Merci de votre aide.
  25. letitive
    Je ne sais pas si c'est très catho ou musul mais j'ai fait comme si money était un virus. Inaccessible par ajout/sup de prog, J'ai utilisé Hickjackthis pour virer toutes les lignes contenant Money (2 lignes) Résultat : plus de problème. Résultat : IE6 a énormément gagné en vitesse ... Merci Microbug de donner tant de plaisir !!!!!!!!!!!!!!!!!!!!!!
×
×
  • Créer...