Aller au contenu

Ipson

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    29

  • Inscription

  • Dernière visite

Ipson's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. Ipson
    Bonjour, j'ai cherché les adresses mail trouvées par Avira..... impossible, pourquoi je ne sais pas. J'ai donc supprimé une bonne partie de mes mails et ceux qui étaient concernés sont parti avec. Un scan d'Avira me confirme qu'il n'y a plus de virus. Merci pour les conseils. Ipson
  2. Ipson
    De ce que je connais d'Avira, il n'y a pas d'option pour supprimer les mails concernés, je vais refaire un scan en indiquant "renommer" peut être qu'Avira acceptera une action. Je te tiens au courant. Ipson
  3. Ipson
    j'ai cliqué sur thunderbird, dans la liste des programmes proposés mais rien ne se passe, d'autre part j'ai lancé une recherche pour la liste que tu m'a envoyée, mais rien n'est trouvé. Est-ce que je garde Dr Web sur le bureau? merci Ipson
  4. Ipson
    Bonjour, merci pour ta réponse, je vais essayer ce que tu proposes, sachant que je ne sais pas avec quel programme je dois ouvrir le fichier inbox. Ipson
  5. Ipson
    je pense que c'est ce rapport que tu demandes, Ipson Recherche débutant dans 'C:\' <ACER> C:\Documents and Settings\Mon Portable\Application Data\Thunderbird\Profiles\5frjs2vi.default\Mail\pop3.immobilier-nantes.com\Inbox [0] Type d'archive: Netscape/Mozilla Mailbox [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen --> Mailbox_[From: "Manager Dallas Leon" <[email protected]>][subject: DHL Services. Please Get Your Parcel NR.11429][Message-ID: <000d01ca5bcc$9b2e4fc0$6400a8c0@intermentu9>]1528.mim [1] Type d'archive: MIME --> DHL_print_label_3762f.zip [2] Type d'archive: ZIP --> DHL_print_label_3762f.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen --> Mailbox_[From: "Manager Ophelia Oneil" <[email protected]>][Message-ID: <[email protected]>][subject: DHL Services. Get your parcel NR.8379]1572.mim [1] Type d'archive: MIME --> DHL_Label_8e248.zip [2] Type d'archive: ZIP --> DHL_Label_8e248.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen --> Mailbox_[From: "Support Jorge Mcknight" <[email protected]>][Message-ID: <[email protected]>][subject: DHL Express Services. Please get your parcel NR]1616.mim [1] Type d'archive: MIME --> DHL_document_Nr67813.zip [2] Type d'archive: ZIP --> DHL_document_Nr67813.exe [RESULTAT] Contient le cheval de Troie TR/Spy.ZBot.sks --> Mailbox_[From: "Postal Support Felix Jones" <[email protected]>][Message-ID: <[email protected]>][subject: DHL Services. You need to get a parcel NR.0486]1702.mim [1] Type d'archive: MIME --> DHL_label_3893.zip [2] Type d'archive: ZIP --> DHL_label_3893.exe --> Object [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen --> Mailbox_[From: "Your iTunes" <[email protected]>][subject: Thank you for buying iTunes Gift Certificate!][Message-ID: <000d01cafcb3$7cf6b910$6400a8c0@tamingg>]1854.mim [1] Type d'archive: MIME --> Gift_Certificate_241.zip [2] Type d'archive: ZIP --> Gift_Certificate_241.exe [RESULTAT] Contient le cheval de Troie TR/Spy.ZBot.HNO [AVERTISSEMENT] Ce fichier est une boîte à lettres. Pour ne pas gêner votre fonction d'emails, ce fichier n'est pas réparé ou supprimé. Recherche débutant dans 'D:\' <ACERDATA> Fin de la recherche : samedi 30 avril 2011 15:11 Temps nécessaire: 3:10:57 Heure(s) La recherche a été effectuée intégralement 13318 Les répertoires ont été contrôlés 646293 Des fichiers ont été contrôlés 5 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 0 Impossible de scanner des fichiers 646288 Fichiers non infectés 53424 Les archives ont été contrôlées 1 Avertissements 0 Consignes
  6. Ipson
    voici le rapport DrWeb: OTL.exe D:\MesDocs\Téléchargements Trojan.Siggen2.25631 Irréparable.Quarantaine.
  7. Ipson
    merci pour les conseils, voici le rapport: All processes killed ========== OTL ========== Error: No service named catchme was found to stop! Service\Driver key catchme not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. ========== SERVICES/DRIVERS ========== Error: No service named catchme was found to stop! Service\Driver key catchme not found. ========== REGISTRY ========== ========== FILES ========== C:\WINDOWS\tasks\Google Software Updater.job moved successfully. File\Folder C:\*.sqm not found. File\Folder C:\Program Files\DNA not found. ========== COMMANDS ========== [EMPTYTEMP] User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: All Users User: NetworkService ->Temp folder emptied: 16384 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Mon Portable ->Temp folder emptied: 33755 bytes ->Temporary Internet Files folder emptied: 501131 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 19604913 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 456 bytes User: temp ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 255 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 19,00 mb [EMPTYFLASH] User: Default User ->Flash cache emptied: 0 bytes User: All Users User: NetworkService ->Flash cache emptied: 0 bytes User: LocalService ->Flash cache emptied: 0 bytes User: Administrateur User: Mon Portable ->Flash cache emptied: 0 bytes User: temp Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 04282011_141912 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_930.dat not found! C:\Documents and Settings\Mon Portable\Local Settings\Temporary Internet Files\Content.IE5\SS51H0G4\manual[1].htm moved successfully. Registry entries deleted on Reboot... j'ai préféré ne pas sélectioner les lignes bleus concernant le proxy. en ce qui concerne Adobe, j'ai Adobe acrobat 9 pro, adobe air, adobe flash player 10 plugin,adobe flash player active x, adobe reader 7, et adobe shockwave player 11.5, lequel ou lesquels dois-je désinstaller avant d'installer Adobe Reader X (10.0.1) et pour java j'ai sept update de java 6 faut-il les désinstaller? Ipson
  8. Ipson
    et le rapport Extras.txt: OTL Extras logfile created on: 27/04/2011 19:07:16 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mon Portable\Bureau Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 022,00 Mb Total Physical Memory | 505,00 Mb Available Physical Memory | 49,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 53,20 Gb Total Space | 13,90 Gb Free Space | 26,14% Space Free | Partition Type: FAT32 Drive D: | 53,69 Gb Total Space | 42,82 Gb Free Space | 79,76% Space Free | Partition Type: FAT32 Computer Name: PORTABLE-BRUNO | User Name: Mon Portable | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp "1433:TCP" = 1433:TCP:LocalSubNet:Enabled:Microsoft SQL (TCP) "1434:UDP" = 1434:UDP:LocalSubNet:Enabled:Microsoft SQL (UDP) ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\System32\FXSCLNT.exe" = C:\WINDOWS\System32\FXSCLNT.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation) "C:\WINDOWS\System32\dpvsetup.exe" = C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- () "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{15B70821-7893-4607-805A-BB80F3EA8279}" = Acer Empowering Technology framework "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{26A24AE4-039D-4CA4-87B4-2F83216013F0}" = Java 6 Update 13 "{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java 6 Update 16 "{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java 6 Update 20 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 22 "{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{2F92229B-8CE2-4482-8047-9DBF49CA5F58}" = Camera RAW Plug-In for EPSON Creativity Suite "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A11948E-8521-43B8-BBBD-5C24B804F0A3}" = Samsung PC Studio 3 "{4DA416AE-6D1C-40D6-BCA3-A65A59DD60FC}" = Acer eDataSecurity Management "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{68AB8242-8133-40B7-AAF1-98A3DB98D62B}" = Brother HL-2150N "{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA) "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A28AB0B-22B1-494C-AF61-B386EA1736C0}" = LightScribe 1.4.97.1 "{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}" = Acer eLock Management "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = Analyseur et SDK MSXML 4.0 SP2 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{92C5DB3D-9D6F-4324-BB11-57825F4C2635}" = DVD Decoder Pak for Windows XP "{956673F5-0C6B-4428-A5D1-277AF533E098}" = EPSON PRINT Image Framer Tool "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A70FA218-6598-4AC9-813D-63597C5DD068}" = Galerie de photos Windows Live "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch "{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{B8890B12-4E4C-4E53-9ECB-96193BBA7767}" = EPSON Easy Photo Print "{BA165460-FCF7-4D6C-A7A2-F2321700720F}" = MobileMe Control Panel "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BBC55378-F255-4BF9-AA64-496AD831E6DB}" = Larousse Multidico "{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3 "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live "{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}" = Acer Screensaver "{DC5F786F-0733-46AC-8160-972A6906A872}" = WD SmartWare "{DEE08946-40F0-4890-853E-60A6C3306041}" = Acer ePerformance Management "{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites "{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}" = Acer eSettings Management "{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}" = Microsoft .NET Framework 3.0 French Language Pack "{E431C518-2EE2-471E-9234-BE995C36D513}" = Acer eDataSecurity Management 1.00.26 "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EC32D320-629A-4029-9DD6-9BD223DE838F}" = Resize My Pictures "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Audacity_is1" = Audacity 1.2.6 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "Celestia_is1" = Celestia 1.6.0 "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F" = HDAUDIO Soft Data Fax Modem with SmartCP "Defraggler" = Defraggler "ePresentation" = Acer ePresentation Management "EPSON Printer and Utilities" = EPSON Logiciel imprimante "EPSON Scanner" = EPSON Scan "ESPRX560_590 Guide d’utilisation" = ESPRX560_590 Guide d’utilisation "Free FLV Converter_is1" = Free FLV Converter V 6.7.4 "Free.fr" = Free - Kit de connexion "Google Updater" = Outil de mise à jour Google "GridVista" = Acer GridVista "HijackThis" = HijackThis 2.0.2 "HP Color LaserJet 3800" = HP Color LaserJet 3800 "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{15B70821-7893-4607-805A-BB80F3EA8279}" = Acer Empowering Technology framework "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}" = Acer eLock Management "InstallShield_{DEE08946-40F0-4890-853E-60A6C3306041}" = Acer ePerformance Management "InstallShield_{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}" = Acer eSettings Management "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox 4.0 (x86 fr)" = Mozilla Firefox 4.0 (x86 fr) "Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9) "NVIDIA Drivers" = NVIDIA Drivers "ProInst" = Logiciel Intel® PROSet/Wireless "QuickTime 3.0" = QuickTime 3.0 "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "Stellarium_is1" = Stellarium 0.10.6.1 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TerraExplorer" = TerraExplorer "VLC media player" = VLC media player 1.1.7 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WinRAR archiver" = Logiciel d'archivage WinRAR "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "ZHPDiag_is1" = ZHPDiag 1.27 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent DNA" = DNA "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 25/04/2011 10:27:31 | Computer Name = PORTABLE-BRUNO | Source = VSS | ID = 4001 Description = Erreur du service de cliché instantané des volumes : impossible de trouver des zones diff pour la création des copies. Ajoutez au moins un lecteur NTFS au système avec assez d'espace libre. L'espace libre requis est d'au moins 100 Mo pour chaque volume à sauvegarder ou cliché instantané à prendre. Error - 25/04/2011 10:44:41 | Computer Name = PORTABLE-BRUNO | Source = VSS | ID = 4001 Description = Erreur du service de cliché instantané des volumes : impossible de trouver des zones diff pour la création des copies. Ajoutez au moins un lecteur NTFS au système avec assez d'espace libre. L'espace libre requis est d'au moins 100 Mo pour chaque volume à sauvegarder ou cliché instantané à prendre. Error - 25/04/2011 12:06:49 | Computer Name = PORTABLE-BRUNO | Source = VSS | ID = 4001 Description = Erreur du service de cliché instantané des volumes : impossible de trouver des zones diff pour la création des copies. Ajoutez au moins un lecteur NTFS au système avec assez d'espace libre. L'espace libre requis est d'au moins 100 Mo pour chaque volume à sauvegarder ou cliché instantané à prendre. Error - 25/04/2011 12:22:37 | Computer Name = PORTABLE-BRUNO | Source = VSS | ID = 4001 Description = Erreur du service de cliché instantané des volumes : impossible de trouver des zones diff pour la création des copies. Ajoutez au moins un lecteur NTFS au système avec assez d'espace libre. L'espace libre requis est d'au moins 100 Mo pour chaque volume à sauvegarder ou cliché instantané à prendre. Error - 26/04/2011 06:08:27 | Computer Name = PORTABLE-BRUNO | Source = COM+ | ID = 135763 Description = L'environnement d'exécution n'a pas pu initialiser les transactions nécessaires pour la gestion des composants transactionnels. Assurez-vous que MS-DTC est en cours d'exécution. (DtcGetTransactionManagerEx(): hr = 0x8004d01 Error - 26/04/2011 06:08:28 | Computer Name = PORTABLE-BRUNO | Source = VSS | ID = 4001 Description = Erreur du service de cliché instantané des volumes : impossible de trouver des zones diff pour la création des copies. Ajoutez au moins un lecteur NTFS au système avec assez d'espace libre. L'espace libre requis est d'au moins 100 Mo pour chaque volume à sauvegarder ou cliché instantané à prendre. Error - 26/04/2011 06:21:00 | Computer Name = PORTABLE-BRUNO | Source = VSS | ID = 4001 Description = Erreur du service de cliché instantané des volumes : impossible de trouver des zones diff pour la création des copies. Ajoutez au moins un lecteur NTFS au système avec assez d'espace libre. L'espace libre requis est d'au moins 100 Mo pour chaque volume à sauvegarder ou cliché instantané à prendre. Error - 26/04/2011 06:28:00 | Computer Name = PORTABLE-BRUNO | Source = VSS | ID = 4001 Description = Erreur du service de cliché instantané des volumes : impossible de trouver des zones diff pour la création des copies. Ajoutez au moins un lecteur NTFS au système avec assez d'espace libre. L'espace libre requis est d'au moins 100 Mo pour chaque volume à sauvegarder ou cliché instantané à prendre. Error - 26/04/2011 07:06:04 | Computer Name = PORTABLE-BRUNO | Source = Application Error | ID = 1000 Description = Application défaillante adsltv.exe, version 2011.1.0.0, module défaillant msvcrt.dll, version 7.0.2600.5512, adresse de défaillance 0x00031b8d. Error - 26/04/2011 07:44:29 | Computer Name = PORTABLE-BRUNO | Source = VSS | ID = 4001 Description = Erreur du service de cliché instantané des volumes : impossible de trouver des zones diff pour la création des copies. Ajoutez au moins un lecteur NTFS au système avec assez d'espace libre. L'espace libre requis est d'au moins 100 Mo pour chaque volume à sauvegarder ou cliché instantané à prendre. [ System Events ] Error - 25/04/2011 12:39:43 | Computer Name = PORTABLE-BRUNO | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56} Error - 26/04/2011 02:01:22 | Computer Name = PORTABLE-BRUNO | Source = Service Control Manager | ID = 7001 Description = Le service Moniteur infrarouge dépend du service Services Terminal Server qui n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 26/04/2011 02:01:31 | Computer Name = PORTABLE-BRUNO | Source = Service Control Manager | ID = 7001 Description = Le service Service Partage réseau du Lecteur Windows Media dépend du service Hôte de périphérique universel Plug-and-Play qui n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 27/04/2011 01:36:30 | Computer Name = PORTABLE-BRUNO | Source = Service Control Manager | ID = 7001 Description = Le service Moniteur infrarouge dépend du service Services Terminal Server qui n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 27/04/2011 01:36:36 | Computer Name = PORTABLE-BRUNO | Source = Service Control Manager | ID = 7001 Description = Le service Service Partage réseau du Lecteur Windows Media dépend du service Hôte de périphérique universel Plug-and-Play qui n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 27/04/2011 03:35:15 | Computer Name = PORTABLE-BRUNO | Source = Server | ID = 2505 Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{7AE8BC04-C83F-4FF6-A2AB-66161C1EE927} car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer. Error - 27/04/2011 03:35:27 | Computer Name = PORTABLE-BRUNO | Source = Service Control Manager | ID = 7001 Description = Le service Moniteur infrarouge dépend du service Services Terminal Server qui n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 27/04/2011 03:35:36 | Computer Name = PORTABLE-BRUNO | Source = Service Control Manager | ID = 7001 Description = Le service Service Partage réseau du Lecteur Windows Media dépend du service Hôte de périphérique universel Plug-and-Play qui n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 27/04/2011 07:08:51 | Computer Name = PORTABLE-BRUNO | Source = Service Control Manager | ID = 7001 Description = Le service Moniteur infrarouge dépend du service Services Terminal Server qui n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 27/04/2011 07:09:00 | Computer Name = PORTABLE-BRUNO | Source = Service Control Manager | ID = 7001 Description = Le service Service Partage réseau du Lecteur Windows Media dépend du service Hôte de périphérique universel Plug-and-Play qui n'a pas pu démarrer en raison de l'erreur : %%1058 < End of report >
  9. Ipson
    merci, avira a bloqué un autorun. voilà le rapport OTL: OTL logfile created on: 27/04/2011 19:07:16 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mon Portable\Bureau Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 022,00 Mb Total Physical Memory | 505,00 Mb Available Physical Memory | 49,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 53,20 Gb Total Space | 13,90 Gb Free Space | 26,14% Space Free | Partition Type: FAT32 Drive D: | 53,69 Gb Total Space | 42,82 Gb Free Space | 79,76% Space Free | Partition Type: FAT32 Computer Name: PORTABLE-BRUNO | User Name: Mon Portable | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/04/27 18:21:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mon Portable\Bureau\OTL.exe PRC - [2011/04/27 14:05:12 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/03/31 14:26:04 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/11/08 11:43:34 | 001,060,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe PRC - [2010/11/08 11:43:16 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe PRC - [2010/11/08 11:40:14 | 000,237,568 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe PRC - [2010/08/17 13:38:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2010/01/14 22:11:16 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2008/04/14 04:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/08/10 19:29:14 | 000,352,256 | ---- | M] (Acer Incorporated) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2006/05/18 16:52:06 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe PRC - [2006/01/24 18:00:08 | 000,397,312 | ---- | M] (acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe PRC - [2005/12/27 15:50:28 | 000,069,632 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe PRC - [2005/10/24 16:45:32 | 002,462,208 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admtray.exe PRC - [2005/10/24 16:40:52 | 001,314,816 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admServ.exe PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE ========== Modules (SafeList) ========== MOD - [2011/04/27 18:21:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mon Portable\Bureau\OTL.exe MOD - [2011/02/08 15:34:12 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll MOD - [2010/08/23 18:12:40 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2006/01/20 15:56:00 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll MOD - [2005/12/27 16:57:30 | 000,053,248 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\sysenv.dll MOD - [2005/12/27 15:50:26 | 000,010,752 | ---- | M] () -- C:\WINDOWS\system32\MSNChatHook.dll MOD - [2004/08/10 20:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll MOD - [2003/03/18 21:12:12 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MFC71u.dll MOD - [2003/03/18 20:44:34 | 000,061,440 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MFC71FRA.DLL ========== Win32 Services (SafeList) ========== SRV - [2011/04/27 14:05:12 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/04/15 09:42:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/03/31 14:26:04 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/11/08 11:43:34 | 001,060,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME) SRV - [2010/11/08 11:43:16 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC) SRV - [2010/11/08 11:40:14 | 000,237,568 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010/01/09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2007/04/20 11:19:22 | 000,069,632 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service) SRV - [2006/05/18 16:52:06 | 000,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2005/10/24 16:40:52 | 001,314,816 | ---- | M] (Avocent Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\admServ.exe -- (AWService) SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2011/03/31 14:26:06 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010/12/26 17:10:00 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 15:28:04 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/06/17 15:27:54 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2007/05/02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007/05/02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007/05/02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2006/06/28 16:25:24 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006/06/16 19:17:38 | 000,074,752 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR) DRV - [2006/06/16 19:17:38 | 000,040,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR) DRV - [2006/06/16 19:17:36 | 000,061,056 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR) DRV - [2006/04/03 12:17:24 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel® DRV - [2006/01/23 12:41:04 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd) DRV - [2006/01/23 12:41:04 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd) DRV - [2005/11/28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005/10/31 14:17:00 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2005/10/31 14:16:00 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA) DRV - [2005/10/24 10:20:52 | 000,218,496 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005/10/18 16:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005/10/18 16:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005/10/15 18:20:44 | 000,012,106 | ---- | M] (OSA Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys -- (OsaFsLoc) DRV - [2005/09/13 15:34:40 | 000,004,392 | ---- | M] (OSA Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NdisFilt.sys -- (NdisFilt) DRV - [2005/06/30 16:58:24 | 000,007,296 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio) DRV - [2005/05/02 12:13:42 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETMNT.sys -- (NETMNT) DRV - [2005/01/14 15:57:16 | 000,004,010 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm) DRV - [2005/01/13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys) DRV - [2004/10/20 14:23:34 | 000,021,344 | ---- | M] (FreeBox SA) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fbxusb32.sys -- (fbxusb) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57273 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.fr" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 57273 FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 08:13:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/15 11:37:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2007/04/20 11:25:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/01/15 11:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mon Portable\Application Data\Mozilla\Extensions [2010/01/26 09:55:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mon Portable\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010/08/25 11:51:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mon Portable\Application Data\Mozilla\Extensions\[email protected] [2010/04/13 15:41:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mon Portable\Application Data\Mozilla\Firefox\Profiles\4mmil5rq.default\extensions [2010/04/28 07:46:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mon Portable\Application Data\Mozilla\Firefox\Profiles\4mmil5rq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/01/15 11:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/10/04 14:40:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/10/04 14:46:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/17 14:21:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} File not found (No name found) -- [2011/03/18 18:58:48 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/01/01 09:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml [2010/01/01 09:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 09:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/01/01 09:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/01/01 09:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/04/15 09:25:48 | 000,000,057 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe (Acer Value Labs, Taiwan) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [ADMTray.exe] C:\Acer\Empowering Technology\admtray.exe (Avocent Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST) O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Incorporated) O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe (acer Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir au format PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: pro9.fr ([www] http in Sites de confiance) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (Reg Error: Key error.) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://config.zebulon.fr/plugins/MaConfig_3_5_0_0.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\system32\acaptuser32.dll) - C:\WINDOWS\system32\acaptuser32.dll (Adobe Systems, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Mon Portable\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mon Portable\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/08/19 05:32:24 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2011/04/18 16:51:24 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2011/04/18 16:51:24 | 000,000,000 | R--D | M] - D:\Autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3codec - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17183584330711040) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/04/27 18:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mon Portable\Bureau\Nouveau dossier [2011/04/27 18:27:50 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mon Portable\Bureau\OTL.exe [2011/04/27 18:27:37 | 000,000,000 | -HSD | C] -- C:\Recycled [2011/04/27 17:01:05 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/04/21 16:15:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mon Portable\Recent [2011/04/20 13:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mon Portable\Local Settings\Application Data\Temp [2011/04/19 14:10:55 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/04/18 16:51:23 | 000,000,000 | R--D | C] -- C:\Autorun.inf [2011/04/15 14:32:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet [2011/04/15 09:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Macrovision Shared [2011/04/15 09:41:49 | 000,045,392 | R--- | C] (Adobe Systems Inc) -- C:\WINDOWS\System32\AdobePDF.dll [2011/04/15 09:41:49 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\WINDOWS\System32\AdobePDFUI.dll [2011/04/15 09:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mon Portable\Bureau\33 - BORDEAUX - Le Clos de la Chartreuse [2011/04/15 09:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mon Portable\Bureau\33 - BRUGES - Résidence Claudeville [2011/04/15 09:12:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mon Portable\Bureau\33 - MERIGNAC - Etoile Capeyron II [2011/04/15 09:12:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mon Portable\Bureau\33 - BORDEAUX Chartrons - 90 Rue Ducau [2011/04/15 09:12:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mon Portable\Bureau\33 - ARCACHON - Résidence de Lempicka [2011/04/14 17:15:26 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys [2011/04/14 17:11:53 | 000,455,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2011/04/14 14:42:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/04/14 14:42:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/04/14 14:42:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/04/14 14:42:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/04/14 14:42:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/04/13 17:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP [2011/04/13 17:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2011/04/08 13:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Avira [2011/04/08 13:51:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla [2011/04/08 13:51:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Mozilla [2011/03/31 09:54:00 | 000,000,000 | ---D | C] -- C:\FOUND.000 [2011/03/31 09:40:45 | 000,000,000 | ---D | C] -- C:\Navilog1 [2010/01/15 11:36:53 | 008,144,608 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.5.7.exe [2007/04/24 11:07:16 | 000,370,328 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-6u1-windows-i586-p-iftw.exe [2007/04/20 00:38:01 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\vsnpstd3.dll ========== Files - Modified Within 30 Days ========== [2011/04/27 19:08:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/04/27 19:05:00 | 000,015,112 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\etat civil modele 2.pdf [2011/04/27 19:04:50 | 001,914,308 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\1-2 Etat des risques naturels.pdf [2011/04/27 19:04:32 | 000,089,124 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\1-1-Contrat.resa_v2.pdf [2011/04/27 19:04:20 | 000,379,780 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\parking.pdf [2011/04/27 19:04:10 | 000,083,933 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\Notice descriptive08032011.pdf [2011/04/27 19:04:00 | 001,657,376 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\10-Plans-BatC_R+2.pdf [2011/04/27 19:03:48 | 001,674,037 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\09-Plans-BatC_R+1.pdf [2011/04/27 19:03:38 | 001,555,549 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\08-Plans-BatC_RDC.pdf [2011/04/27 19:03:28 | 002,011,004 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\07-Plans-BatB.pdf [2011/04/27 19:03:16 | 002,840,208 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\06-Plans-BatA.pdf [2011/04/27 19:03:06 | 000,614,470 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\05-Niveaux-BatC.pdf [2011/04/27 19:02:58 | 000,514,902 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\04-Niveaux-BatB.pdf [2011/04/27 19:02:50 | 000,930,896 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\03-Niveaux-BatA.pdf [2011/04/27 19:02:38 | 000,506,476 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\01-Book programme.pdf [2011/04/27 19:02:20 | 000,089,997 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\PrintGrilleExecGC.pdf [2011/04/27 18:21:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mon Portable\Bureau\OTL.exe [2011/04/27 18:12:04 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/04/27 17:19:22 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011/04/27 17:00:54 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1234897122-4237927532-652363978-1005Core1cb6b93eeceeb76.job [2011/04/27 16:32:00 | 000,195,951 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\1-1-Contrat.resa.pdf [2011/04/27 16:09:18 | 000,228,623 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\04-Plans_batA.pdf [2011/04/27 15:25:34 | 000,090,127 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\07-Descriptif.pdf [2011/04/27 15:25:18 | 000,382,817 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\03-Plans_garages+celliers.pdf [2011/04/27 15:25:00 | 000,263,273 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\02-Plan_masse.pdf [2011/04/27 13:12:02 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/04/27 13:09:06 | 000,000,451 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini [2011/04/27 13:08:22 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011/04/27 13:08:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/04/27 13:08:12 | 1071,763,456 | -HS- | M] () -- C:\hiberfil.sys [2011/04/27 11:56:04 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2011/04/27 08:12:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/04/26 17:55:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/04/26 15:58:08 | 000,147,606 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\05-BatB.pdf [2011/04/26 15:57:14 | 003,613,439 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\01-Plaquette.pdf [2011/04/26 15:54:20 | 000,059,328 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\08-Descriptif.pdf [2011/04/25 18:44:28 | 000,097,280 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/21 18:45:14 | 000,122,438 | ---- | M] () -- C:\Documents and Settings\Mon Portable\Bureau\Carte de la Réunion.jpg [2011/04/20 14:57:22 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/04/19 14:11:00 | 000,000,325 | RHS- | M] () -- C:\boot.ini [2011/04/15 22:16:20 | 000,058,904 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat [2011/04/15 10:03:32 | 000,286,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/04/14 17:19:52 | 000,560,290 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/04/14 17:19:52 | 000,490,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/04/14 17:19:52 | 000,104,528 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/04/14 17:19:52 | 000,090,760 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/04/14 14:50:44 | 000,000,220 | ---- | M] () -- C:\WINDOWS\Brownie.ini [2011/04/14 14:45:54 | 000,000,325 | ---- | M] () -- C:\Boot.bak [2011/03/31 14:26:06 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/03/30 11:32:12 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2011/03/30 11:32:12 | 000,000,000 | ---- | M] () -- C:\IO.SYS ========== Files Created - No Company Name ========== [2011/04/27 19:08:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/04/27 19:04:58 | 000,015,112 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\etat civil modele 2.pdf [2011/04/27 19:04:48 | 001,914,308 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\1-2 Etat des risques naturels.pdf [2011/04/27 19:04:30 | 000,089,124 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\1-1-Contrat.resa_v2.pdf [2011/04/27 19:04:19 | 000,379,780 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\parking.pdf [2011/04/27 19:04:09 | 000,083,933 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\Notice descriptive08032011.pdf [2011/04/27 19:03:58 | 001,657,376 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\10-Plans-BatC_R+2.pdf [2011/04/27 19:03:46 | 001,674,037 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\09-Plans-BatC_R+1.pdf [2011/04/27 19:03:36 | 001,555,549 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\08-Plans-BatC_RDC.pdf [2011/04/27 19:03:26 | 002,011,004 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\07-Plans-BatB.pdf [2011/04/27 19:03:05 | 000,614,470 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\05-Niveaux-BatC.pdf [2011/04/27 19:02:56 | 000,514,902 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\04-Niveaux-BatB.pdf [2011/04/27 19:02:48 | 000,930,896 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\03-Niveaux-BatA.pdf [2011/04/27 19:02:18 | 000,089,997 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\PrintGrilleExecGC.pdf [2011/04/27 18:58:24 | 002,840,208 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\06-Plans-BatA.pdf [2011/04/27 18:46:51 | 000,506,476 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\01-Book programme.pdf [2011/04/27 15:29:40 | 000,228,623 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\04-Plans_batA.pdf [2011/04/27 15:25:32 | 000,090,127 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\07-Descriptif.pdf [2011/04/27 15:25:17 | 000,382,817 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\03-Plans_garages+celliers.pdf [2011/04/27 15:24:59 | 000,263,273 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\02-Plan_masse.pdf [2011/04/27 15:24:11 | 000,195,951 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\1-1-Contrat.resa.pdf [2011/04/26 15:57:13 | 003,613,439 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\01-Plaquette.pdf [2011/04/26 15:56:05 | 000,147,606 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\05-BatB.pdf [2011/04/26 15:54:18 | 000,059,328 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\08-Descriptif.pdf [2011/04/21 18:45:13 | 000,122,438 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Bureau\Carte de la Réunion.jpg [2011/04/15 09:36:17 | 000,001,841 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe 3D Reviewer.lnk [2011/04/15 09:36:16 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Acrobat 9 Pro Extended.lnk [2011/04/15 09:36:16 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Acrobat Distiller 9.lnk [2011/04/15 09:36:16 | 000,001,788 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe LiveCycle Designer ES 8.2.lnk [2011/04/14 14:45:52 | 000,000,325 | ---- | C] () -- C:\Boot.bak [2011/04/14 14:45:49 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011/04/14 14:42:35 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/04/14 14:42:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/04/14 14:42:35 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/04/14 14:42:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/04/14 14:42:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/04/13 17:04:22 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin [2011/04/04 14:36:30 | 1071,763,456 | -HS- | C] () -- C:\hiberfil.sys [2011/03/30 11:32:10 | 000,000,000 | ---- | C] () -- C:\MSDOS.SYS [2011/03/30 11:32:10 | 000,000,000 | ---- | C] () -- C:\IO.SYS [2011/02/12 12:21:12 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011/02/08 14:50:39 | 001,133,429 | ---- | C] () -- C:\Program Files\tdsskiller.zip [2011/01/20 15:27:47 | 000,369,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/12/24 18:19:11 | 000,001,212 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Application Data\7817.97A [2010/12/23 10:13:57 | 000,000,158 | ---- | C] () -- C:\WINDOWS\ricdb.ini [2010/11/27 22:51:19 | 000,000,017 | ---- | C] () -- C:\WINDOWS\System32\XLATX2WWS.BIN [2010/11/27 22:51:07 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ZIPDLL.DLL [2010/11/27 22:51:07 | 000,115,200 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.DLL [2010/08/04 13:54:17 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010/05/31 14:48:27 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2070N.DAT [2010/05/31 14:30:36 | 000,000,441 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010/05/31 14:30:36 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2150N.DAT [2010/05/31 14:30:26 | 000,000,146 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI [2010/05/31 14:30:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini [2010/05/31 14:30:25 | 000,009,868 | ---- | C] () -- C:\WINDOWS\HL-2150N.INI [2010/05/31 14:30:25 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini [2010/05/31 14:29:40 | 000,000,220 | ---- | C] () -- C:\WINDOWS\Brownie.ini [2010/05/18 10:17:32 | 000,000,625 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Application Data\Raccourci vers Thunderbird.lnk [2010/05/12 08:07:45 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010/04/09 10:57:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/01/15 11:37:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/12/06 23:05:02 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat [2009/11/09 19:09:42 | 000,058,904 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2009/04/24 17:13:08 | 009,817,600 | ---- | C] () -- C:\Program Files\openofficeorg31.msi [2009/01/01 15:49:48 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll [2008/11/12 21:45:59 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI [2008/11/09 22:38:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt [2008/06/11 02:07:20 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008/05/23 00:18:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2007/09/25 14:39:17 | 000,097,280 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/09/07 14:30:49 | 000,000,274 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2007/09/02 17:07:13 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin [2007/08/01 18:00:37 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\fefbfccd8_r.dll [2007/08/01 10:13:35 | 000,000,148 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2007/08/01 10:13:11 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpclj3800g.ini [2007/08/01 10:12:13 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpclj3800m.ini [2007/06/18 21:42:23 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2007/06/16 09:36:04 | 000,002,911 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2007/05/05 22:18:43 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html [2007/05/05 18:20:21 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\KleiaHook.dll [2007/04/23 15:22:44 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2007/04/23 15:22:44 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2007/04/23 15:22:44 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2007/04/23 15:22:44 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2007/04/23 15:22:44 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2007/04/23 15:22:44 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2007/04/23 15:22:44 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2007/04/23 15:22:44 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2007/04/23 15:22:44 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2007/04/23 15:22:44 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2007/04/23 15:22:44 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2007/04/23 15:22:44 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2007/04/23 15:22:44 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2007/04/23 15:22:44 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2007/04/23 15:22:44 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2007/04/23 15:22:44 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2007/04/23 15:22:44 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2007/04/23 15:22:44 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2007/04/23 15:22:44 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2007/04/23 15:20:45 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE RX560EFGD.ini [2007/04/20 11:33:16 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007/04/20 11:25:02 | 000,003,476 | ---- | C] () -- C:\WINDOWS\mozver.dat [2007/04/18 16:22:45 | 000,000,451 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini [2007/04/18 16:13:33 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Mon Portable\Local Settings\Application Data\fusioncache.dat [2006/11/11 12:25:52 | 001,154,584 | ---- | C] () -- C:\WINDOWS\YTB.EXE [2006/11/11 12:25:52 | 000,261,627 | ---- | C] () -- C:\WINDOWS\EMEAWG.EXE [2006/08/19 06:41:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006/08/19 06:41:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/08/19 06:21:38 | 000,560,290 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2006/08/19 06:21:38 | 000,490,560 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006/08/19 06:21:38 | 000,104,528 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2006/08/19 06:21:38 | 000,090,760 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006/08/19 06:16:58 | 000,286,904 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006/08/19 05:32:50 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll [2006/08/19 05:31:18 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll [2006/08/19 05:31:18 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll [2006/08/19 05:31:18 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll [2006/08/19 05:31:18 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll [2006/08/19 04:44:26 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006/08/19 04:40:38 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006/06/16 19:17:32 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll [2006/06/12 16:11:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006/06/12 16:11:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2006/06/12 16:11:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006/06/12 16:11:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2006/06/12 16:11:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006/06/12 16:11:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006/06/12 16:11:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2006/06/12 16:11:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2006/06/12 16:11:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006/05/25 01:22:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe [2005/12/27 15:50:32 | 000,067,072 | ---- | C] () -- C:\WINDOWS\System32\HTCA_SelfExtract.bin [2005/12/27 15:50:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll [2005/12/27 15:50:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SC_res.dll [2005/12/27 15:50:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\EN_res.dll [2005/12/27 15:50:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\TC_res.dll [2005/12/27 15:50:26 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\MSNChatHook.dll [2005/12/14 20:59:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini [2005/10/31 18:17:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2005/10/26 14:59:46 | 000,037,706 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005/08/05 15:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005/07/15 16:48:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2005/05/02 12:13:42 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\NETMNT.sys [2005/03/28 15:45:26 | 000,000,081 | ---- | C] () -- C:\WINDOWS\ALaunch.ini [2005/03/14 14:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2004/08/10 20:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/10 20:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2004/08/10 20:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/10 20:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004/08/10 20:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/10 20:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2004/08/10 20:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/10 20:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/08/10 20:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2004/08/10 20:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004/08/10 20:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2003/12/29 20:45:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ServiceControl.dll [2002/05/24 16:34:46 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll [2001/08/26 17:04:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/26 17:02:42 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll [2001/07/06 16:30:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/04/27 13:08:10 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys [2011/04/27 13:08:12 | 1071,763,456 | -HS- | M] () -- C:\hiberfil.sys [2011/03/30 11:32:12 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2011/03/30 11:32:12 | 000,000,000 | ---- | M] () -- C:\IO.SYS [2004/08/10 20:00:00 | 000,004,952 | ---- | M] () -- C:\Bootfont.bin [2008/06/14 12:53:56 | 000,252,240 | ---- | M] () -- C:\ntldr [2004/08/10 20:00:00 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM [2011/04/19 14:11:00 | 000,000,325 | RHS- | M] () -- C:\boot.ini [2006/08/19 05:32:24 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT [1999/11/11 00:17:54 | 000,000,049 | ---- | M] () -- C:\MCE.TAG [2011/03/30 23:41:38 | 000,054,540 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_30.03.2011_23.40.20_log.txt [2011/04/16 08:16:04 | 000,000,905 | ---- | M] () -- C:\cleannavi.txt [2011/04/08 11:19:14 | 000,054,518 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_08.04.2011_11.18.15_log.txt [2011/04/09 13:41:38 | 000,054,518 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_09.04.2011_13.40.38_log.txt [2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr [2011/04/20 14:57:22 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/04/27 17:13:52 | 000,014,235 | ---- | M] () -- C:\ComboFix.txt [2011/04/14 14:45:54 | 000,000,325 | ---- | M] () -- C:\Boot.bak [2011/04/16 08:17:38 | 000,054,292 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_16.04.2011_08.16.29_log.txt [2011/04/18 16:51:24 | 000,004,009 | ---- | M] () -- C:\UsbFix.txt [2011/04/19 14:45:32 | 000,054,292 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_19.04.2011_14.44.05_log.txt [2011/04/27 19:08:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008/04/14 04:33:22 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2006/08/19 04:29:52 | 000,446,464 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [2006/08/19 04:29:52 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2006/08/19 04:29:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/03/31 14:26:06 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys [2011/02/17 15:18:04 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys [2011/02/17 15:18:24 | 000,455,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-27 05:44:44 < End of report >
  10. Ipson
    un mot de passe, que je n'ai pas, est demandé en tant qu'administrateur
  11. Ipson
    impossible d'ouvrir OTL en tant qu'administrateur
  12. Ipson
    Merci, comme convenu, j'ai désinstallé clamwin. Voici le rapport de combofix: ComboFix 11-04-26.05 - Mon Portable 27/04/2011 17:05:51.3.2 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.525 [GMT 2:00] Lancé depuis: d:\mesdocs\Téléchargements\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66} . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-03-27 au 2011-04-27 )))))))))))))))))))))))))))))))))))) . . 2011-04-20 11:40 . 2011-04-20 11:40 -------- d-----w- c:\documents and settings\Mon Portable\Local Settings\Application Data\Temp 2011-04-15 12:32 . 2011-04-15 12:32 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet 2011-04-15 07:42 . 2011-04-15 07:42 -------- d-----w- c:\program files\Fichiers communs\Macrovision Shared 2011-04-15 07:41 . 2008-04-07 03:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll 2011-04-15 07:41 . 2008-04-07 03:38 45392 ----a-r- c:\windows\system32\AdobePDF.dll 2011-04-14 15:15 . 2008-06-20 11:51 361600 ------w- c:\windows\system32\dllcache\tcpip.sys 2011-04-14 15:11 . 2011-02-17 13:18 455936 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2011-04-13 15:04 . 2011-04-20 12:57 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2011-04-13 15:02 . 2011-04-13 15:02 -------- d-----w- c:\program files\ZHPDiag 2011-04-08 11:52 . 2011-04-08 11:52 -------- d-----w- c:\documents and settings\LocalService\Application Data\Avira 2011-04-08 11:51 . 2011-04-08 11:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Mozilla 2011-03-31 07:54 . 2011-03-31 07:54 -------- d-----w- C:\FOUND.000 2011-03-31 07:40 . 2011-03-31 07:40 -------- d-----w- C:\Navilog1 2011-03-30 12:55 . 2011-03-30 12:55 -------- d-----r- c:\documents and settings\NetworkService\Favoris . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-31 12:26 . 2010-12-22 11:46 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-03-07 05:33 . 2004-08-10 18:00 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-04 06:36 . 2004-08-10 18:00 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-03-03 13:53 . 2004-08-10 18:00 1858048 ----a-w- c:\windows\system32\win32k.sys 2011-02-22 23:05 . 2006-01-09 18:02 916480 ----a-w- c:\windows\system32\wininet.dll 2011-02-22 23:05 . 2004-08-10 18:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-02-22 23:05 . 2004-08-10 18:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-02-22 11:42 . 2004-08-10 18:00 385024 ----a-w- c:\windows\system32\html.iec 2011-02-17 13:18 . 2004-08-10 18:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-02-17 13:18 . 2004-08-10 18:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys 2011-02-17 12:54 . 2010-07-22 06:19 5632 ----a-w- c:\windows\system32\xpsp4res.dll 2011-02-15 12:56 . 2004-08-10 18:00 290432 ----a-w- c:\windows\system32\atmfd.dll 2011-02-11 14:44 . 2004-08-10 18:00 239104 ----a-w- c:\windows\system32\fxscover.exe 2011-02-08 13:34 . 2004-08-10 18:00 978944 ----a-w- c:\windows\system32\mfc42.dll 2011-02-08 13:34 . 2004-08-10 18:00 974848 ----a-w- c:\windows\system32\mfc42u.dll 2011-02-04 15:48 . 2005-08-05 13:38 456192 ----a-w- c:\windows\system32\encdec.dll 2011-02-04 15:48 . 2005-08-05 13:38 291840 ----a-w- c:\windows\system32\sbe.dll 2011-02-02 06:59 . 2004-08-10 18:00 2067456 ----a-w- c:\windows\system32\mstscax.dll 2010-01-15 09:36 . 2010-01-15 09:36 8144608 ----a-w- c:\program files\Firefox Setup 3.5.7.exe 2009-04-24 15:13 . 2009-04-24 15:13 9817600 ----a-w- c:\program files\openofficeorg31.msi 2007-04-24 09:07 . 2007-04-24 09:07 370328 ----a-w- c:\program files\jre-6u1-windows-i586-p-iftw.exe 2011-03-18 16:58 . 2011-03-24 06:13 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208] "Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\acaptuser32.dll . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WDDMStatus.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WDDMStatus.lnk backup=c:\windows\pss\WDDMStatus.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2010-04-13 00:29 47392 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel] 2005-12-21 13:02 53248 ------w- c:\program files\Realtek\InstallShield\AzMixerSel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] 2009-11-13 06:19 323392 ----a-w- c:\program files\DNA\btdna.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsWnd] 2009-06-11 08:17 3618104 ------w- c:\program files\Brownie\BrStsWnd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2009-11-01 15:47 135664 ----a-w- c:\documents and settings\Mon Portable\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] 2004-08-10 18:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-03-07 13:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002] 2004-08-10 18:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] 2004-08-10 18:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] 2004-08-10 18:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\System32\\FXSCLNT.exe"= "c:\\WINDOWS\\System32\\dpvsetup.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) . R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [22/12/2010 13:46 136360] R2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [08/11/2010 11:40 237568] R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [08/11/2010 11:43 1060352] R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [08/11/2010 11:43 484352] S2 gupdate1c9a0dbf26b90ec;Service Google Update (gupdate1c9a0dbf26b90ec);c:\program files\Google\Update\GoogleUpdate.exe [09/03/2009 18:24 133104] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [20/10/2004 14:23 21344] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys --> c:\windows\system32\DRIVERS\ivusb.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [20/01/2011 14:56 11520] . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - INT15.SYS . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contenu du dossier 'Tâches planifiées' . 2011-04-27 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-06 19:07] . 2011-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-09 16:24] . 2011-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-09 16:24] . 2011-04-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34] . 2011-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1234897122-4237927532-652363978-1005Core1cb6b93eeceeb76.job - c:\documents and settings\Mon Portable\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-03 15:47] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyServer = http=127.0.0.1:57273 uInternet Settings,ProxyOverride = *.local IE: Ajouter au fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html Trusted Zone: pro9.fr\www FF - ProfilePath - c:\documents and settings\Mon Portable\Application Data\Mozilla\Firefox\Profiles\4mmil5rq.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 57273 FF - prefs.js: network.proxy.type - 4 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-04-27 17:11 Windows 5.1.2600 Service Pack 3 FAT NTAPI . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'explorer.exe'(2420) c:\windows\system32\MSNChatHook.dll c:\windows\system32\sysenv.dll c:\windows\system32\MSVCR71.dll c:\acer\Empowering Technology\ePower\SysHook.dll c:\windows\system32\msi.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2011-04-27 17:13:51 ComboFix-quarantined-files.txt 2011-04-27 15:13 ComboFix2.txt 2011-04-19 12:20 . Avant-CF: 14 879 948 800 octets libres Après-CF: 14 915 960 832 octets libres . - - End Of File - - BBFB17582E7FF818284D501790F1E1A2
  13. Ipson
    Bonjour lance_yien, merci de cette réponse rapide. Voici les rapports demandés: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6456 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 27/04/2011 14:48:18 mbam-log-2011-04-27 (14-48-18).txt Type d'examen: Examen rapide Elément(s) analysé(s): 177914 Temps écoulé: 6 minute(s), 39 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Results of screen317's Security Check version 0.99.10 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus ClamWin Free Antivirus 0.97 Antivirus up to date! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java 6 Update 13 Java 6 Update 16 Java 6 Update 20 Java 6 Update 22 Java SE Runtime Environment 6 Update 1 Java 6 Update 2 Java 6 Update 3 Java 6 Update 5 Out of date Java installed! Adobe Flash Player 10.2.153.1 Adobe Reader 7.0 Out of date Adobe Reader installed! Mozilla Thunderbird (3.1.9) ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log````````````
  14. Ipson
    Bonjour, voici le lien de la question que j'ai posée il y a quelques jours: http://forum.zebulon.fr/avira-faux-positif-t184799.html merci de votre aide Ipson
  15. Ipson
    Bonjour, depuis quelques jours avira trouve des "cheval de troie" et pourtant je ne vois pas d'incidence sur mon ordi. Après recherche je ne sais pas s'il s'agit de faux positif ou non. Pouvez-vous vous me renseigner? merci [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen --> Mailbox_[From: "Manager Dallas Leon" <[email protected]>][subject: DHL Services. Please Get Your Parcel NR.11429][Message-ID: <000d01ca5bcc$9b2e4fc0$6400a8c0@intermentu9>]1528.mim [1] Type d'archive: MIME --> DHL_print_label_3762f.zip [2] Type d'archive: ZIP --> DHL_print_label_3762f.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen --> Mailbox_[From: "Manager Ophelia Oneil" <[email protected]>][Message-ID: <[email protected]>][subject: DHL Services. Get your parcel NR.8379]1572.mim [1] Type d'archive: MIME --> DHL_Label_8e248.zip [2] Type d'archive: ZIP --> DHL_Label_8e248.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen --> Mailbox_[From: "Support Jorge Mcknight" <[email protected]>][Message-ID: <[email protected]>][subject: DHL Express Services. Please get your parcel NR]1616.mim [1] Type d'archive: MIME --> DHL_document_Nr67813.zip [2] Type d'archive: ZIP --> DHL_document_Nr67813.exe [RESULTAT] Contient le cheval de Troie TR/Spy.ZBot.sks --> Mailbox_[From: "Postal Support Felix Jones" <[email protected]>][Message-ID: <[email protected]>][subject: DHL Services. You need to get a parcel NR.0486]1702.mim [1] Type d'archive: MIME --> DHL_label_3893.zip [2] Type d'archive: ZIP --> DHL_label_3893.exe --> Object [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen --> Mailbox_[From: "Your iTunes" <[email protected]>][subject: Thank you for buying iTunes Gift Certificate!][Message-ID: <000d01cafcb3$7cf6b910$6400a8c0@tamingg>]1854.mim [1] Type d'archive: MIME --> Gift_Certificate_241.zip [2] Type d'archive: ZIP --> Gift_Certificate_241.exe [RESULTAT] Contient le cheval de Troie TR/Spy.ZBot.HNO [AVERTISSEMENT] Ce fichier est une boîte à lettres. Pour ne pas gêner votre fonction d'emails, ce fichier n'est pas réparé ou supprimé.
×
×
  • Créer...