Aller au contenu

fredorp59

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    225

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par fredorp59

  1. fredorp59
    Bonjour, Voici le rapport de MBAM au complet où il m'a détecté un virus : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6567 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 13/05/2011 15:42:11 mbam-log-2011-05-13 (15-41-54).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|) Elément(s) analysé(s): 355116 Temps écoulé: 53 minute(s), 29 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): d:\fredo_ancien_pc\images cd\serious sam hd the second encounter (fixfr) par huyustus\anti-valve steam memory patcher 2.4.5\AVSMP.exe (Trojan.Downloader) -> No action taken. J'ai mit ensuite Java à jour et pas encore Adobe Acrobat Reader. Il faudrait peut-être que je désinstalle SecurityCheck et OTL.
  2. fredorp59
    Bonjour, Je m'excuse pour le retard de réponse mais je n'ai pas encore fait la suite de ce que vous m'avez demandé dans votre dernière réponse, demain je m'occuperai de MBAM en examen complet et de la suite que vous m'avez dit de faire
  3. fredorp59
    Voici le rapport OTL demandé : All processes killed ========== OTL ========== 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. ADS C:\ProgramData\Temp:5C321E34 deleted successfully. ADS C:\ProgramData\Temp:05EE1EEF deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== < ipconfig /flushdns /c > No captured output from command... C:\Users\Frédéric\Desktop\cmd.bat deleted successfully. File\Folder C:\WINDOWS\tasks\*.job not found. File\Folder C:\*.sqm not found. C:\install.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Frédéric ->Temp folder emptied: 484930434 bytes ->Temporary Internet Files folder emptied: 91042772 bytes ->Java cache emptied: 14318 bytes ->FireFox cache emptied: 51894652 bytes ->Flash cache emptied: 5454 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 31132053 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 629,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Frédéric ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 05102011_154525 Files\Folders moved on Reboot... C:\Users\Frédéric\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... Si non en consultant ce qui était écrit dans le rapport antivir, je vois : cheval de Troie TR/Dropper.Gen ; cheval de Troie TR/Agent.bdo ; cheval de Troie TR/Spy.38912.46 ; TR/Spy.327680.266 ; TR/Agent.BBG.1. Donc tout ceci me paraît bizarre dans les analyse après Antivir où il y avait rien de trouver. Est-ce que faire un examen complet avec MBAM permettrait d'y voir plus claire? ou ZHP?
  4. fredorp59
    OTL Extras logfile created on: 10/05/2011 13:38:49 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Frédéric\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 80,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,95 Gb Total Space | 353,15 Gb Free Space | 76,95% Space Free | Partition Type: NTFS Drive D: | 459,46 Gb Total Space | 82,41 Gb Free Space | 17,94% Space Free | Partition Type: NTFS Drive M: | 963,70 Mb Total Space | 913,13 Mb Free Space | 94,75% Space Free | Partition Type: FAT Computer Name: FREDO-PC | User Name: Frédéric | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 "DisableUnicastResponsesToMulticastBroadcast" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 "DoNotAllowExceptions" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{3156336D-8E44-3671-A6FE-AE51D3D6564E}" = Microsoft Windows SDK for Windows 7 (7.1) "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}" = Debugging Tools for Windows (x64) "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1) "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = WinRAR 4.00 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6 "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FF7993C-23B1-4C91-B1F6-09D13C57A06A}_is1" = VirtualDub 1.8.8 Fr "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{230B83A5-7D88-4B95-B71E-F44C0C78B002}" = Windows Live Movie Maker "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java 6 Update 23 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3 "{56541638-78EA-4050-91DA-23D7CBFF4323}_is1" = LRose 796 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress "{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}" = Serious Sam : Second Contact "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs "{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.6 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{AE1F1599-1496-4402-B5E4-B1F68C6854CD}" = Rose Online 1.0.254.123 "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{BFA7BC6A-533A-11DD-9A89-000FEA4F9ED5}_is1" = Ultracopier "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help "{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1" = VirtualDub Plugin Pack 1.0.0.6 Fr "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{f90bf5d2-e406-4d4a-ab23-1b631d02fe98}" = Nero 9 Essentials "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool "0E91F37C-AAD6-4FB6-8254-A4297BEAC702" = Tkontrole-Serveur "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CamStudio 2.02 Fr_is1" = CamStudio 2.02 Fr "Cossacks : Back To War" = Cossacks - Back To War "Deus Ex" = Deus Ex "Diablo II" = Diablo II "DivX Setup.divx.com" = Configuration DivX "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "ForceBindIP" = ForceBindIP "FormatFactory" = FormatFactory 2.50 "Fraps" = Fraps (remove only) "Free Download Manager_is1" = Free Download Manager 3.0 "GameSpy Arcade" = GameSpy Arcade "Garena" = Garena 2010 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Hotkey Utility" = Hotkey Utility "Identity Card" = Identity Card "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager "Internet Download Manager" = Internet Download Manager "La boite a couleurs_is1" = La boite a couleurs version 1.6.15 "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus!" = Messenger Plus! 5 "Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr) "Mtp Target" = Mtp Target "Mumble" = Mumble and Murmur "Natural Selection_is1" = Natural Selection 3.2 "nGlide" = nGlide v0.93 "Notepad++" = Notepad++ "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "PacSteamT" = PacSteamT "pcsx2-r3113" = PCSX2 - Playstation 2 Emulator "pcsx2-r3878" = PCSX2 - Playstation 2 Emulator "PhotoFiltre" = PhotoFiltre "PlugY, The Survival Kit" = PlugY, The Survival Kit "Serious Sam HD The First Encounter_is1" = Serious Sam HD The First Encounter "SpywareBlaster_is1" = SpywareBlaster 4.4 "Starcraft" = Starcraft "StarCraft II" = StarCraft II "Steam App 10" = Counter-Strike "Steam App 13240" = Unreal Tournament "Steam App 13250" = Unreal Gold "Steam App 15130" = Beyond Good & Evil "Steam App 22600" = Worms Reloaded "Steam App 2350" = Quake III: Team Arena "Steam App 3330" = Zuma Deluxe "Steam App 41005" = Serious Sam HD Dedicated Server "Steam App 41010" = Serious Sam HD: The Second Encounter "Steam App 41060" = Serious Sam Classic: The Second Encounter "Steam App 6910" = Deus Ex: Game of the Year Edition "Steam App 6920" = Deus Ex: Invisible War "Steam App 70" = Half-Life "TmNations_is1" = TrackMania Nations ESWC 1.8.0 "Tumblebugs" = Tumblebugs "UltraISO_is1" = UltraISO Premium V9.33 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.0.5 "Warcraft III" = Warcraft III "WinLiveSuite_Wave3" = Installation Windows Live "WinPcapInst" = WinPcap 4.1.1 "World of Warcraft" = World of Warcraft "'Worms: Reloaded™'_is1" = 'Worms: Reloaded™' (Àíãëèéñêàÿ Âåðñèÿ) "Xfire" = Xfire (remove only) "Zeb Help Process_is1" = ZebHelpProcess 2.41 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.4.0 "GameRanger" = GameRanger "Notification de cadeaux MSN" = Notification de cadeaux MSN "PhotoFiltre" = PhotoFiltre "Warcraft III" = Warcraft III: All Products ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 20/04/2011 07:04:21 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 20/04/2011 15:29:43 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 20/04/2011 15:29:43 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 21/04/2011 03:43:03 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Error - 21/04/2011 03:44:04 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842787 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 21/04/2011 03:44:26 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\program files\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files\spybot - search & destroy\DelZip179.dll » à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide. Error - 21/04/2011 03:44:35 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksdb.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 21/04/2011 03:44:35 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksCal.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 21/04/2011 03:44:35 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 21/04/2011 03:44:35 | Computer Name = Fredo-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. [ System Events ] Error - 12/12/2010 05:58:04 | Computer Name = Fredo-PC | Source = Service Control Manager | ID = 7000 Description = Le service GarenaPEngine n’a pas pu démarrer en raison de l’erreur : %%1275 Error - 12/12/2010 06:04:46 | Computer Name = Fredo-PC | Source = Application Popup | ID = 1060 Description = Le chargement de \??\C:\Users\FRDRIC~1\AppData\Local\Temp\NOAD347.tmp a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 12/12/2010 06:04:46 | Computer Name = Fredo-PC | Source = Service Control Manager | ID = 7000 Description = Le service GarenaPEngine n’a pas pu démarrer en raison de l’erreur : %%1275 Error - 12/12/2010 08:12:59 | Computer Name = Fredo-PC | Source = Application Popup | ID = 1060 Description = Le chargement de \??\C:\Users\FRDRIC~1\AppData\Local\Temp\LAB3602.tmp a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 12/12/2010 08:12:59 | Computer Name = Fredo-PC | Source = Service Control Manager | ID = 7000 Description = Le service GarenaPEngine n’a pas pu démarrer en raison de l’erreur : %%1275 Error - 12/12/2010 08:14:03 | Computer Name = Fredo-PC | Source = Application Popup | ID = 1060 Description = Le chargement de \??\C:\Users\FRDRIC~1\AppData\Local\Temp\MEQ3141.tmp a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 12/12/2010 08:14:03 | Computer Name = Fredo-PC | Source = Service Control Manager | ID = 7000 Description = Le service GarenaPEngine n’a pas pu démarrer en raison de l’erreur : %%1275 Error - 12/12/2010 08:22:41 | Computer Name = Fredo-PC | Source = Application Popup | ID = 1060 Description = Le chargement de \??\C:\Users\FRDRIC~1\AppData\Local\Temp\NFD17B9.tmp a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 12/12/2010 08:22:41 | Computer Name = Fredo-PC | Source = Service Control Manager | ID = 7000 Description = Le service GarenaPEngine n’a pas pu démarrer en raison de l’erreur : %%1275 Error - 12/12/2010 10:26:17 | Computer Name = Fredo-PC | Source = Service Control Manager | ID = 7031 Description = Le service TeamViewer 5 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. < End of report >
  5. fredorp59
    Analyse terminé, voici les rapports demandé : OTL logfile created on: 10/05/2011 13:38:49 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Frédéric\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 80,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,95 Gb Total Space | 353,15 Gb Free Space | 76,95% Space Free | Partition Type: NTFS Drive D: | 459,46 Gb Total Space | 82,41 Gb Free Space | 17,94% Space Free | Partition Type: NTFS Drive M: | 963,70 Mb Total Space | 913,13 Mb Free Space | 94,75% Space Free | Partition Type: FAT Computer Name: FREDO-PC | User Name: Frédéric | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/10 13:28:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Frédéric\Desktop\OTL.exe PRC - [2011/04/28 08:33:16 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011/03/31 17:20:39 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010/11/20 01:14:35 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Users\Frédéric\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe PRC - [2010/08/17 14:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/05/25 17:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe PRC - [2009/09/29 12:31:58 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009/09/29 11:51:14 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe PRC - [2009/09/10 15:42:46 | 000,305,448 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe PRC - [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe PRC - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009/08/18 09:27:26 | 000,629,280 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe PRC - [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [1988/01/01 08:47:36 | 000,013,312 | RH-- | M] () -- C:\Program Files (x86)\tkontrole-serveur\lib\service\srvany.exe ========== Modules (SafeList) ========== MOD - [2011/05/10 13:28:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Frédéric\Desktop\OTL.exe MOD - [2011/02/11 16:11:36 | 000,034,208 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\idmmkb.dll MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV:64bit: - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2011/04/28 08:33:16 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/03/31 17:20:39 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/03/28 15:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010/11/16 23:57:15 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010/10/19 14:29:03 | 002,011,944 | R--- | M] (TeamViewer GmbH) [Auto | Stopped] -- D:\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010/06/17 23:50:00 | 003,890,920 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009/09/10 15:42:46 | 000,305,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/08/25 19:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [1988/01/01 08:47:36 | 000,013,312 | RH-- | M] () [Auto | Running] -- C:\Program Files (x86)\tkontrole-serveur\lib\service\srvany.exe -- (tkontrole) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/01/25 12:40:06 | 000,142,936 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP) DRV:64bit: - [2010/12/15 10:13:10 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) Protocole RMCAST (multidiffusion fiable) DRV:64bit: - [2010/10/08 16:52:38 | 000,144,784 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010/08/29 12:58:30 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010/08/17 14:39:11 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2010/03/11 11:17:14 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:64bit: - [2010/02/03 16:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009/10/20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2009/08/21 22:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/12 12:19:58 | 000,287,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress) Intel® DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009/05/06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2009/02/10 17:23:10 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrv64.sys -- (ISODrive) DRV:64bit: - [2009/02/03 17:40:13 | 000,077,432 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) DRV:64bit: - [2009/02/03 17:37:50 | 000,075,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV:64bit: - [2007/02/08 19:47:24 | 000,107,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV:64bit: - [2006/06/14 16:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005/01/04 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m3800&r=173608101706pe445v105w4431t208 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m3800&r=173608101706pe445v105w4431t208 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m3800&r=173608101706pe445v105w4431t208 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m3800&r=173608101706pe445v105w4431t208 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/02/19 11:35:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/02/19 11:35:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla\components [2011/05/06 17:14:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla\plugins [2011/05/06 17:14:43 | 000,000,000 | ---D | M] [2010/08/27 13:27:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frédéric\AppData\Roaming\mozilla\Extensions [2011/05/06 14:05:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frédéric\AppData\Roaming\mozilla\Firefox\Profiles\efr8hcdk.default\extensions [2011/04/27 08:09:30 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Frédéric\AppData\Roaming\mozilla\Firefox\Profiles\efr8hcdk.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2011/01/02 10:45:10 | 000,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Users\Frédéric\AppData\Roaming\mozilla\Firefox\Profiles\efr8hcdk.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} [2011/03/27 10:06:05 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Frédéric\AppData\Roaming\mozilla\Firefox\Profiles\efr8hcdk.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/04/08 09:36:10 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Frédéric\AppData\Roaming\mozilla\Firefox\Profiles\efr8hcdk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/09/18 09:34:12 | 000,000,000 | ---D | M] (File Search) -- C:\Users\Frédéric\AppData\Roaming\mozilla\Firefox\Profiles\efr8hcdk.default\extensions\contact@searchfiles.de [2011/02/05 23:03:28 | 000,000,000 | ---D | M] (Secure Login) -- C:\Users\Frédéric\AppData\Roaming\mozilla\Firefox\Profiles\efr8hcdk.default\extensions\secureLogin@blueimp.net O1 HOSTS File: ([2010/08/27 16:05:15 | 000,416,980 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14389 more lines... O2:64bit: - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files)\Free Download Manager\iefdm2.dll () O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [tkontrole-serveur] D:\Version5\TK\tkontrole-serveur.exe (ActiveState Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [steam] C:\Steam\steam.exe (Valve Corporation) O4 - Startup: C:\Users\Frédéric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\Frédéric\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation) O4 - Startup: C:\Users\Frédéric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8:64bit: - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files)\Free Download Manager\dlfvideo.htm () O8:64bit: - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm () O8:64bit: - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8:64bit: - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm () O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files)\Free Download Manager\dlall.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L) Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll () Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm () Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm () Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll () Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L) Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll () Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll () Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/05/10 13:28:26 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Frédéric\Desktop\OTL.exe [2011/05/05 21:18:56 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/05/05 21:18:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/05/05 21:18:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/05/05 21:18:56 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/05/05 21:18:56 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/05/05 21:18:56 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/05/05 21:18:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/05/05 21:18:56 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/05/05 21:18:56 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/05/05 21:18:56 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/05/05 21:18:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/05/05 21:18:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/05/05 21:18:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/05/05 21:18:55 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/05/05 21:18:55 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/05/05 21:18:55 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/05/05 21:18:55 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/05/05 21:18:55 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/05/05 21:18:55 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/05/05 21:18:55 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/05/05 21:18:55 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/05/05 21:18:55 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/05/05 21:18:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/05/05 21:18:55 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/05/05 21:18:55 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/05/05 21:18:55 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/05/05 21:18:55 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/05/05 21:18:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/05/05 21:18:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/05/05 21:18:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/05/05 21:18:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/05/05 21:18:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/05/05 21:18:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/05/05 21:18:55 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/05/05 21:18:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/05/05 21:18:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/05/05 21:18:55 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/05/05 21:18:55 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/05/05 21:18:55 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/05/05 21:18:55 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/05/05 21:18:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/05/05 21:18:55 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/05/05 21:18:55 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/05/05 21:18:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/05/05 21:18:55 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/05/05 21:18:55 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/05/05 21:18:55 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/05/05 21:18:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/05/05 21:18:55 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/05/05 21:18:55 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/05/05 21:18:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/05/05 21:18:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/05/05 21:18:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/05/05 21:18:55 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/05/05 21:18:54 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/05/05 21:18:54 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/05/05 21:18:54 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/05/05 21:18:54 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/05/05 21:18:54 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/05/05 21:18:54 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/05/05 21:18:54 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/05/05 21:18:54 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/05/05 21:18:54 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/05/05 21:18:54 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/05/05 21:18:54 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/05/05 21:18:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/05/05 21:18:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/05/05 21:18:54 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/05/05 21:18:54 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/05/05 21:18:54 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/05/05 21:18:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/05/05 21:18:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/05/05 21:18:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/05/05 21:18:54 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/05/05 21:18:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/05/05 21:18:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/05/05 21:18:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/05/05 21:18:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/05/05 21:06:55 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011/05/05 21:06:55 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2011/05/05 21:06:48 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2011/05/05 21:06:48 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2011/05/05 21:06:48 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2011/05/05 21:06:48 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2011/05/05 21:06:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2011/05/05 21:06:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2011/05/05 21:06:48 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2011/05/05 21:06:40 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/05/05 21:06:40 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/05/05 21:06:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2011/05/05 21:06:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2011/05/01 16:32:16 | 000,000,000 | ---D | C] -- C:\Users\Frédéric\AppData\Roaming\KompoZer [2011/04/18 10:58:05 | 000,000,000 | ---D | C] -- C:\Users\Frédéric\AppData\Roaming\PhotoFiltre [2011/04/18 10:57:36 | 000,000,000 | ---D | C] -- C:\Users\Frédéric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre [2011/04/18 10:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre [2011/04/18 10:56:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre [2011/04/17 15:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras [2011/04/17 15:15:32 | 000,000,000 | ---D | C] -- C:\Users\Frédéric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011/04/17 15:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011/04/17 15:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla [2011/04/13 09:49:24 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/04/13 09:49:24 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/04/13 09:48:02 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011/04/13 09:48:02 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011/04/13 09:48:02 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011/04/13 09:48:01 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011/04/13 09:47:56 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/04/13 09:47:55 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/04/13 09:47:55 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/04/13 09:47:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/04/13 09:47:54 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011/04/13 09:47:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011/04/13 09:47:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011/04/13 09:47:47 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011/04/13 09:47:46 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011/04/13 09:47:46 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011/04/13 09:47:46 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011/04/13 09:47:46 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011/04/13 09:47:46 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011/04/13 09:47:46 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011/04/13 09:47:04 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2010/02/04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll [2009/10/13 05:07:14 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2011/05/10 13:39:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/10 13:28:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Frédéric\Desktop\OTL.exe [2011/05/10 10:46:05 | 000,879,028 | ---- | M] () -- C:\Users\Frédéric\Desktop\SecurityCheck.exe [2011/05/10 10:36:48 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/10 10:36:48 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/10 10:29:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/05/10 10:29:07 | 2146,807,807 | -HS- | M] () -- C:\hiberfil.sys [2011/05/09 23:09:51 | 000,046,742 | ---- | M] () -- C:\Users\Frédéric\AppData\Roaming\room.dat [2011/05/07 21:50:48 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET [2011/05/06 17:15:07 | 000,001,747 | ---- | M] () -- C:\Users\Frédéric\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/05/05 22:31:09 | 000,001,457 | ---- | M] () -- C:\Users\Frédéric\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/05/05 21:18:56 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/05/05 21:18:56 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/05/05 21:18:56 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/05/05 21:18:56 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/05/05 21:18:56 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/05/05 21:18:56 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/05/05 21:18:56 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/05/05 21:18:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/05/05 21:18:56 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/05/05 21:18:56 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/05/05 21:18:56 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/05/05 21:18:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/05/05 21:18:56 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/05/05 21:18:55 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/05/05 21:18:55 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/05/05 21:18:55 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/05/05 21:18:55 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/05/05 21:18:55 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/05/05 21:18:55 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/05/05 21:18:55 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/05/05 21:18:55 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/05/05 21:18:55 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/05/05 21:18:55 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/05/05 21:18:55 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/05/05 21:18:55 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/05/05 21:18:55 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/05/05 21:18:55 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/05/05 21:18:55 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/05/05 21:18:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/05/05 21:18:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/05/05 21:18:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/05/05 21:18:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/05/05 21:18:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/05/05 21:18:55 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/05/05 21:18:55 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/05/05 21:18:55 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/05/05 21:18:55 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/05/05 21:18:55 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/05/05 21:18:55 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/05/05 21:18:55 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/05/05 21:18:55 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/05/05 21:18:55 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/05/05 21:18:55 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/05/05 21:18:55 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011/05/05 21:18:55 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/05/05 21:18:55 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/05/05 21:18:55 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/05/05 21:18:55 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/05/05 21:18:55 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/05/05 21:18:55 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/05/05 21:18:55 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/05/05 21:18:55 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/05/05 21:18:55 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/05/05 21:18:55 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/05/05 21:18:55 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/05/05 21:18:54 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/05/05 21:18:54 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/05/05 21:18:54 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/05/05 21:18:54 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/05/05 21:18:54 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/05/05 21:18:54 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/05/05 21:18:54 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/05/05 21:18:54 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/05/05 21:18:54 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/05/05 21:18:54 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/05/05 21:18:54 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/05/05 21:18:54 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/05/05 21:18:54 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/05/05 21:18:54 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/05/05 21:18:54 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/05/05 21:18:54 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/05/05 21:18:54 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/05/05 21:18:54 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/05/05 21:18:54 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/05/05 21:18:54 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/05/05 21:18:54 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/05/05 21:18:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011/05/05 21:18:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/05/05 21:18:54 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/05/05 21:18:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/17 15:00:46 | 000,000,942 | ---- | M] () -- C:\Users\Frédéric\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2011/04/13 10:27:16 | 000,440,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/04/13 09:52:03 | 001,570,666 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/04/13 09:52:03 | 000,704,242 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/04/13 09:52:03 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/04/13 09:52:03 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/04/13 09:52:03 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat ========== Files Created - No Company Name ========== [2011/05/10 13:39:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/10 10:46:10 | 000,879,028 | ---- | C] () -- C:\Users\Frédéric\Desktop\SecurityCheck.exe [2011/05/06 17:14:43 | 000,000,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011/05/05 21:18:55 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011/05/05 21:18:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011/03/25 14:54:40 | 000,046,742 | ---- | C] () -- C:\Users\Frédéric\AppData\Roaming\room.dat [2010/11/28 16:49:24 | 000,048,471 | ---- | C] () -- C:\Windows\SysWow64\ForceBindIP-Uninstaller.exe [2010/11/27 13:43:27 | 000,031,980 | ---- | C] () -- C:\Windows\scunin.dat [2010/11/21 00:27:00 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/11/08 11:54:03 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2010/11/05 21:44:48 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat [2010/11/02 22:40:01 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL [2010/09/24 23:41:07 | 000,048,518 | ---- | C] () -- C:\Windows\SysWow64\nglide_uninst.exe [2010/08/29 13:08:03 | 000,081,673 | ---- | C] () -- C:\Windows\War3Unin.dat [2010/08/27 18:58:51 | 000,019,456 | ---- | C] () -- C:\Users\Frédéric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/27 11:09:25 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2010/08/26 15:27:52 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2010/08/26 15:27:52 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2010/08/26 15:27:52 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2010/08/26 15:15:52 | 000,036,573 | ---- | C] () -- C:\Windows\DIIUnin.dat [2010/08/25 23:01:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010/07/26 10:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/07/09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010/07/06 14:11:44 | 001,290,240 | ---- | C] () -- C:\Windows\SysWow64\glide3x.dll [2010/06/23 12:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010/06/23 12:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010/05/08 17:38:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\nglide_config.exe [2009/10/20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009/09/17 13:26:52 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\ForceBindIP.exe [2009/08/16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009/08/03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2009/07/13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009/07/13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2009/07/13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/10/13 05:43:07 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011/04/10 15:29:23 | 000,001,351 | ---- | M] () -- C:\colorbox.log [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2011/05/10 10:29:07 | 2146,807,807 | -HS- | M] () -- C:\hiberfil.sys [2007/11/07 08:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007/11/07 08:44:20 | 000,075,280 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007/11/07 08:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007/11/07 08:44:20 | 000,090,128 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007/11/07 08:44:20 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007/11/07 08:44:20 | 000,094,224 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007/11/07 08:44:20 | 000,080,400 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007/11/07 08:44:20 | 000,078,864 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007/11/07 08:44:20 | 000,074,768 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007/11/07 08:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2006/12/02 08:37:14 | 000,904,704 | -H-- | M] (Microsoft Corporation) -- C:\msdia80.dll [2011/05/10 10:29:15 | 4294,066,175 | -HS- | M] () -- C:\pagefile.sys [2011/05/07 21:50:48 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET [2011/05/10 13:39:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2010/02/22 20:54:30 | 000,002,035 | ---- | M] () -- C:\RHDSetup.log [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007/11/07 08:50:40 | 001,927,956 | ---- | M] () -- C:\VC_RED.cab [2007/11/07 08:53:12 | 000,242,176 | ---- | M] () -- C:\VC_RED.MSI < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:05EE1EEF < End of report >
  6. fredorp59
    Bonjour, Voici le rapport de Malwarebytes' Anti-Malware et de Security Check. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6543 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 10/05/2011 11:52:24 mbam-log-2011-05-10 (11-52-24).txt Type d'examen: Examen rapide Elément(s) analysé(s): 159683 Temps écoulé: 3 minute(s), 22 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ------------------------------------------------------- et Security Check : Results of screen317's Security Check version 0.99.7 Windows 7 (UAC is disabled!) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 23 Out of date Java installed! Adobe Flash Player 10.2.159.1 Adobe Reader 9.1 MUI Out of date Adobe Reader installed! Mozilla Firefox (x86 fr..) Firefox Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log```````````` Rien d'anormal dans ses deux analyse à part qu'Avira Antivir à détecté des virus que j'avais mit en quarantaine et que j'ai vidé la quarantaine avant de faire ses analyse.
  7. fredorp59
    Bonjour, Je pense qu'on ma oublier ==> PC virale En attente de réponse de votre part.
  8. fredorp59
    Bonjour, je viens vous revoir car je ne suis pas revenu depuis un certain temps et que j'ai de nouveau mon pc infecté (nouveau ordinateur avec windows seven) dont voici le rapport d'avira Antivir : Avira AntiVir Personal Date de création du fichier de rapport : dimanche 8 mai 2011 16:22 La recherche porte sur 2695179 souches de virus. Le programme fonctionne en version intégrale illimitée. Les services en ligne sont disponibles. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Plateforme : Windows 7 x64 Version de Windows : (Service Pack 1) [6.1.7601] Mode Boot : Démarré normalement Identifiant : Frédéric Nom de l'ordinateur : FREDO-PC Informations de version : BUILD.DAT : 10.0.0.135 31823 Bytes 18/04/2011 14:35:00 AVSCAN.EXE : 10.0.4.2 442024 Bytes 28/04/2011 06:33:16 AVSCAN.DLL : 10.0.3.0 56168 Bytes 17/08/2010 12:39:10 LUKE.DLL : 10.0.3.2 104296 Bytes 15/12/2010 08:13:07 LUKERES.DLL : 10.0.0.0 13672 Bytes 17/08/2010 12:39:11 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 06:35:52 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 08:12:59 VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 13:03:35 VBASE003.VDF : 7.11.5.225 1980416 Bytes 07/04/2011 11:46:04 VBASE004.VDF : 7.11.5.226 2048 Bytes 07/04/2011 11:46:04 VBASE005.VDF : 7.11.5.227 2048 Bytes 07/04/2011 11:46:04 VBASE006.VDF : 7.11.5.228 2048 Bytes 07/04/2011 11:46:04 VBASE007.VDF : 7.11.5.229 2048 Bytes 07/04/2011 11:46:05 VBASE008.VDF : 7.11.5.230 2048 Bytes 07/04/2011 11:46:05 VBASE009.VDF : 7.11.5.231 2048 Bytes 07/04/2011 11:46:05 VBASE010.VDF : 7.11.5.232 2048 Bytes 07/04/2011 11:46:05 VBASE011.VDF : 7.11.5.233 2048 Bytes 07/04/2011 11:46:05 VBASE012.VDF : 7.11.5.234 2048 Bytes 07/04/2011 11:46:06 VBASE013.VDF : 7.11.6.28 158208 Bytes 11/04/2011 07:12:53 VBASE014.VDF : 7.11.6.74 116224 Bytes 13/04/2011 07:12:54 VBASE015.VDF : 7.11.6.113 137728 Bytes 14/04/2011 07:12:54 VBASE016.VDF : 7.11.6.150 146944 Bytes 18/04/2011 07:09:55 VBASE017.VDF : 7.11.6.192 138240 Bytes 20/04/2011 08:06:00 VBASE018.VDF : 7.11.6.237 156160 Bytes 22/04/2011 06:42:12 VBASE019.VDF : 7.11.7.45 427520 Bytes 27/04/2011 06:33:16 VBASE020.VDF : 7.11.7.64 192000 Bytes 28/04/2011 07:09:52 VBASE021.VDF : 7.11.7.97 182272 Bytes 02/05/2011 11:19:24 VBASE022.VDF : 7.11.7.127 467968 Bytes 04/05/2011 08:22:14 VBASE023.VDF : 7.11.7.138 2048 Bytes 04/05/2011 08:22:14 VBASE024.VDF : 7.11.7.169 126464 Bytes 06/05/2011 08:22:15 VBASE025.VDF : 7.11.7.170 2048 Bytes 06/05/2011 08:22:15 VBASE026.VDF : 7.11.7.171 2048 Bytes 06/05/2011 08:22:15 VBASE027.VDF : 7.11.7.172 2048 Bytes 06/05/2011 08:22:15 VBASE028.VDF : 7.11.7.173 2048 Bytes 06/05/2011 08:22:15 VBASE029.VDF : 7.11.7.174 2048 Bytes 06/05/2011 08:22:15 VBASE030.VDF : 7.11.7.175 2048 Bytes 06/05/2011 08:22:15 VBASE031.VDF : 7.11.7.176 2048 Bytes 06/05/2011 08:22:15 Version du moteur : 8.2.4.228 AEVDF.DLL : 8.1.2.1 106868 Bytes 26/08/2010 10:45:50 AESCRIPT.DLL : 8.1.3.61 1253754 Bytes 07/05/2011 08:22:20 AESCN.DLL : 8.1.7.2 127349 Bytes 22/11/2010 13:17:46 AESBX.DLL : 8.1.3.2 254324 Bytes 22/11/2010 13:18:03 AERDL.DLL : 8.1.9.9 639347 Bytes 25/03/2011 12:45:36 AEPACK.DLL : 8.2.6.0 549237 Bytes 10/04/2011 07:00:56 AEOFFICE.DLL : 8.1.1.22 205178 Bytes 07/05/2011 08:22:19 AEHEUR.DLL : 8.1.2.113 3494263 Bytes 07/05/2011 08:22:19 AEHELP.DLL : 8.1.16.1 246134 Bytes 04/02/2011 13:09:28 AEGEN.DLL : 8.1.5.4 397684 Bytes 04/04/2011 15:28:17 AEEMU.DLL : 8.1.3.0 393589 Bytes 22/11/2010 13:16:41 AECORE.DLL : 8.1.20.2 196982 Bytes 10/04/2011 07:00:49 AEBB.DLL : 8.1.1.0 53618 Bytes 26/08/2010 10:45:42 AVWINLL.DLL : 10.0.0.0 19304 Bytes 17/08/2010 12:38:56 AVPREF.DLL : 10.0.0.0 44904 Bytes 17/08/2010 12:38:55 AVREP.DLL : 10.0.0.9 174120 Bytes 28/04/2011 06:33:16 AVREG.DLL : 10.0.3.2 53096 Bytes 17/08/2010 12:38:56 AVSCPLR.DLL : 10.0.4.2 84840 Bytes 28/04/2011 06:33:16 AVARKT.DLL : 10.0.22.6 231784 Bytes 15/12/2010 08:13:03 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 17/08/2010 12:38:55 SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:28:02 AVSMTP.DLL : 10.0.0.17 63848 Bytes 17/08/2010 12:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:28:01 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 11/02/2010 00:23:03 RCTEXT.DLL : 10.0.58.0 99688 Bytes 17/08/2010 12:39:11 Configuration pour la recherche actuelle : Nom de la tâche...............................: Sélection manuelle Fichier de configuration......................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\folder.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, D:, E:, F:, G:, H:, I:, J:, K:, L:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: marche Fichier mode de recherche.....................: Sélection de fichiers intelligente Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Types d'archives divergents...................: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, +ISO, Heuristique de macrovirus.....................: marche Heuristique fichier...........................: bas Fichiers à exclure............................: C:\Program Files (x86)\Devolver Digital\Serious Sam HD The First Encounter\Bin\TeknoGods_SamHD.exe, C:\Program Files (x86)\Devolver Digital\Serious Sam HD The First Encounter\Bin\TeknoSam.dll, C:\Program Files (x86)\tkontrole-serveur, C:\Program Files (x86)\tkontrole-serveur\bin\shutdown.exe, D:\fredo_Ancien_Pc\Images CD\Serious sam HD the Second Encounter (FIXFR) par HUYUSTUS\Anti-Valve Steam Memory Patcher 2.4.5\AVSMP.exe, D:\fredo_Ancien_Pc\téléchargements\TeknoSam1.0[hamachifrance.com].rar, D:\PacSteamT\GCFLinkGrabber.exe, D:\Version5, D:\Version5\TeamViewer.exe, D:\Version5\TK\bin\shutdown.exe, Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR, Début de la recherche : dimanche 8 mai 2011 16:22 La recherche d'objets cachés commence. d:\version5\tk\tkontrole-serveur.exe d:\version5\tk\tkontrole-serveur.exe [REMARQUE] Le processus n'est pas visible. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'IEMonitor.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'PMVService.exe' - '1' module(s) sont contrôlés Processus de recherche 'ArcadeDeluxeAgent.exe' - '1' module(s) sont contrôlés Processus de recherche 'EgisUpdate.exe' - '1' module(s) sont contrôlés Processus de recherche 'HotkeyUtility.exe' - '1' module(s) sont contrôlés Processus de recherche 'BackupManagerTray.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsnfier.exe' - '1' module(s) sont contrôlés Processus de recherche 'DTLite.exe' - '1' module(s) sont contrôlés Processus de recherche 'TeaTimer.exe' - '1' module(s) sont contrôlés Processus de recherche 'mwlDaemon.exe' - '1' module(s) sont contrôlés Processus de recherche 'IAAnotif.exe' - '1' module(s) sont contrôlés Processus de recherche 'SDWinSec.exe' - '1' module(s) sont contrôlés Processus de recherche 'IAANTMon.exe' - '1' module(s) sont contrôlés Processus de recherche 'UpdaterService.exe' - '1' module(s) sont contrôlés Processus de recherche 'srvany.exe' - '1' module(s) sont contrôlés Processus de recherche 'IScheduleSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'MWLService.exe' - '1' module(s) sont contrôlés Processus de recherche 'mdm.exe' - '1' module(s) sont contrôlés Processus de recherche 'GregHSRW.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Début du contrôle des fichiers système : Signé -> 'C:\Windows\system32\svchost.exe' Signé -> 'C:\Windows\system32\winlogon.exe' Signé -> 'C:\Windows\explorer.exe' Signé -> 'C:\Windows\system32\smss.exe' Signé -> 'C:\Windows\system32\wininet.DLL' Signé -> 'C:\Windows\system32\wsock32.DLL' Signé -> 'C:\Windows\system32\ws2_32.DLL' Signé -> 'C:\Windows\system32\services.exe' Signé -> 'C:\Windows\system32\lsass.exe' Signé -> 'C:\Windows\system32\csrss.exe' Signé -> 'C:\Windows\system32\drivers\kbdclass.sys' Signé -> 'C:\Windows\system32\spoolsv.exe' Signé -> 'C:\Windows\system32\alg.exe' Signé -> 'C:\Windows\system32\wuauclt.exe' Signé -> 'C:\Windows\system32\advapi32.DLL' Signé -> 'C:\Windows\system32\user32.DLL' Signé -> 'C:\Windows\system32\gdi32.DLL' Signé -> 'C:\Windows\system32\kernel32.DLL' Signé -> 'C:\Windows\system32\ntdll.DLL' Signé -> 'C:\Windows\system32\ntoskrnl.exe' Signé -> 'C:\Windows\system32\ctfmon.exe' Les fichiers système ont été contrôlés ('21' fichiers) La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD5 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'F:\' [iNFO] Aucun support de données inséré dans le lecteur 'F:\' ! Secteur d'amorçage 'G:\' [iNFO] Aucun support de données inséré dans le lecteur 'G:\' ! Secteur d'amorçage 'H:\' [iNFO] Aucun support de données inséré dans le lecteur 'H:\' ! Secteur d'amorçage 'I:\' [iNFO] Aucun support de données inséré dans le lecteur 'I:\' ! Secteur d'amorçage 'J:\' [iNFO] Aucun support de données inséré dans le lecteur 'J:\' ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '1140' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <Acer> C:\Program Files\Starcraft\icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 C:\Program Files\Starcraft\icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo Le répertoire 'C:\Program Files (x86)\tkontrole-serveur\' a été exclu par la recherche ! C:\Users\Frédéric\AppData\Local\Temp\+mj_jjML.rar.part [0] Type d'archive: RAR [RESULTAT] Contient le cheval de Troie TR/Spy.327680.266 --> TeknoSam.dll [RESULTAT] Contient le cheval de Troie TR/Spy.327680.266 D:\fredo_Ancien_Pc\Images CD\Serious sam HD the Second Encounter (FIXFR) par HUYUSTUS.rar [0] Type d'archive: RAR [RESULTAT] Contient le cheval de Troie TR/Spy.38912.46 --> Serious sam HD the Second Encounter (FIXFR) par HUYUSTUS\Anti-Valve Steam Memory Patcher 2.4.5\AVSMP.exe [RESULTAT] Contient le cheval de Troie TR/Spy.38912.46 C:\Users\Frédéric\Downloads\Chaoslauncher.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo C:\Users\Frédéric\Downloads\Chaoslauncher.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo C:\Users\Frédéric\Downloads\Chaoslauncher.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo Recherche débutant dans 'D:\' <DATA> D:\FREDO-PC\Backup Set 2010-11-19 122305\Backup Files 2010-12-05 190001\Backup files 1.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher/icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher/icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo D:\FREDO-PC\Backup Set 2010-11-19 122305\Backup Files 2010-12-05 190001\Backup files 2.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher.zip [1] Type d'archive: ZIP --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo D:\FREDO-PC\Backup Set 2010-12-12 190001\Backup Files 2010-12-12 190001\Backup files 5.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher.zip [1] Type d'archive: ZIP --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo D:\FREDO-PC\Backup Set 2011-01-16 190001\Backup Files 2011-01-16 190001\Backup files 130.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher.zip [1] Type d'archive: ZIP --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo D:\FREDO-PC\Backup Set 2011-01-30 190001\Backup Files 2011-01-30 190001\Backup files 133.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher.zip [1] Type d'archive: ZIP --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo D:\FREDO-PC\Backup Set 2011-02-13 190001\Backup Files 2011-02-13 190001\Backup files 133.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher.zip [1] Type d'archive: ZIP --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo D:\FREDO-PC\Backup Set 2011-04-17 190002\Backup Files 2011-04-17 190002\Backup files 146.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher.zip [1] Type d'archive: ZIP --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo D:\FREDO-PC\Backup Set 2011-05-01 190002\Backup Files 2011-05-01 190002\Backup files 146.zip [0] Type d'archive: ZIP [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> C/Users/Frツdツric/Downloads/Chaoslauncher.zip [1] Type d'archive: ZIP --> icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 --> icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo D:\fredo_Ancien_Pc\Images CD\Serious sam HD the Second Encounter (FIXFR) par HUYUSTUS.rar [0] Type d'archive: RAR [RESULTAT] Contient le cheval de Troie TR/Spy.38912.46 --> Serious sam HD the Second Encounter (FIXFR) par HUYUSTUS\Anti-Valve Steam Memory Patcher 2.4.5\AVSMP.exe [RESULTAT] Contient le cheval de Troie TR/Spy.38912.46 D:\fredo_Ancien_Pc\téléchargements\réseau internet\TBFI-0.8.1.rar [0] Type d'archive: RAR [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen --> TBFI.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen D:\fredo_Ancien_Pc\téléchargements\réseau internet\TBFI-0.8.1\TBFI.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen Le répertoire 'D:\Version5\' a été exclu par la recherche ! Recherche débutant dans 'E:\' Impossible d'ouvrir le chemin à scanner E:\ ! Erreur système [21]: Le périphérique n’est pas prêt. Recherche débutant dans 'F:\' Impossible d'ouvrir le chemin à scanner F:\ ! Erreur système [21]: Le périphérique n’est pas prêt. Recherche débutant dans 'G:\' Impossible d'ouvrir le chemin à scanner G:\ ! Erreur système [21]: Le périphérique n’est pas prêt. Recherche débutant dans 'H:\' Impossible d'ouvrir le chemin à scanner H:\ ! Erreur système [21]: Le périphérique n’est pas prêt. Recherche débutant dans 'I:\' Impossible d'ouvrir le chemin à scanner I:\ ! Erreur système [21]: Le périphérique n’est pas prêt. Recherche débutant dans 'J:\' Impossible d'ouvrir le chemin à scanner J:\ ! Erreur système [21]: Le périphérique n’est pas prêt. Recherche débutant dans 'K:\' Impossible d'ouvrir le chemin à scanner K:\ ! Erreur système [21]: Le périphérique n’est pas prêt. Recherche débutant dans 'L:\' Impossible d'ouvrir le chemin à scanner L:\ ! Erreur système [21]: Le périphérique n’est pas prêt. Début de la désinfection : D:\fredo_Ancien_Pc\téléchargements\réseau internet\TBFI-0.8.1\TBFI.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b7e44a6.qua' ! D:\fredo_Ancien_Pc\téléchargements\réseau internet\TBFI-0.8.1.rar [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '53e96b01.qua' ! D:\FREDO-PC\Backup Set 2011-05-01 190002\Backup Files 2011-05-01 190002\Backup files 146.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '019331c8.qua' ! D:\FREDO-PC\Backup Set 2011-04-17 190002\Backup Files 2011-04-17 190002\Backup files 146.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '67a47e07.qua' ! D:\FREDO-PC\Backup Set 2011-02-13 190001\Backup Files 2011-02-13 190001\Backup files 133.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '22205325.qua' ! D:\FREDO-PC\Backup Set 2011-01-30 190001\Backup Files 2011-01-30 190001\Backup files 133.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '5d3b614e.qua' ! D:\FREDO-PC\Backup Set 2011-01-16 190001\Backup Files 2011-01-16 190001\Backup files 130.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '11834d7c.qua' ! D:\FREDO-PC\Backup Set 2010-12-12 190001\Backup Files 2010-12-12 190001\Backup files 5.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '6d9b0d3b.qua' ! D:\FREDO-PC\Backup Set 2010-11-19 122305\Backup Files 2010-12-05 190001\Backup files 2.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '40c12270.qua' ! D:\FREDO-PC\Backup Set 2010-11-19 122305\Backup Files 2010-12-05 190001\Backup files 1.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '59a919ea.qua' ! C:\Users\Frédéric\Downloads\Chaoslauncher.zip [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '35fb35d3.qua' ! D:\fredo_Ancien_Pc\Images CD\Serious sam HD the Second Encounter (FIXFR) par HUYUSTUS.rar [RESULTAT] Contient le cheval de Troie TR/Spy.38912.46 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '445d0c45.qua' ! C:\Users\Frédéric\AppData\Local\Temp\+mj_jjML.rar.part [RESULTAT] Contient le cheval de Troie TR/Spy.327680.266 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a4f3cba.qua' ! C:\Program Files\Starcraft\icctvp.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.bdo [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '0f7f45c6.qua' ! C:\Program Files\Starcraft\icctv.bwl [RESULTAT] Contient le cheval de Troie TR/Agent.BBG.1 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '0674416d.qua' ! Fin de la recherche : dimanche 8 mai 2011 20:24 Temps nécessaire: 3:03:07 Heure(s) La recherche a été effectuée intégralement 36050 Les répertoires ont été contrôlés 789752 Des fichiers ont été contrôlés 29 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 15 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 0 Impossible de scanner des fichiers 789723 Fichiers non infectés 9644 Les archives ont été contrôlées 0 Avertissements 16 Consignes 103246 Des objets ont été contrôlés lors du Rootkitscan 1 Des objets cachés ont été trouvés A bientôt et merci encore de m'aider. (EhEh comment on se retrouve, vous êtes trop cool pour mes ancienne infections, super)
  9. fredorp59
    Bonjour, up. Est-ce qu'il y a autre chose de suspicieux? a+, garrapotaloto.
  10. fredorp59
    Bonjour, Merci à vous, c'est résolu, j'ai changé la page d'accueil de Mozilla Firefox.....sauf si je dois faire autre chose dans le registre etc.... a+.
  11. fredorp59
    Bonjour, voici le rapport de FoxScan : FoxScan Version 1.1.1 Par Loup blanc - Zebulon.fr Scan lancé le 11/01/2010 à 11:13 Microsoft Windows XP Professionnel Service Pack 3 [version 5.1.2600] Mozilla Firefox version : 3.5.7 (fr) Dossier d'installation : C:\Program Files\Mozilla Firefox ================================================================================ = ---------- Compte utilisateur : Administrateur [session en cours] ================================================================================ = Profil : default Dossier du profil : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\ Pages de démarrage prefs.js : "http://www.daemon-search.com/startpage|http://www.google.fr/" //////////// Configuration \\\\\\\\\\\\\ ======= Profil : default ======= Mise à jour Firefox : Activé Mise à jour des modules complémentaires : Activé Mise à jour des moteurs de recherche : Activé Java : Activé Javascript : Activé Proxy : Pas de Proxy //////////// Modules complémentaires \\\\\\\\\\\\\ ======= Profil : default ======= La notification d'installation des modules complémentaires est activée Nom : Default Dossier : C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\ Etat : actif Nom : Java Console Dossier : C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ Etat : actif Nom : Adblock Plus Dossier : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\ Etat : actif Nom : ChatZilla fr-FR Dossier : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\extensions\{125aa783-ef4f-4515-a804-aa67116fdb43}\ Etat : Inactif Nom : Master Password Timeout Dossier : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\extensions\{96118df2-0d02-4dbc-9ad5-98995dc7d977}\ Etat : actif Nom : Microsoft .NET Framework Assistant Dossier : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ Etat : actif Nom : WOT Dossier : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\ Etat : actif Nom : Secure Login Dossier : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\extensions\secureLogin@blueimp.net\ Etat : actif Nom : FlashGot Dossier : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}\ Etat : actif Nom : Dr.Web anti-virus link checker Dossier : C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}\ Etat : actif Nom : Java Quick Starter Dossier : C:\Program Files\Java\jre6\lib\deploy\jqs\ff\ Etat : actif //////////// Plugins de recherche \\\\\\\\\\\\\ ======= Profil : default ======= Recherche dans "prefs.js" : browser.search.defaultenginename : browser.search.defaulturl : browser.search.selectedEngine : "Live Search" keyword.URL : "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=" keyword.enable : --------- Moteurs de recherche trouvés ------------ + Formulaire de recherche configuré pour le moteur C:\Documents and Settings\Administrateur\Application Data\mozilla\firefox\Profiles\kic6f27h.default\searchplugins\live-search.xml Template : http://search.live.com/results.aspx?q ================================================================================ = ---------- Compte utilisateur : fredo.FRED ================================================================================ = Profil : FRED\Application Data\mozilla\firefox\Profiles\mphk8dq5 Dossier du profil : C:\Documents and Settings\fredo.FRED\Application Data\mozilla\firefox\Profiles\mphk8dq5\ //////////// Configuration \\\\\\\\\\\\\ ======= Profil : FRED\Application Data\mozilla\firefox\Profiles\mphk8dq5 ======= Mise à jour Firefox : Activé Mise à jour des modules complémentaires : Activé Mise à jour des moteurs de recherche : Activé Java : Activé Javascript : Activé Proxy : Pas de Proxy //////////// Modules complémentaires \\\\\\\\\\\\\ ======= Profil : FRED\Application Data\mozilla\firefox\Profiles\mphk8dq5 ======= La notification d'installation des modules complémentaires est activée //////////// Plugins de recherche \\\\\\\\\\\\\ ======= Profil : FRED\Application Data\mozilla\firefox\Profiles\mphk8dq5 ======= Recherche dans "prefs.js" : browser.search.defaultenginename : browser.search.defaulturl : browser.search.selectedEngine : keyword.URL : keyword.enable : --------- Moteurs de recherche trouvés ------------ + Formulaire de recherche configuré pour le moteur ================================================================================ = ---------- Section commune ================================================================================ = //////////// DLL présentes dans C:\Program Files\Mozilla Firefox\components \\\\\\\\\\\\\ browserdirprovider.dll brwsrcmp.dll ------------------------------------------------------ //////////// Plugins de recherche \\\\\\\\\\\\\ --------- Moteurs de recherche trouvés ------------ + Formulaire de recherche configuré pour le moteur C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml Template : http://www.amazon.fr/exec/obidos/external-search/ C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml Template : http://www.cnrtl.fr/lexicographie/{searchTerms} C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml Template : http://www.crawler.com/search/dispatcher.aspx?tp C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml Template : http://rover.ebay.com/rover/1/709-47295-17703-3/4 C:\Program Files\Mozilla Firefox\searchplugins\google.xml Template : http://www.google.com/search C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml Template : http://fr.wikipedia.org/wiki/Special:Recherche C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml Template : http://fr.search.yahoo.com/search ------------------------------------------------------ //////////// Plugins configurés dans la Base de registre \\\\\\\\\\\\\ [HKEY_LOCAL_MACHINE\software\mozillaplugins\@adobe.com/FlashPlayer] "Description"="Adobe® Flash® Player 10" "Vendor"="Adobe Systems Incorporated" "Path"="C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@divx.com/DivX Browser Plugin,version=1.0.0] "Description"="DivX Plus Web Player" "Vendor"="DivX,Inc." "Path"="C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@divx.com/DivX Player Plugin,version=1.0.0] "Description"="DivX® Player Plugin for VOD Content" "Vendor"="DivX,Inc." "Path"="C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@ma-config.com/HardwareDetection] "Description"="Détection de sa configuration" "Vendor"="CybelSoft" "Path"="C:\Program Files\ma-config.com\nphardwaredetection.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@Microsoft.com/NpCtrl,version=1.0] "Description"="Ag Player Plugin" "Vendor"="Microsoft" "Path"="C:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/OfficeLive,version=1.3] "Description"="Office Live Update v1.3" "Vendor"="Microsoft" "Path"="C:\Program Files\Microsoft\Office Live\npOLW.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/OfficeLive,version=1.4] "Description"="Office Live Update v1.4" "Vendor"="Microsoft" "Path"="C:\Program Files\Microsoft\Office Live\npOLW.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/WLPG,version=14.0.8081.0709] "Description"="WLPG Install MIME type" "Vendor"="Microsoft" "Path"="C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/WPF,version=3.5] "Description"="Windows Presentation Foundation plug-in for Mozilla browsers" "Vendor"="Microsoft Corp." "Path"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] "Description"="Yahoo! activeX Plug-in Bridge" "Vendor"="Yahoo" "Path"="C:\Program Files\Yahoo!\Common\npyaxmpb.dll" ------------------------------------------------------ //////////// Recherche additionnelles... \\\\\\\\\\\\\ ==== Extension supplémentaire ==== [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" "jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.7\extensions] =========================== Fin du rapport ===========================
  12. fredorp59
    Et, voici aussi le truc info : Logfile of random's system information tool 1.06 (written by random/random) Run by Administrateur at 2010-01-10 13:57:00 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 10 GB (25%) free of 39 GB Total RAM: 1279 MB (41% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:57:19, on 10/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [s3Trayp] S3trayp.exe O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ulutil2.dll,SetWriteBack O4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Télécharger le site avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1263055377234 O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1190657965562 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1214512375078 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SlimFTPd - Unknown owner - G:\slimftpd\SlimFTPd.exe (file missing) -- End of file - 11954 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\MP Scheduled Scan.job C:\WINDOWS\tasks\User_Feed_Synchronization-{E3D8020F-936A-4463-8BEC-A14BC7DDF9A3}.job C:\WINDOWS\tasks\Wise Registry Cleaner 4.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - E:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-15 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-09-21 53248] "S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2006-10-09 176128] "SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488] "JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864] "36X Raid Configurer"=C:\WINDOWS\system32\JMRaidSetup.exe [2006-11-16 1953792] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480] "nwiz"=nwiz.exe /install [] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-02-26 16125440] "PtiuPbmd"=ulutil2.dll,SetWriteBack [] "Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2007-12-14 524288] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "fsm"= [] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-15 149280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=91000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "E:\JEUX\CONSOLES\emulateurs\super nintendo\zsnesw142\zsnesw.exe"="E:\JEUX\CONSOLES\emulateurs\super nintendo\zsnesw142\zsnesw.exe:*:Enabled:zsnesw" "E:\Programmes\Starcraft\StarCraft.exe"="E:\Programmes\Starcraft\StarCraft.exe:*:Enabled:Starcraft - Brood War" "C:\Program Files\America's Army Deploy Client\AADeployClient.exe"="C:\Program Files\America's Army Deploy Client\AADeployClient.exe:*:Disabled:AADeployClient" "C:\Program Files\win'design\win'design 6.5\PROGRAMMES\Admin.exe"="C:\Program Files\win'design\win'design 6.5\PROGRAMMES\Admin.exe:*:Disabled:Administration" "E:\jeux\TmNationsForever\TmForever.exe"="E:\jeux\TmNationsForever\TmForever.exe:*:Enabled:TmForever" "E:\jeux\TrackMania Nations ESWC\TmNationsESWC.exe"="E:\jeux\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire" "E:\Program Files\UnrealTournament\System\UnrealTournament.exe"="E:\Program Files\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper" "C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "E:\Program Files\Cossacks\crack.exe"="E:\Program Files\Cossacks\crack.exe:*:Enabled:dmcr" "E:\PROGRAMMES\Croteam\serious sam second encounter\serious sam - second contact\Bin\SeriousSam.exe"="E:\PROGRAMMES\Croteam\serious sam second encounter\serious sam - second contact\Bin\SeriousSam.exe:*:Enabled:SeriousSam" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Documents and Settings\fredo.FRED\Local Settings\Application Data\Skype\Phone\Skype.exe"="C:\Documents and Settings\fredo.FRED\Local Settings\Application Data\Skype\Phone\Skype.exe:*:Disabled:Skype " "E:\jeux\CONSOLES\emulateurs\game boy\vbalink 1.73\VisualBoyAdvance.exe"="E:\jeux\CONSOLES\emulateurs\game boy\vbalink 1.73\VisualBoyAdvance.exe:*:Enabled:VisualBoyAdvance emulator" "E:\Program Files\Cossacks\dmcr.exe"="E:\Program Files\Cossacks\dmcr.exe:*:Disabled:dmcr" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-01-10 13:57:00 ----D---- C:\rsit 2010-01-09 18:09:34 ----D---- C:\WINDOWS\NV6120512.TMP 2010-01-09 17:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-09 16:27:41 ----D---- C:\Program Files\CPUID 2010-01-04 16:47:32 ----D---- C:\Program Files\LogMeIn Hamachi 2009-12-29 17:29:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\VBA-M 2009-12-11 23:21:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-11 23:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-11 23:18:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ ======List of files/folders modified in the last 1 months====== 2010-01-10 13:57:06 ----D---- C:\Program Files\trend micro 2010-01-10 13:57:00 ----D---- C:\WINDOWS\Prefetch 2010-01-10 13:56:56 ----D---- C:\WINDOWS\Temp 2010-01-10 10:36:50 ----SHD---- C:\WINDOWS\Installer 2010-01-10 10:36:50 ----D---- C:\Config.Msi 2010-01-10 10:33:22 ----D---- C:\WINDOWS\system32\inetsrv 2010-01-10 10:13:38 ----D---- C:\Program Files\Mozilla Firefox 2010-01-10 10:09:52 ----SD---- C:\WINDOWS\Tasks 2010-01-10 10:08:20 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-10 10:05:17 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-09 21:30:09 ----RASH---- C:\boot.ini 2010-01-09 21:30:09 ----A---- C:\WINDOWS\win.ini 2010-01-09 21:30:09 ----A---- C:\WINDOWS\system.ini 2010-01-09 21:30:06 ----D---- C:\WINDOWS\pss 2010-01-09 21:27:32 ----D---- C:\WINDOWS\system32 2010-01-09 18:52:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-09 18:52:01 ----D---- C:\WINDOWS\system32\drivers 2010-01-09 18:23:48 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2010-01-09 18:23:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype 2010-01-09 18:19:32 ----D---- C:\WINDOWS 2010-01-09 18:18:29 ----D---- C:\WINDOWS\Help 2010-01-09 18:18:26 ----D---- C:\WINDOWS\nview 2010-01-09 18:18:24 ----D---- C:\WINDOWS\AppPatch 2010-01-09 18:13:20 ----D---- C:\Program Files\ma-config.com 2010-01-09 18:13:18 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2010-01-09 18:09:11 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-09 18:08:53 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-01-09 17:43:09 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-09 17:06:04 ----HD---- C:\WINDOWS\inf 2010-01-09 17:03:17 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-09 16:45:08 ----D---- C:\Program Files\Lavalys 2010-01-09 16:27:41 ----RD---- C:\Program Files 2010-01-09 15:53:30 ----D---- C:\WINDOWS\Registration 2010-01-09 14:45:38 ----D---- C:\WINDOWS\Minidump 2010-01-08 16:29:44 ----D---- C:\WINDOWS\Debug 2010-01-06 10:01:07 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2010-01-06 09:58:20 ----D---- C:\Program Files\SpywareBlaster 2010-01-04 11:36:13 ----D---- C:\TEMP 2010-01-03 19:07:37 ----D---- C:\Program Files\CamStudio 2010-01-01 17:08:59 ----D---- C:\Program Files\DAEMON Tools Lite 2009-12-27 16:16:52 ----D---- C:\Program Files\Diablo II 2009-12-27 12:03:00 ----D---- C:\Documents and Settings\Administrateur\Application Data\Software Informer 2009-12-27 11:59:00 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc 2009-12-27 11:57:14 ----D---- C:\Program Files\Notepad++ 2009-12-27 09:53:47 ----D---- C:\Program Files\IZArc 2009-12-20 12:45:30 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss 2009-12-12 08:59:18 ----D---- C:\Program Files\WinRAR 2009-12-11 23:21:34 ----A---- C:\WINDOWS\imsins.BAK 2009-12-11 23:21:12 ----D---- C:\Program Files\Internet Explorer 2009-12-11 23:20:59 ----D---- C:\WINDOWS\ie8updates 2009-12-11 23:20:41 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2009-12-11 23:19:19 ----RSD---- C:\WINDOWS\assembly 2009-12-11 09:19:36 ----D---- C:\Program Files\Spybot - Search & Destroy ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816] R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537] R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-05 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-05 55936] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120] R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624] R3 SISNIC;Pilote de carte Fast Ethernet PCI SiS; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [] S2 Nbf;Protocole NetBEUI; C:\WINDOWS\system32\DRIVERS\nbf.sys [] S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys [] S3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-01 4484608] S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240] S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120] S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344] S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880] S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-27 19968] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] S3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-11-10 634880] S3 SiS7012;Service for AC'97 Sample Driver (WDM); C:\WINDOWS\system32\drivers\sis7012.sys [2004-11-03 267136] S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-27 57856] S4 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089] R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2001-11-22 57344] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568] R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-15 153376] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528] R2 msvsmon80;Débogueur distant Visual Studio 2005; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2006-12-02 2805000] R2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810] S2 SlimFTPd;SlimFTPd; G:\slimftpd\SlimFTPd.exe -service [] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-17 243056] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2007-08-21 69632] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-10-05 3375952] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320] -----------------EOF----------------- a+, garrapotaloto.
  13. fredorp59
    re, ok, voici le log de RSIT : Logfile of random's system information tool 1.06 (written by random/random) Run by Administrateur at 2010-01-10 13:57:00 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 10 GB (25%) free of 39 GB Total RAM: 1279 MB (41% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:57:19, on 10/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [s3Trayp] S3trayp.exe O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ulutil2.dll,SetWriteBack O4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Télécharger le site avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1263055377234 O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1190657965562 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1214512375078 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SlimFTPd - Unknown owner - G:\slimftpd\SlimFTPd.exe (file missing) -- End of file - 11954 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\MP Scheduled Scan.job C:\WINDOWS\tasks\User_Feed_Synchronization-{E3D8020F-936A-4463-8BEC-A14BC7DDF9A3}.job C:\WINDOWS\tasks\Wise Registry Cleaner 4.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - E:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-15 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-09-21 53248] "S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2006-10-09 176128] "SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488] "JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864] "36X Raid Configurer"=C:\WINDOWS\system32\JMRaidSetup.exe [2006-11-16 1953792] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480] "nwiz"=nwiz.exe /install [] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-02-26 16125440] "PtiuPbmd"=ulutil2.dll,SetWriteBack [] "Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2007-12-14 524288] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "fsm"= [] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-15 149280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=91000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "E:\JEUX\CONSOLES\emulateurs\super nintendo\zsnesw142\zsnesw.exe"="E:\JEUX\CONSOLES\emulateurs\super nintendo\zsnesw142\zsnesw.exe:*:Enabled:zsnesw" "E:\Programmes\Starcraft\StarCraft.exe"="E:\Programmes\Starcraft\StarCraft.exe:*:Enabled:Starcraft - Brood War" "C:\Program Files\America's Army Deploy Client\AADeployClient.exe"="C:\Program Files\America's Army Deploy Client\AADeployClient.exe:*:Disabled:AADeployClient" "C:\Program Files\win'design\win'design 6.5\PROGRAMMES\Admin.exe"="C:\Program Files\win'design\win'design 6.5\PROGRAMMES\Admin.exe:*:Disabled:Administration" "E:\jeux\TmNationsForever\TmForever.exe"="E:\jeux\TmNationsForever\TmForever.exe:*:Enabled:TmForever" "E:\jeux\TrackMania Nations ESWC\TmNationsESWC.exe"="E:\jeux\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire" "E:\Program Files\UnrealTournament\System\UnrealTournament.exe"="E:\Program Files\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper" "C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "E:\Program Files\Cossacks\crack.exe"="E:\Program Files\Cossacks\crack.exe:*:Enabled:dmcr" "E:\PROGRAMMES\Croteam\serious sam second encounter\serious sam - second contact\Bin\SeriousSam.exe"="E:\PROGRAMMES\Croteam\serious sam second encounter\serious sam - second contact\Bin\SeriousSam.exe:*:Enabled:SeriousSam" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Documents and Settings\fredo.FRED\Local Settings\Application Data\Skype\Phone\Skype.exe"="C:\Documents and Settings\fredo.FRED\Local Settings\Application Data\Skype\Phone\Skype.exe:*:Disabled:Skype " "E:\jeux\CONSOLES\emulateurs\game boy\vbalink 1.73\VisualBoyAdvance.exe"="E:\jeux\CONSOLES\emulateurs\game boy\vbalink 1.73\VisualBoyAdvance.exe:*:Enabled:VisualBoyAdvance emulator" "E:\Program Files\Cossacks\dmcr.exe"="E:\Program Files\Cossacks\dmcr.exe:*:Disabled:dmcr" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-01-10 13:57:00 ----D---- C:\rsit 2010-01-09 18:09:34 ----D---- C:\WINDOWS\NV6120512.TMP 2010-01-09 17:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-09 16:27:41 ----D---- C:\Program Files\CPUID 2010-01-04 16:47:32 ----D---- C:\Program Files\LogMeIn Hamachi 2009-12-29 17:29:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\VBA-M 2009-12-11 23:21:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-11 23:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-11 23:18:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ ======List of files/folders modified in the last 1 months====== 2010-01-10 13:57:06 ----D---- C:\Program Files\trend micro 2010-01-10 13:57:00 ----D---- C:\WINDOWS\Prefetch 2010-01-10 13:56:56 ----D---- C:\WINDOWS\Temp 2010-01-10 10:36:50 ----SHD---- C:\WINDOWS\Installer 2010-01-10 10:36:50 ----D---- C:\Config.Msi 2010-01-10 10:33:22 ----D---- C:\WINDOWS\system32\inetsrv 2010-01-10 10:13:38 ----D---- C:\Program Files\Mozilla Firefox 2010-01-10 10:09:52 ----SD---- C:\WINDOWS\Tasks 2010-01-10 10:08:20 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-10 10:05:17 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-09 21:30:09 ----RASH---- C:\boot.ini 2010-01-09 21:30:09 ----A---- C:\WINDOWS\win.ini 2010-01-09 21:30:09 ----A---- C:\WINDOWS\system.ini 2010-01-09 21:30:06 ----D---- C:\WINDOWS\pss 2010-01-09 21:27:32 ----D---- C:\WINDOWS\system32 2010-01-09 18:52:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-09 18:52:01 ----D---- C:\WINDOWS\system32\drivers 2010-01-09 18:23:48 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2010-01-09 18:23:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype 2010-01-09 18:19:32 ----D---- C:\WINDOWS 2010-01-09 18:18:29 ----D---- C:\WINDOWS\Help 2010-01-09 18:18:26 ----D---- C:\WINDOWS\nview 2010-01-09 18:18:24 ----D---- C:\WINDOWS\AppPatch 2010-01-09 18:13:20 ----D---- C:\Program Files\ma-config.com 2010-01-09 18:13:18 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2010-01-09 18:09:11 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-09 18:08:53 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-01-09 17:43:09 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-09 17:06:04 ----HD---- C:\WINDOWS\inf 2010-01-09 17:03:17 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-09 16:45:08 ----D---- C:\Program Files\Lavalys 2010-01-09 16:27:41 ----RD---- C:\Program Files 2010-01-09 15:53:30 ----D---- C:\WINDOWS\Registration 2010-01-09 14:45:38 ----D---- C:\WINDOWS\Minidump 2010-01-08 16:29:44 ----D---- C:\WINDOWS\Debug 2010-01-06 10:01:07 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2010-01-06 09:58:20 ----D---- C:\Program Files\SpywareBlaster 2010-01-04 11:36:13 ----D---- C:\TEMP 2010-01-03 19:07:37 ----D---- C:\Program Files\CamStudio 2010-01-01 17:08:59 ----D---- C:\Program Files\DAEMON Tools Lite 2009-12-27 16:16:52 ----D---- C:\Program Files\Diablo II 2009-12-27 12:03:00 ----D---- C:\Documents and Settings\Administrateur\Application Data\Software Informer 2009-12-27 11:59:00 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc 2009-12-27 11:57:14 ----D---- C:\Program Files\Notepad++ 2009-12-27 09:53:47 ----D---- C:\Program Files\IZArc 2009-12-20 12:45:30 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss 2009-12-12 08:59:18 ----D---- C:\Program Files\WinRAR 2009-12-11 23:21:34 ----A---- C:\WINDOWS\imsins.BAK 2009-12-11 23:21:12 ----D---- C:\Program Files\Internet Explorer 2009-12-11 23:20:59 ----D---- C:\WINDOWS\ie8updates 2009-12-11 23:20:41 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2009-12-11 23:19:19 ----RSD---- C:\WINDOWS\assembly 2009-12-11 09:19:36 ----D---- C:\Program Files\Spybot - Search & Destroy ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816] R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537] R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-05 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-05 55936] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120] R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624] R3 SISNIC;Pilote de carte Fast Ethernet PCI SiS; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [] S2 Nbf;Protocole NetBEUI; C:\WINDOWS\system32\DRIVERS\nbf.sys [] S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys [] S3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-01 4484608] S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240] S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120] S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344] S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880] S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-27 19968] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] S3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-11-10 634880] S3 SiS7012;Service for AC'97 Sample Driver (WDM); C:\WINDOWS\system32\drivers\sis7012.sys [2004-11-03 267136] S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-27 57856] S4 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089] R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2001-11-22 57344] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568] R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-15 153376] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528] R2 msvsmon80;Débogueur distant Visual Studio 2005; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2006-12-02 2805000] R2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810] S2 SlimFTPd;SlimFTPd; G:\slimftpd\SlimFTPd.exe -service [] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-17 243056] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2007-08-21 69632] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-10-05 3375952] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320] -----------------EOF-----------------
  14. fredorp59
    Bonjour, up.
  15. fredorp59
    Re, voilà j'ai allégé le lancement du démarrage en conservant que les choses dont j'ai besoin : antivirus, pare-feu, antispyware, le truc pour carte graphique NVIDIA et voilà. Si non, merci de m'aider pour le problème de startpage et s'il y en a d'autres. a+.
  16. fredorp59
    Bonjour, sans le faire exprès, après mise à jour de daemon tools, j'ai installé un mauvais truc car j'ai oublié de le décocher et maintenant dès que j'allume Mozilla Firefox, j'ai ceci au démarrage : http://www.daemon-search.com/startpage. Si non, voici mon rapport HijackThis quand même mais je pense qu'il y a rien d'autre en anomalie : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:08:54, on 09/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe C:\WINDOWS\system32\nvsvc32.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\rundll32.exe E:\Program Files\Dofus\Dofus.exe E:\Program Files\Dofus\dofus.dll C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [s3Trayp] S3trayp.exe O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ulutil2.dll,SetWriteBack O4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Télécharger le site avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1263055377234 O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1190657965562 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1214512375078 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SlimFTPd - Unknown owner - G:\slimftpd\SlimFTPd.exe (file missing) -- End of file - 12612 bytes PS : je suis moins souvent là, oui, oui, je fais attention de plus en plus à ce que fais. Et g^race à vous, j'ai éliminé des problèmes mais bon là j'en ai moins. Merci à vous de pouvoir m'aider à supprimé ce qui à fait que j'ai ceci au démarrage de Firefox. Cordialement, garrapotaloto.
  17. fredorp59
    Re, ok j'essayerais, a+.
  18. fredorp59
    Bonjour, oui je suis sûre de mon jeu : c'est la traduction française de : Serious sam : The Second Encounter sur le site web : Serious sam FR. Puis aussi, quand je clique sur le raccourcit pour lancer le jeu, j'ai mit en mode compatibilité Windows XP ( Service Pack 2) et exécutez en mode administrateur et toujours pareille: "Le programme a cessé de fonctionner" Alors je me suis dit qu'il faudrait peut-être l'installer en mode compatibilité Xp et administrateur en cliquand droit sur le setup.exe. PS: J'aide en faite mon frère qui a Vista. Salutations, Garrapotaloto.
  19. fredorp59
    Bonjour, voila mon problème. J'ai installé le jeu serious sam - second contact et quand je le lance à partir du raccourcit, une bombe apparaît à l'écran, cela est normal, c'est le lancement du jeu. Mais quelque seconde après, un message d'écran apparait : "Rechercher des problème de lancement" puis après "le programme a cessé de fonctionner" Voici ma configuration de l'ordinateur (celui de vista) : Processeur: Mobile AMD Sempron Processor 3500+ 1.80Ghz Mémoire Vive: 2.50 Go de Ram Type du système: Système d'exploitation Vista 32 bits Carte graphique: ATI radéon X1250 Salutation, Fredo.
  20. fredorp59
    Bon, merci pour tout, le problème est résolu. S'il y a un autre problème, je recréerais un nouveau sujet. a+
  21. fredorp59
    Ok, je vais voir sa et te dire quoi après. a+.
  22. fredorp59
    Bonjour, ok, Qu'est-ce que tu me conseillerai alors comme pare-feu à part celui de windows et Online Armor car en anglais? Cordialement, garrapotaloto.
  23. fredorp59
    Merci, sujet résolu..
  24. fredorp59
    Bon voila, j'ai prit Zone Alarm security free firewall. a+
  25. fredorp59
    Bonjour, ok, moi j'aurais pense à Zone Alarme comme pare-feu. a+
×
×
  • Créer...