Aller au contenu

yugm

Membres
  • Compteur de contenus

    61
  • Inscription

  • Dernière visite

À propos de yugm

  • Date de naissance 02/01/1947

Contact Methods

Profile Information

  • Sexe
    Male
  • Localisation
    86400

Autres informations

  • Mes langues
    FR

yugm's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. yugm

    ERREUR 404

    Bjr A priori l'adresse du site est bonne car ds mes favoris depuis longtemps et je suis inscrit à ce site pour consultations journalières de portefeuilles virtuels en bourse.Mon principal souci est de retrouver ces portefeuilles avec la même adresse sans avoir cette erreur 404 qui me bloque tout . Pas de problèmes pour l'instant avec d'autres sites par Google chrome Merci pour une solution guy
  2. Bonjour, Je voudrais savoir comment me débarrasser de ce message « erreur 404 » quand je demande à consulter un site. Ex.: les échos Merci de la réponse. Guy
  3. yugm

    Rétroéclairage faible

    Bjr vieu bison boiteu Si possible une précision concernant ce retroéclairage défectueux :Dans la mesure où l'ecran s'éclaire quand même normalement qques 10emes de secondes au départ et ensuite par appui sur Fn+F6 ,est-ce hard ou soft ??? et l'inverter va t-il me dépanner ?Merci encore de ton attention
  4. yugm

    Rétroéclairage faible

    Bjr à tous .Depuis qques jours je n'ai plus d'écran lisible sur mon portable (acer aspire 8920g ,winsow 7, 64 bits)et suis donc sur écran complementaire de télé par liaison HDMI .Impossible pour moi de rétablir cet écran (seulement en 10eme de seconde au démarrage et par appui sur touche Fn+F6) .Pas de résultat non plus avec restauration sur date antérieure .Merci pour le conseil
  5. yugm

    Adobe Flash Player

    Merci Tonton de ta réponse mais elle ne correspond pas à mon problème car c'est ce que je fais à chaque fois et j'ai bien la confirmation d'une installation réussie .Aprés arrêt de mon pc ,je dois recommencer le téléchargement;as-tu d'autres propositions ?(serai absent ce soir pour 8 jours)
  6. yugm

    Adobe Flash Player

    BJR Je suis en I E 64 bits en Windows 7 avec Orange et à chaque jour pour une demande d'infos vidéo il me faut recharger le flash player.j'arrête le pc tous les soirs et le lendemain au démarrage il a disparu .Pourquoi ?????.Merci d'une réponse (PC portable =ACER type Aspire 8920G)
  7. merci Tonton de la réponse mais le nti ne reconnait pas mes sauvegardes ou trouve fichiers endommagés Je crois que je vais en faire mon deuil Merci encore et peut-être à + tard Salut
  8. Bonjour j'ai donc ce disque dur externe Memup (MEDIADISK LX SERIES)qui me sauvegarde journellement et après un gros probleme du DD de mon PC ,voulant lire cette sauvegarde Vista ne reconnait pas ces fichiers type NBF.Merci de m'indiquer comment m'en sortir
  9. Bonjour lance_yien Depuis maintenant 3 jours ,je suis sur Avast à nouveau et je n'ai plus de messages me coupant la liaison Internet (raison de mon 1er problème),ni les avertissements de chez Avira.Donc tout va bien et on en reste là. Merci encore
  10. Bonjour Ce que je voulais dire ,c'est que j'ai l'impression de tourner en rond depuis que j'ai pris l'AV d'Avira en place d'Avast Sur le dernier point,chaque ligne est un fichier vide et donc pas de scan par Jotti (no file uploaded)et il m'a fallu désactiver Avira pour y accéder Quel est ton avis sur retour à Avast? A+
  11. Bjr A priori ,rien de changer. Vu pour Reader .Voici le rapport Je reviendrai sans doute sur AV d'Avast en espérant mieux Merci quand même pour ta disponibilité OTL logfile created on: 10/05/2011 12:11:59 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\guy\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,44 Gb Total Space | 62,13 Gb Free Space | 55,75% Space Free | Partition Type: NTFS Drive D: | 104,90 Gb Total Space | 76,34 Gb Free Space | 72,77% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 269,61 Gb Free Space | 57,89% Space Free | Partition Type: NTFS Drive G: | 3,76 Gb Total Space | 3,76 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: PC-DE-GUY | User Name: YUG | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/09 10:24:56 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\guy\AppData\Local\Temp\RtkBtMnt.exe PRC - [2011/05/08 12:03:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\guy\Desktop\OTL.exe PRC - [2011/04/29 13:05:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/04/29 13:05:05 | 000,442,024 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe PRC - [2011/04/07 09:00:03 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe PRC - [2011/03/04 14:38:18 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/03/04 14:38:17 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/11/18 20:41:12 | 000,206,120 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe PRC - [2009/09/21 15:02:04 | 003,786,472 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe PRC - [2009/09/21 15:02:00 | 003,451,904 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe PRC - [2009/09/21 15:01:50 | 003,488,768 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe PRC - [2009/09/21 15:01:41 | 003,673,600 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe PRC - [2009/05/20 20:18:32 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008/04/28 13:18:26 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe PRC - [2008/03/11 11:53:54 | 005,296,128 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/03/07 04:36:12 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe PRC - [2008/03/05 11:56:30 | 001,216,512 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe PRC - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008/01/10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe PRC - [2007/12/11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe PRC - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2007/10/03 14:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007/03/27 12:00:32 | 000,196,608 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Acer VCM\acp2HID.exe ========== Modules (SafeList) ========== MOD - [2011/05/08 12:03:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\guy\Desktop\OTL.exe MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/04/29 13:05:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/03/29 15:41:46 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus® SRV - [2011/03/04 14:38:18 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010/06/14 14:39:26 | 001,053,424 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009/09/21 15:01:50 | 003,488,768 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC) SRV - [2009/05/20 20:18:32 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService) SRV - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService) SRV - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service) SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2008/01/10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2007/12/11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) SRV - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel® ========== Driver Services (SafeList) ========== DRV - [2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011/03/04 14:38:47 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/12/24 16:19:56 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/04/01 12:12:30] [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/09/21 15:01:45 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF) DRV - [2009/05/25 12:12:28 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/05/25 12:12:28 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/05/25 12:12:26 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2008/07/08 14:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdm.sys -- (lgmdmdm) DRV - [2008/07/08 14:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM) DRV - [2008/07/08 14:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdobex.sys -- (lgmdobex) DRV - [2008/07/08 14:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM) DRV - [2008/07/08 14:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdfl.sys -- (lgmdmdfl) DRV - [2008/05/08 19:01:44 | 003,552,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/04/27 22:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008/03/21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2008/03/11 13:38:00 | 000,048,128 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E) DRV - [2008/02/29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/01/08 21:10:32 | 002,554,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel® DRV - [2007/12/18 18:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2007/12/16 17:57:20 | 000,075,776 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2006/11/02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 97 04 A8 DC 6A CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: [email protected]:1.7 FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2 [2011/02/28 19:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YUG\AppData\Roaming\mozilla\Extensions [2011/02/28 19:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YUG\AppData\Roaming\mozilla\Extensions\[email protected] [2010/12/18 18:47:43 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected] O1 HOSTS File: ([2011/05/08 19:22:14 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) O4 - HKCU..\Run: [orangeinside] C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (Orange) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [uninstall Adobe Download Manager] C:\Program Files\NOS\bin\getPlusUninst_Adobe.exe (NOS Microsystems Ltd.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html () O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html () O8 - Extra context menu item: envoyer par sms - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html () O8 - Extra context menu item: envoyer un mail - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O8 - Extra context menu item: orange.fr - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html () O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html () O8 - Extra context menu item: traduire la page - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html () O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html () O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011/04/14 22:23:37 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/04/14 22:24:01 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/04/14 22:24:02 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/05/10 11:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011/05/10 11:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS [2011/05/10 11:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\NOS [2011/05/08 19:19:52 | 000,000,000 | ---D | C] -- C:\_OTL [2011/05/02 10:20:08 | 000,000,000 | ---D | C] -- C:\Users\YUG\AppData\Roaming\Malwarebytes [2011/05/02 10:19:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/05/02 10:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/05/02 10:19:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/05/02 10:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/04/29 13:21:34 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2011/04/29 13:21:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2011/04/29 13:17:37 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011/04/15 12:22:43 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011/04/15 12:22:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011/04/15 12:22:37 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011/04/15 12:22:37 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011/04/15 12:22:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011/04/15 12:22:37 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011/04/15 12:22:37 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011/04/15 12:22:37 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011/04/15 12:22:36 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011/04/15 12:22:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011/04/15 12:22:36 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011/04/15 12:22:36 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011/04/15 12:22:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011/04/15 12:22:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011/04/15 12:22:36 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011/04/15 12:22:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011/04/15 12:22:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011/04/15 12:22:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011/04/15 12:22:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011/04/15 12:22:27 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011/04/15 12:22:26 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011/04/15 12:17:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011/04/15 12:12:22 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011/04/15 12:12:15 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011/04/15 12:12:15 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011/04/15 00:06:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011/04/15 00:05:11 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011/04/15 00:05:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011/04/15 00:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011/04/15 00:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011/04/14 22:21:57 | 000,000,000 | ---D | C] -- C:\UsbFix [2011/04/12 00:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011/04/12 00:06:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2011/04/12 00:06:25 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011/04/12 00:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011/04/12 00:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira ========== Files - Modified Within 30 Days ========== [2011/05/10 12:11:51 | 000,000,398 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job [2011/05/10 12:09:55 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/05/10 12:09:55 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/05/10 12:09:55 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/05/10 12:09:55 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/05/10 12:09:11 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/10 12:09:11 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/10 11:16:43 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011/05/10 08:09:28 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011/05/10 08:09:27 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2011/05/10 08:09:09 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2011/05/09 21:13:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011/05/08 19:22:14 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2011/05/08 12:08:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/07 18:48:00 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/05/02 10:19:52 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/16 08:16:36 | 000,316,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/04/12 00:06:38 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011/04/11 21:25:51 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt ========== Files Created - No Company Name ========== [2011/05/10 11:16:43 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011/05/10 11:16:42 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/05/09 10:22:38 | 000,000,398 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job [2011/05/08 12:08:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/02 10:19:52 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/12 00:06:38 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/10/18 11:35:32 | 000,005,056 | ---- | C] () -- C:\ProgramData\drctchbl.xvi [2010/10/18 11:35:32 | 000,004,110 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik [2010/10/08 10:57:42 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010/06/02 02:42:42 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010/04/29 16:12:32 | 000,000,031 | ---- | C] () -- C:\Windows\yesmessenger.ini [2010/04/22 14:56:51 | 000,000,338 | ---- | C] () -- C:\Windows\yes_messenger.ini [2009/10/22 00:57:28 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009/09/24 10:14:18 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2009/09/24 10:14:18 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2009/09/24 10:14:18 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2009/09/24 10:14:18 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2009/09/24 10:14:18 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2009/09/24 10:14:18 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2009/09/24 10:14:18 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2009/09/24 10:14:18 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2009/09/24 10:14:18 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2009/09/24 10:14:18 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2009/09/24 10:14:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2009/09/24 10:14:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2009/09/24 10:14:18 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2009/09/24 10:14:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2009/09/24 10:14:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2009/09/24 10:14:18 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2009/09/24 10:14:18 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2009/09/24 10:14:18 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2009/09/24 10:14:18 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009/09/24 10:09:09 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4000EFDG.ini [2009/09/24 09:25:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/09/24 09:25:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/09/21 17:12:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/09/21 15:47:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/09/21 15:05:51 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009/09/21 15:05:51 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2009/09/21 15:05:51 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2009/09/21 15:02:13 | 001,548,099 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll [2008/05/16 07:50:46 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008/05/16 07:50:46 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008/05/16 07:50:44 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008/05/16 07:50:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008/03/21 13:20:46 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008/03/21 13:20:46 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008/03/21 12:41:33 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll [2008/03/21 12:37:44 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008/03/21 12:33:29 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008/03/21 12:33:29 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2008/03/21 12:32:04 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat [2008/01/21 10:40:50 | 000,679,042 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2008/01/21 10:40:50 | 000,126,626 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2007/11/14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2007/04/24 18:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006/11/02 14:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat [2006/11/02 14:47:37 | 000,316,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005/12/15 06:17:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll < End of report >
  12. Encore moi,Bonjour Cette fois ça marche ,mais j'ai encore eu l'avertissement d'Avira après le redémarrage Pour le rapport ,en fait en ouvrant OTL ce matin il me donne un rapport du 8/05.Je te poste donc les 2 au cas ou... Merci et A+ Rapport du8/05 All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ deleted successfully. C:\Program Files\Avanquest_FR\prxtbAva0.dll moved successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{AEEC3B59-CA98-4EBA-A140-57B94E283583} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEEC3B59-CA98-4EBA-A140-57B94E283583}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast5 deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\orange.fr\logicielsgratuits\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found. File E:\Viewer.exe not found. C:\Windows\Tasks\Registry Winner Schedule.job moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\Windows\Tasks\Registry Reviver-YUG-Startup.job moved successfully. C:\Windows\Tasks\Registry_Doktor.job moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de r‚solution DNS vid‚. C:\Users\guy\Desktop\cmd.bat deleted successfully. C:\Users\guy\Desktop\cmd.txt deleted successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\WINDOWS\tasks\SyncBack GUY.job moved successfully. C:\WINDOWS\tasks\User_Feed_Synchronization-{29B4A4A2-E71F-4BB3-91D7-16A36EE731FF}.job moved successfully. C:\WINDOWS\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job moved successfully. File\Folder C:\*.sqm not found. File\Folder C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. File\Folder C:\Program Files\ConduitEngine not found. File\Folder C:\Windows\tasks\Registry Winner Schedule.job not found. File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found. File\Folder C:\Windows\tasks\Registry Reviver-YUG-Startup.job not found. File\Folder C:\Windows\tasks\Registry_Doktor.job not found. ========== COMMANDS ========== [EMPTYTEMP] User: admin User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: guy ->Temp folder emptied: 2899966 bytes ->Temporary Internet Files folder emptied: 45739941 bytes ->Java cache emptied: 73183770 bytes ->Google Chrome cache emptied: 6116979 bytes ->Flash cache emptied: 9700 bytes User: Public User: YUG ->Temp folder emptied: 75461022 bytes ->Temporary Internet Files folder emptied: 24907649 bytes ->Java cache emptied: 73470106 bytes ->Flash cache emptied: 635 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 42652886 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 8393932 bytes Total Files Cleaned = 337,00 mb [EMPTYFLASH] User: admin User: Administrator User: All Users User: Default User: Default User User: guy ->Flash cache emptied: 0 bytes User: Public User: YUG ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 05082011_191952 Files\Folders moved on Reboot... File\Folder C:\Users\guy\AppData\Local\Temp\~DF3FCB.tmp not found! File\Folder C:\Users\guy\AppData\Local\Temp\~DF3FDB.tmp not found! File\Folder C:\Users\guy\AppData\Local\Temp\~DFAD2F.tmp not found! File\Folder C:\Users\guy\AppData\Local\Temp\~DFAD4A.tmp not found! File\Folder C:\Users\guy\AppData\Local\Temp\~DFAD8A.tmp not found! File\Folder C:\Users\guy\AppData\Local\Temp\~DFAE12.tmp not found! File\Folder C:\Users\guy\AppData\Local\Temp\~DFB475.tmp not found! File\Folder C:\Users\guy\AppData\Local\Temp\~DFB56F.tmp not found! C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KVRUY0XL\read[1].html moved successfully. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KVRUY0XL\st[1] moved successfully. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G4TIYV7H\ban_home_728x90[1].htm moved successfully. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9VLK57V7\AP_ADV_728x90[1].htm moved successfully. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4H3SATYI\sendConfirmationReading_frame[1].html moved successfully. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\23VLMH18\read_unread_iframe[1].htm moved successfully. File move failed. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\07GBO19P\=;var41;u=id=4TNIUGYJhkmWVL4VM_6uqg%7C1=5%7C2=1%7C3=86400%7C4=9%7C21=5%7C22=1%7C23=1%7C24=1%7C25=2%7C26=86078%7C8=0%7C9=0%7C10=0%7C%7C;;ord=7636669132966258[1].htm scheduled to be moved on reboot. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\07GBO19P\afr[3].htm moved successfully. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\07GBO19P\logiciel-malveillant-bloque-par-avast-t184609[1].htm moved successfully. File move failed. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be moved on reboot. Registry entries deleted on Reboot... Rapport du 9/05 All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{AEEC3B59-CA98-4EBA-A140-57B94E283583} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEEC3B59-CA98-4EBA-A140-57B94E283583}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}\ not found. File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast5 not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ not found. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\orange.fr\logicielsgratuits\ not found. File not found. File not found. File not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found. File E:\Viewer.exe not found. File C:\Windows\tasks\Registry Winner Schedule.job not found. File C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found. File C:\Windows\tasks\Registry Reviver-YUG-Startup.job not found. File C:\Windows\tasks\Registry_Doktor.job not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== C:\WINDOWS\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job moved successfully. File\Folder C:\*.sqm not found. File\Folder C:\Program Files\Avanquest_FR\prxtbAva0.dll not found. File\Folder C:\Program Files\ConduitEngine not found. File\Folder C:\Windows\tasks\Registry Winner Schedule.job not found. File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found. File\Folder C:\Windows\tasks\Registry Reviver-YUG-Startup.job not found. File\Folder C:\Windows\tasks\Registry_Doktor.job not found. Folder move failed. C:\autorun.inf scheduled to be moved on reboot. Folder move failed. D:\autorun.inf scheduled to be moved on reboot. Folder move failed. F:\autorun.inf scheduled to be moved on reboot. ========== COMMANDS ========== [EMPTYTEMP] User: admin User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: guy ->Temp folder emptied: 911366 bytes ->Temporary Internet Files folder emptied: 21425924 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 750 bytes User: Public User: YUG ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 108 bytes Total Files Cleaned = 21,00 mb [EMPTYFLASH] User: admin User: Administrator User: All Users User: Default User: Default User User: guy ->Flash cache emptied: 0 bytes User: Public User: YUG ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 05092011_102054
  13. Bonsoir lance_yien Problèmes:en 1 suppression de conduitengine:vu en partie car impossible de le supprimer en F mon disque externe de sauvegarde en 2-plantage au redémarrage après la correction faite (conseillé :avec démarrage système=arrêt après 2 à 3 mn sur 2 tentatives (grrrr)puis démarrage normal= ouf!ça marche)par contre je n'ai pas de rapport et j'hésite de reprendre le processus Et j'ai tjrs par moment l'avertissement d'Avira :Autorun.inf bloqué pour sécurité soit sur C ou F..... Merci de me donner la marche à suivre sans me planter A +
  14. et le 2éme Merci encore OTL Extras logfile created on: 08/05/2011 12:05:06 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\guy\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 39,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,44 Gb Total Space | 61,34 Gb Free Space | 55,04% Space Free | Partition Type: NTFS Drive D: | 104,90 Gb Total Space | 76,98 Gb Free Space | 73,38% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 273,37 Gb Free Space | 58,69% Space Free | Partition Type: NTFS Drive G: | 3,76 Gb Total Space | 3,76 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: PC-DE-GUY | User Name: YUG | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.) "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06291F09-D425-424F-AD68-0115C6175234}" = lport=10243 | protocol=6 | dir=in | app=system | "{07F0F635-A5F7-42AA-BAEE-AEE194356750}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | "{09077A62-5D1F-4535-84E9-F23F17D14F4E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{15C41F86-12B3-47DD-AA1C-70ECE54601A3}" = lport=445 | protocol=6 | dir=in | app=system | "{160CB322-9922-44D9-99B2-07A2EC128EEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1EACBE9B-4FCB-45C9-B524-805163347ABE}" = rport=139 | protocol=6 | dir=out | app=system | "{1FCA295C-9058-4BAE-BEAC-EB279E4DFD4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{22295743-653A-4C6A-A574-3950B73E15CE}" = rport=2869 | protocol=6 | dir=out | app=system | "{226801C5-CF4C-467E-9C6E-4CE332353902}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | "{2E666031-E16E-401F-8EB1-9CCA40B5C696}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2EEEA81E-6A1C-4096-8FAC-5E76E5C9B756}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{33420BE6-7469-46E1-BA1C-23BF6557497E}" = lport=445 | protocol=6 | dir=in | app=system | "{350D0667-E6A4-4A44-A683-E0CC186E4047}" = lport=2869 | protocol=6 | dir=in | app=system | "{3A2DFB28-5786-4C1C-9963-F8944A6BE23D}" = rport=138 | protocol=17 | dir=out | app=system | "{42160FD8-393F-4C08-B299-A8A6640E6298}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{45414DAC-67F8-49BB-89B6-BAF942390688}" = lport=3390 | protocol=6 | dir=in | app=system | "{45C0E7D4-B839-442A-B872-B66D6AF52557}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{47194D16-7474-49A4-9CCB-5854174B9A18}" = rport=10243 | protocol=6 | dir=out | app=system | "{56D9CDF5-AEE7-41BE-B7BA-3FE0DD614B4B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{58160860-0702-41D3-A527-388226CABEF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5D630B31-6414-4A20-98F4-C098B0CBD64F}" = lport=137 | protocol=17 | dir=in | app=system | "{61FC7F18-37B0-4C22-8B17-57F0452C5720}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{65F169CD-41D6-407B-9BA0-432388EB07A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{6FF6A7FB-B43C-411F-8C8F-CCE9C1B98EE4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{786EB93B-F57E-4934-A1A2-70341D7B1D60}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{78BFDD3A-1FC3-41B4-9A32-8A8B165E38DB}" = rport=10244 | protocol=6 | dir=out | app=system | "{7A4DD3C6-10AE-445F-90D7-AF0490CD9DDA}" = lport=138 | protocol=17 | dir=in | app=system | "{7FC25EC1-80F3-498E-AEFB-615E2E04B70F}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe | "{84975B36-9040-4290-ABFD-61A6D4345BAF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | "{8B9D35F9-73A1-4B71-A5B8-F76E19D31B34}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{9010076C-2663-4562-BD9D-BD7F66D4A35A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{92E1A326-E442-4199-BCDD-8A8A0323DC81}" = lport=139 | protocol=6 | dir=in | app=system | "{93F5E78E-DA61-4C1E-8295-025C5F5FF366}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{94A14E1E-CADF-4FC0-8800-4970A5A780F4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{9F82DED6-2FD7-4218-92F2-AB8248E110EB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{9FED5E8A-56CE-47E3-A4D4-4955887A8EF2}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | "{A0CD45B5-5039-4453-B6DA-1E17C56525C9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{A4631AD5-C8C2-4552-B19F-9D704F961743}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe | "{A4AA5BCE-6580-44F3-AD57-6C38188337C0}" = rport=137 | protocol=17 | dir=out | app=system | "{A9B35ECB-9E8D-41DA-BA70-AFC30103EC44}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{AA5C105C-C542-4F5C-8A51-7DBC9A8AC022}" = lport=2869 | protocol=6 | dir=in | app=system | "{AC0F92F3-2177-4679-89A4-12EA0A8C1946}" = lport=10244 | protocol=6 | dir=in | app=system | "{AE1C84F5-EB32-4A87-8F1A-2BCEA0A439A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B88FCAD9-BA68-4C6A-B2FD-C8F7510FF29C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{BFBE1358-1D0E-4522-B1BB-4541DFCB0E30}" = lport=445 | protocol=6 | dir=in | app=system | "{C2FBC7DB-F52E-4D00-A6EE-3BC685C72B42}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe | "{C7CF4DA9-8029-4695-9095-73A13FBEC617}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{C83DF4B2-EDC8-4FD1-84E4-E367A1FF04F7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{CA6E7BD0-6985-41E5-8F73-47B6FED652BD}" = lport=5985 | protocol=6 | dir=in | app=system | "{DBBC8AC2-EDF3-41AC-8CAE-665963E3E744}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe | "{E50A982D-0696-4CD8-8949-89F44793E7AC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{E5A5B9D1-A109-4B79-BD7E-D12EF7D84F42}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe | "{E73E95B1-935A-4761-B297-DF8D378D0B09}" = rport=445 | protocol=6 | dir=out | app=system | "{E772BAE5-7D6C-41D2-8D53-D5FC0F847E61}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{EAA90862-B5F6-4F7F-94D4-13F7802DA836}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | "{F012488C-5D7D-48B8-8E54-9CE5321B0D85}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{F317F26B-B183-4F3D-B30D-5A5399A95A61}" = lport=80 | protocol=6 | dir=in | [email protected],-50 | "{FBA5A2D9-020D-4693-8950-E7DA569501B0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{FC73AFF0-3005-45BD-A7BD-D97EBE165161}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe | "{FD2A158A-F0B4-4FA7-904C-CD3C6A22415B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{FD47ACAD-686C-4308-91FB-501926699E47}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{FE98DB72-C91F-4C1C-84CD-EDD390393199}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0316ECE0-8979-471B-B681-8F812151A41A}" = protocol=6 | dir=out | app=system | "{0532BA36-B605-4087-BEC0-7CABBAD9810F}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | "{0561FF07-60F9-412E-9804-A89F454622AD}" = protocol=1 | dir=out | [email protected],-28544 | "{06C2FCFC-DE5D-423D-A253-17F8F234A43A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe | "{0BDB4EFA-D7E1-4205-B95E-2094C77804F4}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe | "{0C44DDF6-5CBA-462B-980C-92EA32E88C16}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{1285865A-F82F-47E8-AC5F-DFB1BF1A4F4E}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe | "{12D2DCD0-6D87-4AFE-A0A8-96C7090CB98E}" = protocol=6 | dir=in | app=c:\program files\orange\orangeupdate\service\oucore.exe | "{169FAD64-6C6C-42C4-9B6F-2D1753F471DF}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | "{17BB2075-0344-4064-8EC0-90F3D2BAACDA}" = protocol=6 | dir=out | app=system | "{17CD2994-6FBC-4BA5-9036-42C9DDE86993}" = protocol=58 | dir=in | [email protected],-28545 | "{19B74D63-7980-458C-B2F1-04E30F0DB515}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{1E886B77-0757-47A0-9AEB-B6671BC7E17A}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | "{22CA5593-AA1A-4E4C-BD54-1EF276B23D2B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{237BEDA4-D306-4DFF-9CEB-D5FC2775ACEA}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{24398DC6-2730-49BF-9658-86FF293D787F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{281681F8-07D3-4362-A8BC-30A45B40D85B}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | "{2894340D-95A6-4216-9561-E44710AF5772}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{351D3FE6-4025-4B8B-BBD7-8C489F430654}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | "{37F3F3FA-D7D5-4D15-9ED0-36003DFF4DC2}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe | "{417C682D-E65A-4FE5-960B-7EE60ADC0C46}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe | "{47BF15BC-29DF-4BE5-A1D6-7D52783DBEE8}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{4954DC36-416E-416E-90D7-290BC6881B56}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{4EE59E44-DEF4-4DF4-B6D0-8F43AD2A7930}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe | "{508AA1EB-3DF5-489C-9C21-B84987DCC58D}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | "{55628189-9484-4DA9-8DCB-C5E528FDE4EE}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe | "{562161D5-6ADE-44C2-BF3F-E68B1BB48BB5}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{5E38C0A7-7502-4D39-B1CA-BC4B35A3AC38}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{62B21C4E-EF6B-4839-93CF-F820AF071C44}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{6C3511D7-6B18-400B-A2DF-80AE98E7EC05}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{7761C3C4-D541-4278-BF2F-B7F17733E222}" = protocol=58 | dir=out | [email protected],-28546 | "{79917CB4-A3DC-4145-9B30-B2EEFBCFA4B4}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe | "{7BD48571-1985-4162-804A-70344C44FE82}" = protocol=58 | dir=in | [email protected],-148 | "{7BDD7D71-A30C-4688-B4E6-F0E820DDE2FA}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{8046314B-E16E-434A-9543-74D2569D908F}" = protocol=6 | dir=out | app=c:\windows\system32\msra.exe | "{8DA87909-1116-4839-8426-963F226C5569}" = protocol=17 | dir=in | app=c:\program files\orange\orangeupdate\service\oucore.exe | "{90333D8B-5613-4799-8711-0A6C6EE7D7BA}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe | "{95039699-F173-4BD4-8E0F-6EC17142C8B4}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | "{A111E818-2932-45CF-9513-5F8E30BA71E0}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{A465919E-5CB5-4168-976A-BC2A1C89271A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{BDDE3185-4301-4BC7-84A3-E3F720F83226}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{BFD9C540-A9E9-41C3-8CBF-2DB2E6D7B843}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{D00D0839-8061-4669-889D-EA886FCEC735}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe | "{D02C830D-A5A3-42CA-AB0C-64574576A721}" = protocol=6 | dir=in | app=c:\program files\microsoft works\wksss.exe | "{D6459749-6CF2-4A77-86C7-93C2A113CC75}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{DA51C2EB-E87D-49AA-A70B-EA1ABEA2048E}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{E1AC2556-362D-476A-954A-9D1A9ED428E1}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe | "{E702CAD2-48EF-464C-8344-A624A885A95D}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe | "{E9EA1E12-86FE-4769-B649-C29C542E2737}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | "{EDF0518D-9E51-442A-916B-51E85D5BE5CC}" = protocol=17 | dir=in | app=c:\program files\microsoft works\wksss.exe | "{EE5CDDDD-2660-49AD-807E-17179F331E5A}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{EFE4943A-A44D-4155-9C86-0659C9066805}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe | "{F00E00D7-6611-4B86-BA3E-352C76FD90D8}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{F36D27AD-D586-4554-8C09-1864607257EA}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | "{FCCF3647-3FCB-44C8-BAE8-FF9F7D14C3E9}" = protocol=1 | dir=in | [email protected],-28543 | "TCP Query User{13D7F936-6699-4059-BC56-8BADA2E4CC91}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "TCP Query User{3DA929C9-52E5-4524-BD4F-F5B07396B472}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{646C4F52-3D95-4463-8751-8B67074FD9B0}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{E8EBBDC4-514F-405C-9F09-85F9E13BBA4B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{0E3551A1-C681-40F4-812C-9F9CE4004C79}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{2E1AA533-41E3-499A-8EFA-63F5AA2DADE4}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{4B745E1F-3EDF-43B3-91AC-F97776C2B390}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "UDP Query User{D27D7894-AE05-4ACA-90A9-FB5AFE97864F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01C08A7D-4CCD-41F8-B020-4B4BB8C08C68}" = Catalyst Control Center - Branding "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5000 "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{0A1984C3-5036-5B5F-F18E-16453EF5A6E1}" = Catalyst Control Center Localization Swedish "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool "{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management "{155BBB23-C7A5-223C-3B33-289089D6E0A2}" = Catalyst Control Center Localization Finnish "{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19B4BDE9-0F2B-44FF-FDC4-987E1B33D03C}" = CCC Help English "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{24F149E4-D897-9046-48A5-87CD67F81865}" = CCC Help Polish "{25C1AF96-1F59-A1CE-3135-B38AFAA5C614}" = CCC Help Czech "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 24 "{26E2E4FB-F26A-549E-5496-14BAE4E2BA67}" = Catalyst Control Center Graphics Full Existing "{27B7371A-7AA2-CC5B-6377-72161660F0BE}" = CCC Help Chinese Traditional "{29F3D466-E05F-CBB6-63E9-01C85C083FCD}" = CCC Help French "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2CB2E1AE-B62A-3F43-9DD0-EF73467977AC}" = Catalyst Control Center Localization Hungarian "{30BDD0BE-6A51-6DDD-197D-EFCE3B0EF79D}" = CCC Help German "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0 "{358C26F2-5B99-A7E9-18CF-2AE6BC97289B}" = Catalyst Control Center Localization Czech "{3C277F75-605E-BFFE-4F87-27709C92370C}" = Catalyst Control Center Localization Portuguese "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BD4AA8B-3C63-26AB-1CA3-010475A9EA72}" = CCC Help Portuguese "{5262BAD6-5AB7-1490-A65C-D06368F07FF1}" = Catalyst Control Center Localization Italian "{53F44183-B716-8D7D-053E-CB8039B38E74}" = CCC Help Hungarian "{5539EBB1-4BB9-21E5-921B-16E8886639D3}" = Catalyst Control Center Localization Chinese Traditional "{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software "{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{59996900-0E6C-45B7-8C39-C64CB98462E4}" = Microsoft Web Platform Installer 2.0 "{5A89D38C-B9FE-ECFF-B90E-B9DEC8C8F2D8}" = Catalyst Control Center Localization Greek "{5B1519C1-265C-C636-C414-F1E150B4F0AA}" = CCC Help Turkish "{6184B5A4-1355-A8D6-CE24-8F7EE887CBF3}" = CCC Help Norwegian "{650BDC60-79C7-383B-2E9C-B8FF3909A127}" = Catalyst Control Center Localization Spanish "{653F6FEA-643C-457F-774A-64D4DAAE1028}" = Catalyst Control Center Graphics Previews Vista "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{790DA23A-126B-91A9-FAB7-13EF66724253}" = CCC Help Swedish "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7DBDAAAB-8639-B59D-798A-32458B7380F9}" = Catalyst Control Center Localization Norwegian "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7E96828D-B970-B1A9-3D9F-7EC3624785D0}" = Catalyst Control Center Localization German "{7ECBF19A-78EC-1665-7E1C-B3E92B07F7CC}" = CCC Help Japanese "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{80C1F369-F876-3D19-7816-B7800E7A6961}" = CCC Help Greek "{827CFE4D-8687-9E1E-0A72-587BFF0B0D3A}" = CCC Help Thai "{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1" = VSO Image Resizer 4.0.0.42 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.2 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AF60AF6-B109-D3A4-4367-B3620CBA37A7}" = CCC Help Finnish "{9ED61802-0F47-F846-FA23-67CE3E4BD427}" = CCC Help Italian "{A047FE02-C91C-41CB-898C-4ED21B86025A}" = ToolbarFR "{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management "{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.5 "{A79CB508-2DD7-F717-8787-C6382C274082}" = Catalyst Control Center Graphics Light "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AACF5D06-EF3A-1941-3492-1E60589CA444}" = ccc-utility "{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.3 - Français "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AE2C968B-8A14-ABA2-D742-14E575104BCD}" = Catalyst Control Center Localization Korean "{B6988D5B-4325-F1F7-B0E5-C4CCCD01E6B8}" = Catalyst Control Center Localization Thai "{B734B040-25BB-02CA-39BD-FD6D070EDDAB}" = Catalyst Control Center Localization Danish "{B86EE516-7CB4-E4C3-8382-010D4F2807F5}" = CCC Help Korean "{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER "{BB01F512-272A-3C70-DA60-884C8BBC39DD}" = Catalyst Control Center Localization Chinese Standard "{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}" = EPSON Easy Photo Print "{BCB0CE1E-7510-3948-4834-99BBA689CF62}" = Catalyst Control Center Core Implementation "{BD5106DF-C061-5736-F1A5-F114BAA63759}" = CCC Help Russian "{C03A43DF-CEE0-6D82-D2D3-781CCE1FC24E}" = Catalyst Control Center Localization Japanese "{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III "{C2EBC2F1-B766-4AE3-A10C-6EBBC1EE3B02}" = Logiciel de Synchronisation Orange "{C6754E95-9700-45AB-A6C5-668F5F449E27}" = LG Bluetooth Driver "{C76DAFAE-5E59-44AB-2764-70BC79E0D4B2}" = Skins "{C8256DAF-828E-7E91-FB83-D900AA8E3C86}" = CCC Help Danish "{C9429012-1CBE-E0CA-0955-CC53E0F2115F}" = CCC Help Chinese Standard "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB9B619A-EEA1-BFAB-6CA5-1FC655E2A0DA}" = Catalyst Control Center Localization Turkish "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D013644E-F890-49A4-0DE9-8E4BBD18A406}" = ATI Catalyst Install Manager "{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.2.0" = Orange Installeur version 1.2.2.0 "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{D7C49EC6-4DEA-7A7A-860D-78D613C68B8C}" = ccc-core-static "{E08C03D7-AE05-0458-2D14-78F219316933}" = Catalyst Control Center Localization Dutch "{E4FD0200-A7DB-2D5A-B5B1-DBC0A184C9B2}" = Catalyst Control Center Localization Russian "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{E9BA4A79-BD4C-52E3-F34F-85B1CC62EE15}" = Catalyst Control Center Localization Polish "{E9D20FA4-7CA6-F243-A503-CA961CCD2277}" = CCC Help Spanish "{EF9E54C1-2D5F-DDA8-8E7B-0CD3EF89C8E4}" = Catalyst Control Center Localization French "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F5A630D4-3D7D-6EEC-5DAE-41835DC0A1DA}" = Catalyst Control Center Graphics Full New "{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers "{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}" = Driver Mender "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver "{FD2B6E20-5344-07B4-C210-B57611E02906}" = CCC Help Dutch "Acer Acer Bio Protection 6.0.00.13" = Acer Bio Protection AAV 6.0.00.13 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Avanquest_FR Toolbar" = Avanquest FR Toolbar "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "conduitEngine" = Conduit Engine "EPSON Printer and Utilities" = EPSON Logiciel imprimante "EPSON Scanner" = EPSON Scan "ESDX4000_4050_CX3900" = ESDX4000_4050_CX3900 "Google Chrome" = Google Chrome "GridVista" = Acer GridVista "HOMESTUDENTR" = Version d'évaluation de Microsoft Office Home and Student 2007 "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "LManager" = Launch Manager "MailNotifier" = Notification Mail "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "OrangeToolbar" = barre d'outils Orange "OrangeUpdateManager" = Orange update "Picasa 3" = Picasa 3 "TomTom HOME" = TomTom HOME 2.7.6.2056 "Usbfix" = UsbFix By TeamXscript "VLC media player" = VLC media player 1.1.5 "Yahoo! Toolbar" = Yahoo! Toolbar "YesMessenger_is1" = YesMessenger 2.4.14 "ZHPDiag_is1" = ZHPDiag 1.24 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Orange Inside" = Orange Inside ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >
  15. Bjr Je te joins le 1er rapport OTL logfile created on: 08/05/2011 12:05:05 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\guy\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 39,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,44 Gb Total Space | 61,34 Gb Free Space | 55,04% Space Free | Partition Type: NTFS Drive D: | 104,90 Gb Total Space | 76,98 Gb Free Space | 73,38% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 273,37 Gb Free Space | 58,69% Space Free | Partition Type: NTFS Drive G: | 3,76 Gb Total Space | 3,76 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: PC-DE-GUY | User Name: YUG | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/08 12:03:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\guy\Desktop\OTL.exe PRC - [2011/04/29 13:05:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/04/29 13:05:05 | 000,442,024 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe PRC - [2011/04/07 09:00:03 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe PRC - [2011/03/04 14:38:18 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/03/04 14:38:17 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/11/18 20:41:12 | 000,206,120 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe PRC - [2009/09/21 15:02:04 | 003,786,472 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe PRC - [2009/09/21 15:02:00 | 003,451,904 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe PRC - [2009/09/21 15:01:50 | 003,488,768 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe PRC - [2009/09/21 15:01:41 | 003,673,600 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe PRC - [2009/09/21 14:58:44 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\guy\AppData\Local\Temp\RtkBtMnt.exe PRC - [2009/05/20 20:18:32 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008/04/28 13:18:26 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe PRC - [2008/03/11 11:53:54 | 005,296,128 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/03/07 04:36:12 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe PRC - [2008/03/05 11:56:30 | 001,216,512 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe PRC - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008/01/10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe PRC - [2007/12/11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe PRC - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2007/10/03 14:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007/03/27 12:00:32 | 000,196,608 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Acer VCM\acp2HID.exe ========== Modules (SafeList) ========== MOD - [2011/05/08 12:03:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\guy\Desktop\OTL.exe MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/04/29 13:05:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/03/04 14:38:18 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010/06/14 14:39:26 | 001,053,424 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009/09/21 15:01:50 | 003,488,768 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC) SRV - [2009/05/20 20:18:32 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService) SRV - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService) SRV - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service) SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2008/01/10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2007/12/11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) SRV - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel® ========== Driver Services (SafeList) ========== DRV - [2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011/03/04 14:38:47 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/12/24 16:19:56 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/04/01 12:12:30] [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/09/21 15:01:45 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF) DRV - [2009/05/25 12:12:28 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/05/25 12:12:28 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/05/25 12:12:26 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2008/07/08 14:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdm.sys -- (lgmdmdm) DRV - [2008/07/08 14:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM) DRV - [2008/07/08 14:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdobex.sys -- (lgmdobex) DRV - [2008/07/08 14:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM) DRV - [2008/07/08 14:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdfl.sys -- (lgmdmdfl) DRV - [2008/05/08 19:01:44 | 003,552,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/04/27 22:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008/03/21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2008/03/11 13:38:00 | 000,048,128 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E) DRV - [2008/02/29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/01/08 21:10:32 | 002,554,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel® DRV - [2007/12/18 18:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2007/12/16 17:57:20 | 000,075,776 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2006/11/02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France IE - HKLM\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 97 04 A8 DC 6A CA 01 [binary data] IE - HKCU\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: [email protected]:1.7 FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2 [2011/02/28 19:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YUG\AppData\Roaming\mozilla\Extensions [2011/02/28 19:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YUG\AppData\Roaming\mozilla\Extensions\[email protected] [2010/12/18 18:47:43 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected] O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Value error. File not found O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.) O4 - HKLM..\Run: [avast5] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) O4 - HKCU..\Run: [orangeinside] C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (Orange) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [] File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html () O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html () O8 - Extra context menu item: envoyer par sms - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html () O8 - Extra context menu item: envoyer un mail - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O8 - Extra context menu item: orange.fr - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html () O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html () O8 - Extra context menu item: traduire la page - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html () O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html () O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011/04/14 22:23:37 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/04/14 22:24:01 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/04/14 22:24:02 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Viewer.exe O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.dvsd - pdvcodec.dll File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/05/02 10:20:08 | 000,000,000 | ---D | C] -- C:\Users\YUG\AppData\Roaming\Malwarebytes [2011/05/02 10:19:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/05/02 10:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/05/02 10:19:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/05/02 10:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/04/29 13:21:34 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2011/04/29 13:21:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2011/04/29 13:17:37 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011/04/15 12:22:43 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011/04/15 12:22:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011/04/15 12:22:37 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011/04/15 12:22:37 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011/04/15 12:22:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011/04/15 12:22:37 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011/04/15 12:22:37 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011/04/15 12:22:37 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011/04/15 12:22:36 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011/04/15 12:22:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011/04/15 12:22:36 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011/04/15 12:22:36 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011/04/15 12:22:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011/04/15 12:22:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011/04/15 12:22:36 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011/04/15 12:22:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011/04/15 12:22:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011/04/15 12:22:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011/04/15 12:22:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011/04/15 12:22:27 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011/04/15 12:22:26 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011/04/15 12:17:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011/04/15 12:12:22 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011/04/15 12:12:15 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011/04/15 12:12:15 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011/04/15 00:06:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011/04/15 00:05:11 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011/04/15 00:05:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011/04/15 00:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011/04/15 00:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011/04/14 22:21:57 | 000,000,000 | ---D | C] -- C:\UsbFix [2011/04/12 00:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011/04/12 00:06:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2011/04/12 00:06:25 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011/04/12 00:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011/04/12 00:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/05/08 12:08:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/08 12:06:59 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{29B4A4A2-E71F-4BB3-91D7-16A36EE731FF}.job [2011/05/08 12:03:52 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/05/08 12:03:52 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/05/08 12:03:52 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/05/08 12:03:52 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/05/08 12:02:12 | 000,000,398 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job [2011/05/08 11:47:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/05/08 11:27:32 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/08 11:27:32 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/08 08:17:00 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2011/05/07 20:00:00 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\Registry Winner Schedule.job [2011/05/07 18:48:00 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/05/07 13:47:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/05/06 08:20:01 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-YUG-Startup.job [2011/05/06 08:20:01 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\Registry_Doktor.job [2011/05/06 08:00:07 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011/05/05 19:59:37 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011/05/02 10:19:52 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/16 08:16:36 | 000,316,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/04/12 00:06:38 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011/04/11 21:25:51 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/05/08 12:08:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/02 10:19:52 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/15 00:07:12 | 000,000,428 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{29B4A4A2-E71F-4BB3-91D7-16A36EE731FF}.job [2011/04/12 00:06:38 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011/04/08 21:21:13 | 000,000,398 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job [2010/10/18 11:35:32 | 000,005,056 | ---- | C] () -- C:\ProgramData\drctchbl.xvi [2010/10/18 11:35:32 | 000,004,110 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik [2010/10/08 10:57:42 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010/06/02 02:42:42 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010/04/29 16:12:32 | 000,000,031 | ---- | C] () -- C:\Windows\yesmessenger.ini [2010/04/22 14:56:51 | 000,000,338 | ---- | C] () -- C:\Windows\yes_messenger.ini [2009/10/22 00:57:28 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009/09/24 10:14:18 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2009/09/24 10:14:18 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2009/09/24 10:14:18 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2009/09/24 10:14:18 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2009/09/24 10:14:18 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2009/09/24 10:14:18 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2009/09/24 10:14:18 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2009/09/24 10:14:18 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2009/09/24 10:14:18 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2009/09/24 10:14:18 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2009/09/24 10:14:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2009/09/24 10:14:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2009/09/24 10:14:18 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2009/09/24 10:14:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2009/09/24 10:14:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2009/09/24 10:14:18 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2009/09/24 10:14:18 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2009/09/24 10:14:18 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2009/09/24 10:14:18 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009/09/24 10:09:09 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4000EFDG.ini [2009/09/24 09:25:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/09/24 09:25:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/09/21 17:12:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/09/21 15:47:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/09/21 15:05:51 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009/09/21 15:05:51 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2009/09/21 15:05:51 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2009/09/21 15:02:13 | 001,548,099 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll [2008/05/16 07:50:46 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008/05/16 07:50:46 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008/05/16 07:50:44 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008/05/16 07:50:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008/03/21 13:20:46 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008/03/21 13:20:46 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008/03/21 12:41:33 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll [2008/03/21 12:37:44 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008/03/21 12:33:29 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008/03/21 12:33:29 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2008/03/21 12:32:04 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat [2008/01/21 10:40:50 | 000,679,042 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2008/01/21 10:40:50 | 000,126,626 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2007/11/14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2007/04/24 18:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006/11/02 14:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat [2006/11/02 14:47:37 | 000,316,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005/12/15 06:17:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/03/21 05:12:07 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2009/09/21 15:15:37 | 000,000,020 | ---- | M] () -- C:\Medion.ini [2004/02/29 17:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp [2011/05/06 07:59:25 | 3533,369,344 | -HS- | M] () -- C:\pagefile.sys [2009/09/21 15:08:45 | 000,000,058 | ---- | M] () -- C:\Partition.txt [2011/05/08 12:08:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2008/03/21 12:33:43 | 000,000,477 | ---- | M] () -- C:\RHDSetup.log [2011/04/14 22:24:05 | 000,000,000 | ---- | M] () -- C:\UsbFix.txt < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2011/02/22 08:16:39 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2011/03/04 14:38:47 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011/02/22 15:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys [2011/02/22 15:23:59 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys [2011/02/22 15:24:10 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys [2011/02/22 15:24:02 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys [2011/02/18 16:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys [2011/02/18 16:03:10 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys [2011/02/18 16:03:06 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-06 06:06:20 < > < End of report >
×
×
  • Créer...