ced41

Très bien, j'ai fait comme indiqué, merci.

All processes killed ========== OTL ========== Service Planificateur LiveUpdate automatique stopped successfully! Service Planificateur LiveUpdate automatique deleted successfully! Service catchme stopped successfully! Service catchme deleted successfully! C:\Users\ordi\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Extensions folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\META-INF folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\defaults\preferences folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\defaults folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\components folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\chrome folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully. C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Program Files\mozilla firefox\extensions folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. C:\-20070327.log moved successfully. C:\Ad-Report-CLEAN[1].txt moved successfully. C:\Ad-Report-CLEAN[2].txt moved successfully. C:\fixnavi.txt moved successfully. C:\VundoFix.txt moved successfully. ADS C:\Users\ordi\Documents\ADHESION MENSUALISATION _ TAXES FONCIERES.eml:OECustomProperty deleted successfully. ADS C:\Users\ordi\Documents\suite pitching ( 3 ) et driving.eml:OECustomProperty deleted successfully. ADS C:\Users\ordi\Fw_ documents.eml:OECustomProperty deleted successfully. ADS C:\Users\ordi\Documents\TICKETNET _ Votre profil.eml:OECustomProperty deleted successfully. ADS C:\ProgramData\TEMP:5C321E34 deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: ambroise ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 5452254 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 23690262 bytes ->Flash cache emptied: 44222 bytes User: danielle ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Java cache emptied: 12118713 bytes ->FireFox cache emptied: 5781730 bytes ->Flash cache emptied: 42030 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56504 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: ordi ->Temp folder emptied: 806 bytes ->Temporary Internet Files folder emptied: 108206230 bytes ->Java cache emptied: 88531958 bytes ->FireFox cache emptied: 96100399 bytes ->Flash cache emptied: 2813985 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 327,00 mb [EMPTYFLASH] User: All Users User: ambroise ->Flash cache emptied: 0 bytes User: danielle ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: ordi ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.6 log created on 02112011_181428 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

Non, mon problème revient de façon récurrente : un programme frauduleux anti-virus apparait dans la barre de tache, désactive mon antivirus ( avira ) et plus aucun executable ne fonctionne, ça m'indique une erreur tant que j'ai pas payé ( je pense ) ce logiciel bandit. Si mes souvenirs sont bons je crois que c'est antivirus.net. En plus de celà, mon fond d'écran change en une alerte blah blah Warning, ect, ... merci encore pour ton aide.

OTL Extras logfile created on: 10/02/2011 19:33:23 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\ordi\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 013,00 Mb Total Physical Memory | 369,00 Mb Available Physical Memory | 36,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 54,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 51,99 Gb Total Space | 17,33 Gb Free Space | 33,33% Space Free | Partition Type: NTFS Drive D: | 51,98 Gb Total Space | 34,56 Gb Free Space | 66,49% Space Free | Partition Type: NTFS Computer Name: PC-DE-ORDI | User Name: ordi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{B27B8DEC-EAB1-45AA-892F-75946BFCBCE3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{FF217838-5CFA-4CB0-AF9F-AF7444B7790F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{47826D48-31D6-4A48-91AD-C699ABEAACAC}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{C63863ED-6996-4D1A-801C-14D425F1AFC2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1 "{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 23 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer OrbiCam "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7 "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9743AF47-B746-4324-B4C4-512E67D04370}" = Symantec Technical Support Web Controls "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{AEEAE013-92F1-4515-B278-139F1A692A35}" = Acer eDataSecurity Management "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.1.1.4 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer OrbiCam "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ad-Remover" = Ad-Remover By C_XX "Agere Systems Soft Modem" = Agere Systems HDA Modem "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "EPSON Printer and Utilities" = EPSON Logiciel imprimante "EPSON Scanner" = EPSON Scan "EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel "ESDX6000_CX5900 Guide util." = ESDX6000_CX5900 Guide util. "GridVista" = Acer GridVista "HDMI" = Intel® Graphics Media Accelerator Driver "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers. "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Navilog1_is1" = Navilog1 3.5.2 "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SpywareBlaster_is1" = SpywareBlaster 4.0 "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinLiveSuite" = Windows Live "ZHPDiag_is1" = ZHPDiag 1.27 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 27/01/2011 10:46:20 | Computer Name = PC-de-ordi | Source = EventSystem | ID = 4609 Description = Error - 31/01/2011 15:28:06 | Computer Name = PC-de-ordi | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Users\ordi\AppData\Local\Temp\RarSFX0\redist.dll ». Assembly dépendant Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 31/01/2011 15:33:37 | Computer Name = PC-de-ordi | Source = VSS | ID = 8194 Description = Error - 31/01/2011 17:33:11 | Computer Name = PC-de-ordi | Source = VSS | ID = 12289 Description = Error - 31/01/2011 17:35:47 | Computer Name = PC-de-ordi | Source = VSS | ID = 12289 Description = Error - 02/02/2011 09:31:36 | Computer Name = PC-de-ordi | Source = Application Hang | ID = 1002 Description = Le programme firefox.exe version 1.9.2.3989 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : f44 Heure de début : 01cbc2bff3131663 Heure de fin : 224 Error - 04/02/2011 08:02:11 | Computer Name = PC-de-ordi | Source = System Restore | ID = 8193 Description = Error - 04/02/2011 08:02:11 | Computer Name = PC-de-ordi | Source = System Restore | ID = 8210 Description = Error - 10/02/2011 10:31:30 | Computer Name = PC-de-ordi | Source = Windows Search Service | ID = 3013 Description = Error - 10/02/2011 10:31:30 | Computer Name = PC-de-ordi | Source = Windows Search Service | ID = 3013 Description = [ Canal+ Events ] Error - 23/07/2010 10:42:11 | Computer Name = PC-de-ordi | Source = VideoOnDemand | ID = 0 Description = ServicesAdapter::ProcessRequest : Le thread a été abandonné. [ System Events ] Error - 10/02/2011 10:30:39 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7031 Description = Error - 10/02/2011 10:30:40 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7034 Description = Error - 10/02/2011 10:30:40 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7031 Description = Error - 10/02/2011 10:30:43 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7031 Description = Error - 10/02/2011 10:31:11 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7032 Description = Error - 10/02/2011 10:32:58 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7000 Description = Error - 10/02/2011 10:33:08 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7026 Description = Error - 10/02/2011 14:10:19 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7034 Description = Error - 10/02/2011 14:10:21 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7030 Description = Error - 10/02/2011 14:22:54 | Computer Name = PC-de-ordi | Source = Service Control Manager | ID = 7030 Description = < End of report >

ComboFix 11-02-09.05 - ordi 10/02/2011 19:10:38.4.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.1013.443 [GMT 1:00] Lancé depuis: c:\users\ordi\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\kIdFgAe06511 c:\programdata\kIdFgAe06511\kIdFgAe06511 c:\programdata\kIdFgAe06511\kIdFgAe06511.exe c:\users\ordi\AppData\Roaming\inst.exe c:\users\ordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool c:\users\ordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool\System Tool 2011.lnk . ((((((((((((((((((((((((((((( Fichiers créés du 2011-01-10 au 2011-02-10 )))))))))))))))))))))))))))))))))))) . 2011-02-10 18:20 . 2011-02-10 18:22 -------- d-----w- c:\users\ordi\AppData\Local\temp 2011-02-10 18:20 . 2011-02-10 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-02-10 18:20 . 2011-02-10 18:20 -------- d-----w- c:\users\danielle\AppData\Local\temp 2011-02-10 18:20 . 2011-02-10 18:20 -------- d-----w- c:\users\ambroise\AppData\Local\temp 2011-02-10 16:03 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-10 16:03 . 2011-02-10 16:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-10 16:03 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-31 20:48 . 2011-01-31 20:48 -------- d-----w- c:\windows\system32\x64 2011-01-31 19:47 . 2011-01-31 19:47 -------- d-----w- c:\users\ordi\AppData\Roaming\Avira 2011-01-31 19:44 . 2011-01-31 19:44 102400 ----a-w- c:\windows\RegBootClean.exe 2011-01-31 19:34 . 2010-12-06 07:48 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-01-31 19:34 . 2010-12-06 07:48 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-01-31 19:34 . 2011-01-31 19:34 -------- d-----w- c:\programdata\Avira 2011-01-31 19:34 . 2011-01-31 19:34 -------- d-----w- c:\program files\Avira 2011-01-31 12:48 . 2011-01-31 12:51 -------- d-----w- c:\program files\ZHPDiag 2011-01-30 22:16 . 2011-01-31 19:44 -------- d-----w- c:\programdata\lIkNcMg06511 2011-01-28 10:19 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C53D1BF5-596A-4191-9C5E-E3E7133A8A3A}\mpengine.dll 2011-01-27 15:31 . 2011-01-27 15:31 -------- d-----w- c:\users\ordi\AppData\Roaming\Malwarebytes 2011-01-27 15:30 . 2011-01-27 15:30 -------- d-----w- c:\programdata\Malwarebytes 2011-01-27 15:21 . 2011-01-27 15:21 -------- d-----w- c:\program files\Ad-Remover 2011-01-12 17:14 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 17:14 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-01-12 17:14 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-01-12 17:14 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-01-12 17:14 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll 2011-01-12 17:14 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-01-12 17:14 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 1999-06-24 09:24 . 2007-10-14 16:26 49152 ----a-w- c:\program files\_ISREG32.DLL 2008-06-30 11:44 . 2008-08-18 16:24 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-11-09 86016] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704] "LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2006-08-29 241664] "LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-01-10 200704] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-06 281768] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R1 mailKmd;mailKmd; [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-06 135336] S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2006-11-17 118784] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uInternet Settings,ProxyOverride = <local> FF - ProfilePath - c:\users\ordi\AppData\Roaming\Mozilla\Firefox\Profiles\mzy79su0.default\ FF - prefs.js: browser.search.defaulturl - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.fr FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p= FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: yahoo.homepage.dontask - true . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-Acer Tour - (no file) HKLM-Run-eRecoveryService - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-10 19:22 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 . Heure de fin: 2011-02-10 19:27:54 ComboFix-quarantined-files.txt 2011-02-10 18:27 ComboFix2.txt 2008-04-08 23:36 Avant-CF: 18 495 881 216 octets libres Après-CF: 18 545 414 144 octets libres - - End Of File - - 7E43F328B760623FD09A6890FDA86A29 OTL logfile created on: 10/02/2011 19:33:23 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\ordi\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 013,00 Mb Total Physical Memory | 369,00 Mb Available Physical Memory | 36,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 54,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 51,99 Gb Total Space | 17,33 Gb Free Space | 33,33% Space Free | Partition Type: NTFS Drive D: | 51,98 Gb Total Space | 34,56 Gb Free Space | 66,49% Space Free | Partition Type: NTFS Computer Name: PC-DE-ORDI | User Name: ordi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/02/10 19:04:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\ordi\Desktop\OTL.exe PRC - [2010/12/06 08:47:54 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/12/06 08:47:41 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/12/06 08:47:40 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2007/01/10 15:20:34 | 000,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2007/01/10 10:34:18 | 000,200,704 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe PRC - [2007/01/02 17:58:58 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe PRC - [2007/01/02 17:58:50 | 000,464,168 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe PRC - [2007/01/02 15:46:52 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe PRC - [2007/01/02 08:33:24 | 000,135,168 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe PRC - [2006/12/28 19:07:22 | 000,126,976 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe PRC - [2006/12/28 17:24:14 | 000,049,152 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe PRC - [2006/12/25 15:45:26 | 000,319,488 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe PRC - [2006/12/22 13:43:18 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe PRC - [2006/11/17 19:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe PRC - [2006/11/09 19:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2006/11/09 13:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe PRC - [2006/10/05 22:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006/08/29 08:26:32 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe PRC - [2005/07/25 12:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe ========== Modules (SafeList) ========== MOD - [2011/02/10 19:04:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\ordi\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (Planificateur LiveUpdate automatique) SRV - [2010/12/06 08:47:54 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/12/06 08:47:41 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/01/02 17:58:58 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service) SRV - [2007/01/02 15:46:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService) SRV - [2007/01/02 08:33:24 | 000,135,168 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService) SRV - [2006/12/28 19:07:22 | 000,126,976 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service) SRV - [2006/12/28 17:24:14 | 000,049,152 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService) SRV - [2006/12/22 13:43:18 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService) SRV - [2006/11/24 11:57:54 | 000,107,008 | ---- | M] () [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) SRV - [2006/11/17 19:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc) SRV - [2006/10/05 22:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2010/12/06 08:48:06 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010/12/06 08:48:06 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) DRV - [2007/05/02 11:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 11:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 11:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2007/01/02 17:59:24 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ) DRV - [2007/01/02 17:59:20 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk) DRV - [2007/01/02 17:59:18 | 000,020,264 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter) DRV - [2006/12/19 20:18:28 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX) DRV - [2006/12/19 20:18:28 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/12/10 11:34:02 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2006/12/07 17:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15) DRV - [2006/11/25 10:17:42 | 000,792,368 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607) DRV - [2006/11/09 04:09:24 | 001,647,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2006/11/02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006/10/23 20:17:32 | 000,179,896 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2006/10/05 20:39:40 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/08/29 03:30:04 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper) DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006/07/06 22:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2003/04/28 10:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p="'>http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p=" FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-sunm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-sunm" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://google.fr" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/18 14:18:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/18 14:18:45 | 000,000,000 | ---D | M] [2009/01/21 19:49:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ordi\AppData\Roaming\mozilla\Extensions [2011/02/09 22:30:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions [2010/04/30 15:27:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/12/23 19:05:23 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\ordi\AppData\Roaming\mozilla\Firefox\Profiles\mzy79su0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/02/03 00:29:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010/05/02 13:55:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/08 13:54:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/02 13:57:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/02/03 00:29:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2008/06/30 12:44:08 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/12/03 19:04:57 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/12/03 19:04:57 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/03 19:04:57 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/12/03 19:04:57 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/12/03 19:04:57 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/02/10 19:22:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST) O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe () O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe () O4 - HKCU..\Run: [iSUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\ordi\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\ordi\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/12/10 11:34:28 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM File not found Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/02/10 19:28:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/02/10 19:27:57 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011/02/10 19:27:57 | 000,000,000 | ---D | C] -- C:\Users\ordi\AppData\Local\temp [2011/02/10 19:08:05 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/02/10 19:08:05 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/02/10 19:08:05 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/02/10 19:07:50 | 000,000,000 | ---D | C] -- C:\ComboFix [2011/02/10 19:07:28 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/02/10 19:07:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/02/10 19:04:04 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\ordi\Desktop\OTL.exe [2011/02/10 17:03:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/02/10 17:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/02/10 17:03:32 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/02/10 17:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/02/10 16:57:18 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ordi\Desktop\mbam-setup.exe [2011/02/03 00:29:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011/02/03 00:29:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011/02/03 00:29:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011/01/31 21:48:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64 [2011/01/31 20:47:06 | 000,000,000 | ---D | C] -- C:\Users\ordi\AppData\Roaming\Avira [2011/01/31 20:35:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011/01/31 20:35:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2011/01/31 20:34:59 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011/01/31 20:34:59 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011/01/31 20:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011/01/31 20:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011/01/31 13:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2011/01/31 13:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [2011/01/31 13:13:06 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\ordi\Desktop\HijackThis.exe [2011/01/30 23:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\lIkNcMg06511 [2011/01/27 16:31:05 | 000,000,000 | ---D | C] -- C:\Users\ordi\AppData\Roaming\Malwarebytes [2011/01/27 16:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/27 16:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2011/01/12 18:14:45 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011/01/12 18:14:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2010/10/01 12:10:06 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\ordi\AppData\Roaming\pcouffin.sys [2007/10/14 17:26:17 | 000,049,152 | ---- | C] (Stirling) -- C:\Program Files\_ISREG32.DLL [2006/12/10 11:48:28 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll ========== Files - Modified Within 30 Days ========== [2011/02/10 19:32:50 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/02/10 19:32:50 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/02/10 19:22:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011/02/10 19:04:31 | 004,266,254 | R--- | M] () -- C:\Users\ordi\Desktop\ComboFix.exe [2011/02/10 19:04:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\ordi\Desktop\OTL.exe [2011/02/10 17:03:38 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/02/10 16:59:18 | 000,879,047 | ---- | M] () -- C:\Users\ordi\Desktop\SecurityCheck.exe [2011/02/10 16:58:17 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ordi\Desktop\mbam-setup.exe [2011/02/10 15:32:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/02/10 15:32:44 | 1063,444,480 | -HS- | M] () -- C:\hiberfil.sys [2011/01/31 20:46:03 | 000,001,480 | ---- | M] () -- C:\Windows\RegBootClean.CFG [2011/01/31 20:44:53 | 000,102,400 | ---- | M] () -- C:\Windows\RegBootClean.exe [2011/01/31 20:35:47 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011/01/31 13:49:09 | 000,000,799 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2011/01/31 13:49:09 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2011/01/31 13:49:09 | 000,000,787 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2011/01/31 13:13:08 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\ordi\Desktop\HijackThis.exe [2011/01/27 16:21:31 | 000,001,680 | ---- | M] () -- C:\Users\ordi\Desktop\AD-R.lnk [2011/01/27 15:53:24 | 000,000,036 | ---- | M] () -- C:\Users\ordi\AppData\Local\housecall.guid.cache [2011/01/27 15:24:28 | 000,000,680 | ---- | M] () -- C:\Users\ordi\AppData\Local\d3d9caps.dat [2011/01/18 14:18:46 | 000,001,752 | ---- | M] () -- C:\Users\ordi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/01/18 14:18:46 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk ========== Files Created - No Company Name ========== [2011/02/10 19:08:05 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/02/10 19:08:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/02/10 19:08:05 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/02/10 19:08:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/02/10 19:08:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/02/10 19:03:44 | 004,266,254 | R--- | C] () -- C:\Users\ordi\Desktop\ComboFix.exe [2011/02/10 17:03:38 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/02/10 16:59:15 | 000,879,047 | ---- | C] () -- C:\Users\ordi\Desktop\SecurityCheck.exe [2011/01/31 20:44:53 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe [2011/01/31 20:44:53 | 000,001,480 | ---- | C] () -- C:\Windows\RegBootClean.CFG [2011/01/31 20:35:47 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011/01/31 13:48:41 | 000,000,799 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2011/01/31 13:48:41 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2011/01/31 13:48:41 | 000,000,787 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2011/01/27 16:21:31 | 000,001,680 | ---- | C] () -- C:\Users\ordi\Desktop\AD-R.lnk [2011/01/27 15:57:59 | 1063,444,480 | -HS- | C] () -- C:\hiberfil.sys [2011/01/27 15:53:24 | 000,000,036 | ---- | C] () -- C:\Users\ordi\AppData\Local\housecall.guid.cache [2011/01/27 15:11:08 | 000,000,680 | ---- | C] () -- C:\Users\ordi\AppData\Local\d3d9caps.dat [2011/01/18 14:18:46 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/10/28 13:12:29 | 000,001,940 | ---- | C] () -- C:\Users\ordi\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2010/10/01 12:10:06 | 000,007,887 | ---- | C] () -- C:\Users\ordi\AppData\Roaming\pcouffin.cat [2010/10/01 12:10:06 | 000,001,144 | ---- | C] () -- C:\Users\ordi\AppData\Roaming\pcouffin.inf [2010/10/01 12:10:06 | 000,000,055 | ---- | C] () -- C:\Users\ordi\AppData\Roaming\pcouffin.log [2009/09/14 15:58:07 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/02/07 12:24:51 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2009/02/07 12:19:16 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini [2009/02/07 12:14:21 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2008/09/23 17:55:54 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX8400DEFGIPS.ini [2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2007/10/14 17:26:17 | 000,000,540 | ---- | C] () -- C:\Program Files\_DEISREG.ISR [2007/10/14 17:25:27 | 000,000,229 | ---- | C] () -- C:\Windows\ODBCINST.INI [2007/10/14 17:25:21 | 000,039,936 | ---- | C] () -- C:\Windows\VSDRVM32.DLL [2007/10/12 19:15:32 | 000,043,520 | ---- | C] () -- C:\Users\ordi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/10/12 15:29:03 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2007/10/12 15:23:09 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX6000EFDG.ini [2007/10/11 18:55:00 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini [2007/03/27 15:49:45 | 000,015,190 | ---- | C] () -- C:\Windows\M2000T07.ini [2007/03/27 15:49:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll [2007/03/27 08:12:09 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2007/03/27 08:12:09 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2007/03/27 08:11:15 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll [2007/03/27 08:10:30 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys [2007/01/02 17:54:14 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll [2007/01/02 17:53:54 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll [2007/01/02 17:53:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll [2007/01/02 17:52:40 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MsnChatHook_org.dll [2007/01/02 17:52:28 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll [2007/01/02 17:52:26 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll [2007/01/02 17:52:18 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll [2006/12/25 14:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll [2006/12/10 23:13:28 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2006/12/10 22:57:29 | 000,743,424 | R--- | C] () -- C:\Windows\libxml2.dll [2006/12/10 22:55:51 | 000,872,448 | R--- | C] () -- C:\Windows\iconv.dll [2006/12/10 11:48:30 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2006/12/10 11:34:45 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys [2006/12/10 11:33:32 | 000,198,144 | ---- | C] () -- C:\Windows\System32\_psisdecd.dll [2006/12/02 19:32:24 | 000,000,041 | ---- | C] () -- C:\Windows\PreLaunch.ini [2006/12/02 19:32:23 | 000,204,800 | ---- | C] () -- C:\Windows\Capsule.dll [2006/12/02 19:32:22 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/02/13 15:35:34 | 000,121,344 | ---- | C] () -- C:\Windows\UnzDll.dll [2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2007/03/27 08:09:13 | 000,003,269 | ---- | M] () -- C:\-20070327.log [2011/01/27 16:22:40 | 000,003,012 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2011/02/10 15:31:29 | 000,003,069 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt [2006/12/10 11:34:28 | 000,000,074 | ---- | M] () -- C:\autoexec.bat [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2006/11/11 08:41:41 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2011/02/10 19:27:55 | 000,010,966 | ---- | M] () -- C:\ComboFix.txt [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2008/04/08 21:40:54 | 000,002,229 | ---- | M] () -- C:\fixnavi.txt [2011/02/10 15:32:44 | 1063,444,480 | -HS- | M] () -- C:\hiberfil.sys [2007/10/14 17:24:53 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007/10/14 17:24:53 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/02/10 15:32:42 | 1377,243,136 | -HS- | M] () -- C:\pagefile.sys [2007/03/26 01:54:12 | 000,004,896 | -HS- | M] () -- C:\Patch.rev [2006/12/10 11:22:31 | 000,000,133 | RHS- | M] () -- C:\preload.rev [2006/12/10 22:37:37 | 000,000,013 | ---- | M] () -- C:\rebuild.tag [2008/04/08 22:50:44 | 000,028,646 | ---- | M] () -- C:\resultat.txt [2008/04/08 22:49:49 | 016,658,632 | ---- | M] () -- C:\upload_moi_PC-de-ordi.tar.gz [2008/04/09 10:11:07 | 000,000,363 | ---- | M] () -- C:\VundoFix.txt [2006/12/02 19:32:28 | 000,000,004 | ---- | M] () -- C:\wps.dat < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/03/08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009/03/08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/12/06 08:48:06 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010/12/06 08:48:06 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-01-31 20:55:18 ========== Alternate Data Streams ========== @Alternate Data Stream - 953 bytes -> C:\Users\ordi\Documents\ADHESION MENSUALISATION _ TAXES FONCIERES.eml:OECustomProperty @Alternate Data Stream - 841 bytes -> C:\Users\ordi\Documents\suite pitching ( 3 ) et driving.eml:OECustomProperty @Alternate Data Stream - 704 bytes -> C:\Users\ordi\Fw_ documents.eml:OECustomProperty @Alternate Data Stream - 703 bytes -> C:\Users\ordi\Documents\TICKETNET _ Votre profil.eml:OECustomProperty @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report >

Bonjour lance_yien et merci, les rapports demandés : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5732 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 10/02/2011 17:21:32 mbam-log-2011-02-10 (17-21-32).txt Type d'examen: Examen rapide Elément(s) analysé(s): 170944 Temps écoulé: 8 minute(s), 2 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\ineufbr1v (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Results of screen317's Security Check version 0.99.8 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 23 Java 6 Update 2 Java 6 Update 3 Out of date Java installed! Adobe Flash Player 9 (Out of date Flash Player installed!) Adobe Flash Player 10.1.102.64 Adobe Reader 7.0 Out of date Adobe Reader installed! Mozilla Firefox (3.6.13) ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe Empowering Technology eSettings Service capuserv.exe ``````````End of Log````````````

Bonjour à tous, mon message a été oublié, j'ai posté une deuxime fois dessus c'est surement pour ça probleme

je rajoute le rapport ZHP diag : Rapport de ZHPDiag v1.27.1520 par Nicolas Coolman, Update du 29/01/2011 Run by ordi at 31/01/2011 13:50:22 Web site : ZHPDiag Outil de diagnostic Contact : [email protected] ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18999 MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut) ---\\ System Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Processor: x86 Family 6 Model 14 Stepping 12, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1013 MB (33% free) System Restore: Activé (Enable) System drive C: has 22 GB (42%) free of 52 GB ---\\ Logged in mode Computer Name: PC-DE-ORDI User Name: ordi All Users Names: ordi, danielle, ambroise, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=%USERPROFILE%\AppData\Roaming %LocalAppData%=%USERPROFILE%\AppData\Local %StartMenu%=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 22 Go of 52 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 35 Go of 52 Go) E:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880] ---\\ Processus lancés [MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344] [MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.5AB037B17F8A87D052F5A88E0D29A3C8] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232] [MD5.57EBA0BF30D365ED683BE9E042A35821] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [623616] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2) P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.51204.0.) -- C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll ---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.HiTRUST - eDStoolbar Module.) -- C:\Windows\system32\eDStoolbar.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Acer Tour] Clé orpheline O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [Wbutton] . (.Pas de propriétaire - WButton MFC Application.) -- C:\Program Files\Launch Manager\Wbutton.exe O4 - HKLM\..\Run: [WarReg_PopUp] . (.Acer Inc. - WR_PopUp.) -- C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [LMgrOSD] . (.Pas de propriétaire - OSD MFC Application.) -- C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [LManager] . (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LaunchAp] . (.Pas de propriétaire - LaunchAp MFC Application.) -- C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [eDataSecurity Loader] . (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [Acer Tour Reminder] . (.Acer Inc. - Acer Tour Reminder.) -- C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (.not file.) O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBIE.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-1224772120-3823277818-4152024611-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-1224772120-3823277818-4152024611-1000\..\Run: [EPSON Stylus DX6000 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBIE.exe O4 - HKUS\S-1-5-21-1224772120-3823277818-4152024611-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-1224772120-3823277818-4152024611-1000\..\Run: [iSUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe O4 - HKUS\S-1-5-21-1224772120-3823277818-4152024611-1000\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.exe O4 - HKUS\S-1-5-21-1224772120-3823277818-4152024611-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk . (.Acer Inc..) -- C:\Acer\Empowering Technology\eAPLauncher.exe ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\ordi\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files\Ad-Remover\main.exe O4 - Global Startup: C:\Documents And Settings\ordi\Desktop\Disque amovible (G) - Raccourci.lnk . (.Pas de propriétaire.) -- G:\ (.not file.) O4 - Global Startup: C:\Documents And Settings\ordi\Desktop\Documents.lnk . (.Pas de propriétaire.) -- C:\Users\ordi\Documents O4 - Global Startup: C:\Documents And Settings\ordi\Desktop\Media Center.lnk . (.Microsoft Corporation.) -- C:\Windows\ehome\ehshell.exe O4 - Global Startup: C:\Documents And Settings\ordi\Desktop\Photos Noé.lnk . (.Pas de propriétaire.) -- D:\ O4 - Global Startup: C:\Documents And Settings\ordi\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Documents And Settings\ordi\Desktop\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\ordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\ordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\ordi\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files\Ad-Remover\main.exe O4 - Global Startup: C:\Users\ordi\Desktop\Disque amovible (G) - Raccourci.lnk . (.Pas de propriétaire.) -- G:\ (.not file.) O4 - Global Startup: C:\Users\ordi\Desktop\Documents.lnk . (.Pas de propriétaire.) -- C:\Users\ordi\Documents O4 - Global Startup: C:\Users\ordi\Desktop\Media Center.lnk . (.Microsoft Corporation.) -- C:\Windows\ehome\ehshell.exe O4 - Global Startup: C:\Users\ordi\Desktop\Photos Noé.lnk . (.Pas de propriétaire.) -- D:\ O4 - Global Startup: C:\Users\ordi\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\ordi\Desktop\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\ordi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{0B445639-B454-43BF-A2FB-49D9E835E9DB}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\..\{54CEEA21-844D-43BC-8523-EAE80992D3E3}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS1\Services\Tcpip\..\{0B445639-B454-43BF-A2FB-49D9E835E9DB}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS1\Services\Tcpip\..\{54CEEA21-844D-43BC-8523-EAE80992D3E3}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS2\Services\Tcpip\..\{0B445639-B454-43BF-A2FB-49D9E835E9DB}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS2\Services\Tcpip\..\{54CEEA21-844D-43BC-8523-EAE80992D3E3}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS3\Services\Tcpip\..\{0B445639-B454-43BF-A2FB-49D9E835E9DB}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS3\Services\Tcpip\..\{54CEEA21-844D-43BC-8523-EAE80992D3E3}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe O23 - Service: eDSService.exe (eDataSecurity Service) . (.HiTRSUT - eDataSecurity Service.) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: (eLockService) . (.Acer Inc. - Acer eLock Management.) - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: (eNet Service) . (.Acer Inc. - acer eNet Management Service.) - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: (eRecoveryService) . (.Acer Inc. - eRecoveryService.) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: (eSettingsService) . (.Pas de propriétaire - Service.) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: (MobilityService) . (.Pas de propriétaire - Pas de description.) - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: (Planificateur LiveUpdate automatique) - Clé orpheline O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: (WMIService) . (.acer - WMIServi Application.) - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) [MD5.70A1F7FD11D4C06BD26DFD348387A1E4] [APT] [{CFF3C95C-0A58-4424-96DD-47126DB134AE}] (.MCCI Corporation.) -- C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Acer Arcade Deluxe - (.Pas de propriétaire.) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37} O42 - Logiciel: Acer Empowering Technology - (.Acer Inc..) [HKLM] -- {AB6097D9-D722-4987-BD9E-A076E2848EE2} O42 - Logiciel: Acer GridVista - (.Pas de propriétaire.) [HKLM] -- GridVista O42 - Logiciel: Acer Mobility Center Plug-In - (.Acer Inc..) [HKLM] -- {11316260-6666-467B-AC34-183FCB5D4335} O42 - Logiciel: Acer OrbiCam - (.Acer OrbiCam.) [HKLM] -- {DD1DED37-2486-4F56-8F89-56AA814003F5} O42 - Logiciel: Acer OrbiCam - (.Pas de propriétaire.) [HKLM] -- {4BB1DCED-84D3-47F9-B718-5947E904593E} O42 - Logiciel: Acer ScreenSaver - (.Acer Inc..) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC} O42 - Logiciel: Acer Tour - (.Acer Inc..) [HKLM] -- {94389919-B0AA-4882-9BE8-9F0B004ECA35} O42 - Logiciel: Acer eDataSecurity Management - (.HiTRUST Inc..) [HKLM] -- {AEEAE013-92F1-4515-B278-139F1A692A35} O42 - Logiciel: Acer eLock Management - (.Acer Inc..) [HKLM] -- {116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3} O42 - Logiciel: Acer eNet Management - (.Acer Inc..) [HKLM] -- {C06554A1-2C1E-4D20-B613-EE62C79927CC} O42 - Logiciel: Acer ePower Management - (.Acer Inc..) [HKLM] -- {58E5844B-7CE2-413D-83D1-99294BF6C74F} O42 - Logiciel: Acer ePresentation Management - (.Acer Inc..) [HKLM] -- {BF839132-BD43-4056-ACBF-4377F4A88E2A} O42 - Logiciel: Acer eSettings Management - (.Acer Inc..) [HKLM] -- {CE65A9A0-9686-45C6-9098-3C9543A412F0} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {B194272D-1F92-46DF-99EB-8D5CE91CB4EC} O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- ShockwaveFlash O42 - Logiciel: Adobe Reader 7.0 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A70000000000} O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.Pas de propriétaire.) [HKLM] -- {8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5} O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857} O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755} O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6} O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64} O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation O42 - Logiciel: ESDX6000_CX5900 Guide util. - (.Pas de propriétaire.) [HKLM] -- ESDX6000_CX5900 Guide util. O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI O42 - Logiciel: Java 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160020} O42 - Logiciel: Java 6 Update 22 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF} O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030} O42 - Logiciel: Launch Manager V1.1.1.4 - (.Acer Inc..) [HKLM] -- {D0846526-66DD-4DC9-A02C-98F9A2806812} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13) O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- {67ADE9AF-5CD9-4089-8825-55DE4B366799} O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6} O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung Samples Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {7AC15160-A49B-4A89-B181-D4619C025FFF} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} O42 - Logiciel: SpywareBlaster 4.0 - (.Javacool Software LLC.) [HKLM] -- SpywareBlaster_is1 O42 - Logiciel: Symantec Technical Support Web Controls - (.Symantec Corporation.) [HKLM] -- {9743AF47-B746-4324-B4C4-512E67D04370} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Texas Instruments PCIxx21/x515/xx12 drivers. - (.Texas Instruments Inc..) [HKLM] -- InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1} ---\\ HKCU & HKLM Software Keys [HKCU\Software\2Ibhanza1E] [HKCU\Software\5NOEAsuPaW] [HKCU\Software\?? ?? ???? ????? ??? ?? ????] [HKCU\Software\ABBYY] [HKCU\Software\ASProtect] [HKCU\Software\Acer] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\DVDFab] [HKCU\Software\EPSON] [HKCU\Software\Education Nationale] [HKCU\Software\Google] [HKCU\Software\HotkeyPanel] [HKCU\Software\IM Providers] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Kazaa] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MoveFab] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\Norton] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\SEIKO EPSON] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Samsung] [HKCU\Software\SupportSoft] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\Tific] [HKCU\Software\Uninstall] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\ineufbr1v] [HKLM\Software\ABBYY] [HKLM\Software\AbiWord] [HKLM\Software\Acer Inc.] [HKLM\Software\Acer OrbiCam] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\BisonCam] [HKLM\Software\Borland] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DIOC] [HKLM\Software\DVDFab] [HKLM\Software\EPSON] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\HotkeyPanel] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Launch Manager] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Ministère de l'Education Nationale] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NewTech Infosystems] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\Panda Software] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Samsung] [HKLM\Software\Sonic] [HKLM\Software\SpywareBlaster] [HKLM\Software\Sun Microsystems] [HKLM\Software\SupportSoft] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\TrendMicro] [HKLM\Software\WebCam] [HKLM\Software\WholeSecurity] [HKLM\Software\Windows] [HKLM\Software\Yahoo] [HKLM\Software\knight] [HKLM\Software\mcafeeupdater] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] [HKLM\Software\nSplitter] [HKLM\Software\swearware] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 01/10/2010 - 12:01:22 ----D- C:\Program Files\AbiWord O43 - CFD: 10/12/2006 - 11:33:18 ----D- C:\Program Files\Acer Arcade Deluxe O43 - CFD: 11/10/2007 - 18:55:02 ----D- C:\Program Files\Acer Inc O43 - CFD: 27/01/2011 - 16:21:34 ----D- C:\Program Files\Ad-Remover O43 - CFD: 16/08/2010 - 07:19:38 ----D- C:\Program Files\Adobe O43 - CFD: 01/10/2010 - 12:22:26 ----D- C:\Program Files\adslTV O43 - CFD: 14/10/2007 - 17:25:18 ----D- C:\Program Files\Borland O43 - CFD: 01/10/2010 - 12:46:50 ----D- C:\Program Files\Common Files O43 - CFD: 10/12/2006 - 11:35:12 ----D- C:\Program Files\CyberLink O43 - CFD: 23/09/2008 - 18:15:34 ----D- C:\Program Files\epson O43 - CFD: 11/10/2007 - 18:51:00 -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 01/10/2010 - 13:24:38 --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 02/12/2006 - 19:41:02 ----D- C:\Program Files\Intel O43 - CFD: 17/12/2010 - 09:08:12 ----D- C:\Program Files\Internet Explorer O43 - CFD: 02/11/2010 - 13:57:22 ----D- C:\Program Files\Java O43 - CFD: 15/09/2009 - 10:15:00 ----D- C:\Program Files\JRE O43 - CFD: 27/03/2007 - 08:10:32 ----D- C:\Program Files\Launch Manager O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\Microsoft Games O43 - CFD: 26/12/2010 - 18:26:22 ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 30/11/2010 - 15:49:44 ----D- C:\Program Files\Microsoft.NET O43 - CFD: 13/08/2010 - 06:59:42 ----D- C:\Program Files\Movie Maker O43 - CFD: 18/01/2011 - 14:18:48 ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\MSBuild O43 - CFD: 11/10/2007 - 19:23:24 ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 26/02/2010 - 20:24:46 ----D- C:\Program Files\Navilog1 O43 - CFD: 10/12/2006 - 11:34:56 ----D- C:\Program Files\NewTech Infosystems O43 - CFD: 22/12/2010 - 14:09:30 ----D- C:\Program Files\Norton Internet Security O43 - CFD: 06/06/2009 - 18:00:42 ----D- C:\Program Files\OpenOffice.org 2.3 O43 - CFD: 15/09/2009 - 10:14:54 ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 01/10/2010 - 12:38:24 ----D- C:\Program Files\Panda Security O43 - CFD: 01/10/2010 - 12:21:04 ----D- C:\Program Files\QuickTime O43 - CFD: 02/12/2006 - 19:50:02 ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\Reference Assemblies O43 - CFD: 01/10/2010 - 12:08:48 ----D- C:\Program Files\Samsung O43 - CFD: 01/10/2010 - 12:23:00 ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 19/04/2008 - 16:57:00 ----D- C:\Program Files\SpywareBlaster O43 - CFD: 02/12/2006 - 19:58:42 ----D- C:\Program Files\Synaptics O43 - CFD: 02/11/2006 - 14:01:56 --H-D- C:\Program Files\Uninstall Information O43 - CFD: 06/11/2009 - 18:50:30 ----D- C:\Program Files\Windows Calendar O43 - CFD: 06/11/2009 - 18:50:28 ----D- C:\Program Files\Windows Collaboration O43 - CFD: 06/11/2009 - 18:50:24 ----D- C:\Program Files\Windows Defender O43 - CFD: 06/11/2009 - 18:50:28 ----D- C:\Program Files\Windows Journal O43 - CFD: 01/10/2010 - 12:56:02 ----D- C:\Program Files\Windows Live O43 - CFD: 17/12/2010 - 09:08:14 ----D- C:\Program Files\Windows Mail O43 - CFD: 15/10/2010 - 09:15:54 ----D- C:\Program Files\Windows Media Player O43 - CFD: 11/10/2007 - 18:51:00 ----D- C:\Program Files\Windows NT O43 - CFD: 06/11/2009 - 18:50:28 ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 18/11/2009 - 09:45:18 ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 06/11/2009 - 18:50:30 ----D- C:\Program Files\Windows Sidebar O43 - CFD: 07/06/2009 - 14:59:00 ----D- C:\Program Files\Yahoo! O43 - CFD: 31/01/2011 - 13:50:48 ----D- C:\Program Files\ZHPDiag O43 - CFD: 10/12/2006 - 11:26:18 ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 16/08/2010 - 07:19:30 ----D- C:\Program Files\Common Files\Adobe AIR O43 - CFD: 11/10/2007 - 18:55:00 ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 08/08/2010 - 13:54:40 ----D- C:\Program Files\Common Files\Java O43 - CFD: 10/12/2006 - 11:34:44 ----D- C:\Program Files\Common Files\LightScribe O43 - CFD: 01/10/2010 - 12:55:12 ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 10/12/2006 - 11:34:28 ----D- C:\Program Files\Common Files\muvee Technologies O43 - CFD: 10/12/2006 - 11:34:56 ----D- C:\Program Files\Common Files\NewTech Infosystems O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\Services O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 22/12/2010 - 14:07:12 ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 06/11/2009 - 18:50:28 ----D- C:\Program Files\Common Files\System O43 - CFD: 01/10/2010 - 12:46:50 ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 02/05/2010 - 13:48:28 ----D- C:\ProgramData\Adobe O43 - CFD: 19/07/2009 - 11:30:42 ----D- C:\ProgramData\Apple O43 - CFD: 01/10/2010 - 12:37:24 ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Application Data O43 - CFD: 11/10/2007 - 18:51:00 -SH-D- C:\ProgramData\Bureau O43 - CFD: 08/06/2010 - 07:38:52 ----D- C:\ProgramData\CyberLink O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Documents O43 - CFD: 23/09/2008 - 18:05:52 ----D- C:\ProgramData\EPSON O43 - CFD: 11/10/2007 - 18:51:00 -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Favorites O43 - CFD: 11/10/2007 - 18:55:08 ----D- C:\ProgramData\InstallShield O43 - CFD: 30/01/2011 - 23:16:30 ----D- C:\ProgramData\lIkNcMg06511 O43 - CFD: 27/01/2011 - 16:31:00 ----D- C:\ProgramData\Malwarebytes O43 - CFD: 18/09/2010 - 15:15:52 ----D- C:\ProgramData\McAfee O43 - CFD: 11/10/2007 - 18:51:00 -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 01/10/2010 - 12:55:16 -S--D- C:\ProgramData\Microsoft O43 - CFD: 11/10/2007 - 18:51:00 -SH-D- C:\ProgramData\Modèles O43 - CFD: 22/12/2010 - 14:09:30 ----D- C:\ProgramData\Norton O43 - CFD: 29/12/2008 - 14:20:08 ----D- C:\ProgramData\NortonInstaller O43 - CFD: 29/12/2008 - 14:22:46 ----D- C:\ProgramData\PCSettings O43 - CFD: 01/10/2010 - 12:23:00 ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Start Menu O43 - CFD: 02/05/2010 - 13:56:52 ----D- C:\ProgramData\Sun O43 - CFD: 29/12/2008 - 14:31:58 ----D- C:\ProgramData\Symantec O43 - CFD: 29/12/2008 - 14:14:10 ----D- C:\ProgramData\Symantec Temporary Files O43 - CFD: 19/04/2008 - 16:57:06 ---AD- C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 14:02:06 -SH-D- C:\ProgramData\Templates O43 - CFD: 23/09/2008 - 18:23:26 ----D- C:\ProgramData\UDL O43 - CFD: 02/05/2010 - 13:48:24 ----D- C:\Users\ordi\AppData\Roaming\Adobe O43 - CFD: 27/10/2007 - 09:34:48 ----D- C:\Users\ordi\AppData\Roaming\AdobeUM O43 - CFD: 04/10/2009 - 14:40:08 ----D- C:\Users\ordi\AppData\Roaming\Apple Computer O43 - CFD: 19/04/2008 - 17:09:08 ----D- C:\Users\ordi\AppData\Roaming\CyberLink O43 - CFD: 24/12/2007 - 08:19:38 ----D- C:\Users\ordi\AppData\Roaming\EPSON O43 - CFD: 25/12/2007 - 15:36:10 ----D- C:\Users\ordi\AppData\Roaming\Google O43 - CFD: 11/10/2007 - 18:54:56 ----D- C:\Users\ordi\AppData\Roaming\Identities O43 - CFD: 12/10/2007 - 15:29:02 ----D- C:\Users\ordi\AppData\Roaming\InstallShield O43 - CFD: 11/10/2007 - 18:55:06 ----D- C:\Users\ordi\AppData\Roaming\Macromedia O43 - CFD: 27/01/2011 - 16:31:06 ----D- C:\Users\ordi\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Users\ordi\AppData\Roaming\Media Center Programs O43 - CFD: 27/01/2011 - 15:18:52 -S--D- C:\Users\ordi\AppData\Roaming\Microsoft O43 - CFD: 19/07/2009 - 15:34:06 ----D- C:\Users\ordi\AppData\Roaming\MoveFab O43 - CFD: 21/01/2009 - 19:49:12 ----D- C:\Users\ordi\AppData\Roaming\Mozilla O43 - CFD: 06/06/2009 - 18:07:28 ----D- C:\Users\ordi\AppData\Roaming\OpenOffice.org O43 - CFD: 06/06/2009 - 17:46:10 ----D- C:\Users\ordi\AppData\Roaming\OpenOffice.org2 O43 - CFD: 01/10/2010 - 12:09:02 ----D- C:\Users\ordi\AppData\Roaming\Samsung O43 - CFD: 18/08/2008 - 17:24:10 ----D- C:\Users\ordi\AppData\Roaming\Symantec O43 - CFD: 22/12/2010 - 13:59:20 ----D- C:\Users\ordi\AppData\Roaming\Tific O43 - CFD: 01/10/2010 - 12:22:20 ----D- C:\Users\ordi\AppData\Roaming\vlc O43 - CFD: 01/10/2010 - 12:10:08 ----D- C:\Users\ordi\AppData\Roaming\Vso ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.94ED120054898C7500ECFD7F68EE1200] - 31/01/2011 - 13:13:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1266316] O44 - LFC:[MD5.3F97A43A69965A242688256C5F61A107] - 31/01/2011 - 12:52:46 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.CBAF1E4532D11831D19C4D73E197C850] - 27/01/2011 - 16:22:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [3012] O44 - LFC:[MD5.E8F221AFADC47D2F27C304EA619D9C2B] - 27/01/2011 - 15:46:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [174966] ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{72162c7f-9130-11dc-b472-0016d353f9a8}\Shell\AutoRun\command. (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\wscript.exe ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.mkdmp3enc"="C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\PROGRA~1\ACERAR~1\VIDEOM~1\Kernel\Burner\MKDMP3Enc.ACM"="MP3 PowerEncoder" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM"="MP3 PowerEncoder" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKLM\...\Policies\System] - "HideLegacyLogonScripts"=0 O55 - MWPS:[HKLM\...\Policies\System] - "HideLogoffScripts"=0 O55 - MWPS:[HKLM\...\Policies\System] - "RunLogonScriptSync"=1 O55 - MWPS:[HKLM\...\Policies\System] - "RunStartupScriptSync"=1 O55 - MWPS:[HKLM\...\Policies\System] - "HideStartupScripts"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0 O55 - MWPS:[HKCU\...\Policies\System] - "HideLegacyLogonScripts"=0 O55 - MWPS:[HKCU\...\Policies\System] - "HideLogoffScripts"=0 O55 - MWPS:[HKCU\...\Policies\System] - "RunLogonScriptSync"=1 O55 - MWPS:[HKCU\...\Policies\System] - "RunStartupScriptSync"=1 O55 - MWPS:[HKCU\...\Policies\System] - "HideStartupScripts"=0 O55 - MWPS:[HKCU\...\Policies\System] - "disableregistrytools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=255 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968] O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576] O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408] O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048] O58 - SDL:[MD5.2E3ABAACBF547ABBB5E73A504A56D05A] - 05/10/2006 - 20:39:40 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1161152] O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952] O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688] O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688] O58 - SDL:[MD5.6046A55F79DE9C581B8D5E9C1366CC81] - 02/11/2006 - 08:30:52 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [467456] O58 - SDL:[MD5.746F59822A5187510471FC46889B8CC9] - 19/12/2006 - 20:18:28 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS [534016] O58 - SDL:[MD5.D8BA0E0FFBCE2DD5DE110C5146C438B4] - 25/11/2006 - 10:17:42 ---A- . (.Bison Electronics. Inc. - Universal Serial Bus Camera Driver.) -- C:\Windows\system32\drivers\BisonC07.sys [792368] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760] O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520] O58 - SDL:[MD5.F2F431D1573EE632975C524418655B84] - 19/03/2009 - 15:32:48 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [23400] O58 - SDL:[MD5.8B566EA71D5B76157A9CDB78F25A5731] - 28/04/2003 - 10:27:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\HOTKEY.sys [9867] O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480] O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040] O58 - SDL:[MD5.0215E1204D5410E50A5EA9D442FE7DA3] - 06/11/2006 - 18:29:14 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [1473024] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.9D64201C9E5AC8D1F088762BA00FF3AB] - 02/01/2007 - 15:43:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\int15.sys [76584] O58 - SDL:[MD5.91B61589BB2915E81D436EFE07548507] - 02/01/2007 - 15:43:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\int15_64.sys [15656] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640] O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640] O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640] O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 10/12/2006 - 11:34:02 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [6144] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680] O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040] O58 - SDL:[MD5.671F788336DD6A129D0B3743CECE6EEF] - 02/01/2007 - 17:59:18 ---A- . (.HiTRUST - PSD Filter Driver.) -- C:\Windows\system32\drivers\psdfilter.sys [20264] O58 - SDL:[MD5.BE1404B19F7708A89F0F680E6F2CF110] - 02/01/2007 - 17:59:24 ---A- . (.HiTRUST - PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\PSDNServ.sys [16680] O58 - SDL:[MD5.6DE3CBB3F8C8A94CAD7716B91C4B8951] - 02/01/2007 - 17:59:20 ---A- . (.HiTRUST - PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\psdvdisk.sys [60712] O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.A47B2875680AD67B35C6150BD0203056] - 09/11/2006 - 04:09:24 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [1647976] O58 - SDL:[MD5.283392AF1860ECDB5E0F8EBD7F3D72DF] - 02/11/2006 - 08:30:56 ---A- . (.Realtek Corporation - Realtek 8101/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [44544] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504] O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784] O58 - SDL:[MD5.14622AE81C72B08691EEDAABC1D4A129] - 02/05/2007 - 11:12:34 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device II 1.0 Driver.) -- C:\Windows\system32\drivers\ssm_bus.sys [83592] O58 - SDL:[MD5.79B3761947FFDA77F2EF2225C1A1DFB1] - 02/05/2007 - 11:12:34 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_cm.sys [12424] O58 - SDL:[MD5.79B3761947FFDA77F2EF2225C1A1DFB1] - 02/05/2007 - 11:12:34 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_cmnt.sys [12424] O58 - SDL:[MD5.43EE5E9FDA61A5E0EAC4C1DE699E6E4D] - 02/05/2007 - 11:12:36 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ssm_mdfl.sys [15112] O58 - SDL:[MD5.918CFD32C7FEB174F356A0A6FAD11F4B] - 02/05/2007 - 11:12:36 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Driver.) -- C:\Windows\system32\drivers\ssm_mdm.sys [109704] O58 - SDL:[MD5.029711A9A56D300E1DC60EC65121403E] - 02/05/2007 - 11:12:36 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_wh.sys [12424] O58 - SDL:[MD5.029711A9A56D300E1DC60EC65121403E] - 02/05/2007 - 11:12:36 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_whnt.sys [12424] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 16:05:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.F7A4250BB3E3AFCD4AF100E551509352] - 23/10/2006 - 20:17:32 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [179896] O58 - SDL:[MD5.F779BA4CD37963AB4600C9871B7752A3] - 06/07/2006 - 22:44:00 ---A- . (.Texas Instruments - tifm21.sys.) -- C:\Windows\system32\drivers\tifm21.sys [168448] O58 - SDL:[MD5.97DD70FECA64FB4F63DE7BB7E66A80B1] - 02/01/2007 - 15:43:34 ---A- . (.EnTech Taiwan - TVicPort Driver for Windows NT/2000/XP.) -- C:\Windows\system32\drivers\TVicPort.sys [14544] O58 - SDL:[MD5.4E104EBC164231D2272CC9BDD1EF5C40] - 02/01/2007 - 15:43:34 ---A- . (.EnTech Taiwan - TVicPort Driver for Windows NT/2000/XP.) -- C:\Windows\system32\drivers\TVicPort64.sys [8704] O58 - SDL:[MD5.E0C67BE430C6DE490D6CCAECFA071F9E] - 29/08/2006 - 03:30:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\UBHelper.sys [13952] O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512] O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232] O58 - SDL:[MD5.40AC8590CC9006DBB99FFCB37879D4C6] - 02/01/2007 - 15:43:34 ---A- . (.Zeal SoftStudio - zntport.) -- C:\Windows\system32\drivers\zntport.sys [6080] O58 - SDL:[MD5.F2F291F29B4ECE0394F9A28F8E829AFA] - 02/01/2007 - 15:43:34 ---A- . (.Zeal SoftStudio - NTPort Library kernel driver.) -- C:\Windows\system32\drivers\zntport64.sys [6144] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS [34672] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: Navilog1 3.5.2 - (.@IL-MAFIOSO.) [HKLM] -- Navilog1_is1 O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Users\ordi\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - (.not file.) - CO_Mon (CO_Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_CO_MON O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK O64 - Services: CurCS - C:\Windows\System32\Drivers\dfsc.sys - Dfs Client Driver (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL O64 - Services: CurCS - (.not file.) - EraserUtilDrv10820 (EraserUtilDrv10820) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10820 O64 - Services: CurCS - (.not file.) - EraserUtilDrv10822 (EraserUtilDrv10822) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10822 O64 - Services: CurCS - (.not file.) - EraserUtilDrv11010 (EraserUtilDrv11010) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV11010 O64 - Services: CurCS - (.not file.) - EraserUtilDrvI7 (EraserUtilDrvI7) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRVI7 O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(.Pas de propriétaire - Pas de description.) - LEGACY_IDSVIX86 O64 - Services: CurCS - C:\Acer\Empowering Technology\eRecovery\int15.sys - int15 (int15) .(.Pas de propriétaire - Pas de description.) - LEGACY_INT15 O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - (.not file.) - PROCEXP90 (PROCEXP90) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP90 O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\System32\DRIVERS\psdfilter.sys - PSDFilter (PSDFilter) .(.HiTRUST - PSD Filter Driver.) - LEGACY_PSDFILTER O64 - Services: CurCS - C:\Windows\System32\drivers\PSDNServ.sys - PSDNSERVER (PSDNServ) .(.HiTRUST - PSD Named Pipe Driver.) - LEGACY_PSDNSERV O64 - Services: CurCS - C:\Windows\System32\drivers\psdvdisk.sys - psdvdisk (psdvdisk) .(.HiTRUST - PSD Virtual Disk Driver.) - LEGACY_PSDVDISK O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPBBCDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - (.not file.) - SRTSPX (SRTSPX) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRTSPX O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32\Drivers\STAROPEN.sys - StarOpen (StarOpen) .(.Pas de propriétaire - Pas de description.) - LEGACY_STAROPEN O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS O64 - Services: CurCS - (.not file.) - Symantec Data Store (SymDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDS O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEFA O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEVENT O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMFW O64 - Services: CurCS - (.not file.) - Symantec Iron Driver (SymIRON) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIRON O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMNDISV O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV O64 - Services: CurCS - (.not file.) - Symantec Vista Network Dispatch Driver (SYMTDIv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDIV O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Windows\system32\Drivers\UBHELPER.sys - UBHelper (UBHelper) .(.Pas de propriétaire - Pas de description.) - LEGACY_UBHELPER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000 ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {63A4A724-49E3-473B-AF5E-3AE64CFAB0B2} [DefaultScope] - (Yahoo! Search) - Yahoo! Search - Web Search ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.1F43839AEF0D3C0AA5FE7AECAE44D6BD] [sPRF] (.Stirling - _isreg32.) -- C:\Program Files\_ISREG32.DLL [49152] [MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\ordi\AppData\Roaming\inst.exe [87608] [MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\ordi\AppData\Roaming\pcouffin.sys [47360] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{47826D48-31D6-4A48-91AD-C699ABEAACAC}" | In - None - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe O87 - FAEL: "{C63863ED-6996-4D1A-801C-14D425F1AFC2}" | In - None - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "{8A01FC39-13F7-457E-8C62-7B4E57ADEAD2}" | In - Public - FALSE | .(.CyberLink Corp. - CyberLink MCE Deluxe Suite.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe O87 - FAEL: "{B624C9A4-F81C-400E-BF94-F1F1661678CA}" | In - Public - FALSE | .(.CyberLink Corp. - CyberLink MCE Deluxe Suite.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 05/10/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe SR - | Auto 02/01/2007 457512 | eDSService.exe (eDataSecurity Service) . (.HiTRSUT.) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe SR - | Auto 22/12/2006 24576 | (eLockService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe SR - | Auto 28/12/2006 126976 | (eNet Service) . (.Acer Inc..) - C:\Acer\Empowering Technology\eNet\eNet Service.exe SR - | Auto 28/12/2006 49152 | (eRecoveryService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe SR - | Auto 02/01/2007 24576 | (eSettingsService) . (.Pas de propriétaire.) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe SR - | Auto 19/10/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe SR - | Auto 24/11/2006 107008 | (MobilityService) . (.Pas de propriétaire.) - C:\Acer\Mobility Center\MobilityService.exe SS - | Auto 24/11/2006 0 | (Planificateur LiveUpdate automatique) . (.Pas de propriétaire.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe SR - | Auto 20/07/2006 262247 | (RichVideo) . (.Pas de propriétaire.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe SR - | Demand 17/11/2006 118784 | (WisLMSvc) . (.Wistron Corp..) - C:\Program Files\Launch Manager\WisLMSvc.exe SR - | Auto 02/01/2007 135168 | (WMIService) . (.acer.) - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe SR - | Auto 19/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by ordi at 31/01/2011 13:51:08 Use the desktop link 'MBRCheck' to have full report End of the scan (905 lines in 00mn 46s)(0)

Bonjour à tous et féliciations pour la communauté d'entraide. Je suis infesté par un " fake " antivirus qui me bloque tout ou presque, j'ai réussi à accéder au net en deletant le processus en marche avec roguekiller mais là je ne sais plus quoi faire. Mon rapport Je suis disponible toute l'après midi pour effectuer les manipulations. Encore merci

J'ai effectué un scan en ligne panda, mais norton qui est installé, à jour, n'a rien décelé en effet.

ok. alors pour la navigation je n'ai pas de problème. depuis que je suis sur la machine ce matin.

je crois qu'il n'est plus dans le rapport après redémarrage

bonjour Falkra je ne trouve pas de dossier C:\ProgramData\bsdadmhw ( j'ai bien cocher dans les options de dossiers -> afficher les dossiers cachés ) en revanche j'ai un fichier bkbwtsvs.exe.bak.vir dans C:\QooBox\Quarantine\C\ProgramData\bsdadmhw. dois-je passer ce dernier sur vundofix ?

Hijackthis :

merci mille fois les rapports après la dernière manipulation : ComboFix 08-04-08.5 - ordi 2008-04-09 1:30:48.3 - NTFSx86Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.288 [GMT 2:00] Endroit: C:\Users\ordi\Desktop\ComboFix.exe Command switches used :: C:\Users\ordi\Desktop\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\ProgramData\bsdadmhw\bkbwtsvs.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-03-08 to 2008-04-08 )))))))))))))))))))))))))))))))))))) . 2008-04-08 23:49 . 2008-04-08 23:49 16,658,632 --a------ C:\upload_moi_PC-de-ordi.tar.gz 2008-04-08 23:01 . 2008-04-08 23:01 <REP> d-------- C:\VundoFix Backups 2008-04-08 21:59 . 2008-04-08 22:43 <REP> d-------- C:\Program Files\Navilog1 2008-04-04 21:58 . 2008-04-04 21:58 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-04-04 19:48 . 2008-04-04 19:48 0 --a------ C:\Windows\nsreg.dat 2008-04-04 18:53 . 2008-04-04 18:53 <REP> d-------- C:\PerfLogs 2008-04-04 17:39 . 2008-04-04 17:40 <REP> d-------- C:\Program Files\Panda Security 2008-04-04 17:31 . 2008-01-19 09:42 179,256 --a------ C:\Windows\System32\drivers\pcmcia.sys 2008-04-04 17:31 . 2008-01-19 07:32 88,576 --a------ C:\Windows\System32\drivers\sdbus.sys 2008-04-04 17:31 . 2008-01-19 09:36 69,632 --a------ C:\Windows\System32\PNPXAssoc.dll 2008-04-04 17:31 . 2008-01-19 09:36 53,248 --a------ C:\Windows\System32\PNPXAssocPrx.dll 2008-04-04 17:31 . 2008-01-19 08:14 35,328 --a------ C:\Windows\System32\drivers\usbscan.sys 2008-04-04 17:29 . 2008-01-19 09:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll 2008-04-04 17:27 . 2008-01-19 07:31 8,322,048 --a------ C:\Windows\System32\spwizimg.dll 2008-04-04 17:26 . 2008-01-19 09:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll 2008-04-04 17:23 . 2008-01-19 09:33 2,515,968 --a------ C:\Windows\System32\accessibilitycpl.dll 2008-04-04 17:22 . 2008-01-19 09:36 2,153,472 --a------ C:\Windows\System32\oobefldr.dll 2008-04-04 16:39 . 2008-04-04 20:25 <REP> d-a------ C:\Users\All Users\TEMP 2008-04-04 16:39 . 2008-04-04 20:25 <REP> d-a------ C:\ProgramData\TEMP 2008-04-04 16:35 . 2008-04-04 19:29 <REP> d-------- C:\Program Files\SpywareBlaster 2008-04-04 16:23 . 2008-04-04 17:00 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-04-04 16:23 . 2008-04-04 17:00 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-04-04 16:23 . 2008-04-04 16:23 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-04-04 16:13 . 2008-04-04 16:13 <REP> d-------- C:\Program Files\CCleaner . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-08 21:51 --------- d-----w C:\ProgramData\Symantec 2008-04-04 17:08 174 --sha-w C:\Program Files\desktop.ini 2008-04-04 16:56 --------- d-----w C:\Program Files\Windows Sidebar 2008-04-04 16:56 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-04-04 16:56 --------- d-----w C:\Program Files\Windows Mail 2008-04-04 16:56 --------- d-----w C:\Program Files\Windows Journal 2008-04-04 16:56 --------- d-----w C:\Program Files\Windows Defender 2008-04-04 16:56 --------- d-----w C:\Program Files\Windows Collaboration 2008-04-04 16:56 --------- d-----w C:\Program Files\Windows Calendar 2008-04-04 16:12 82,432 ----a-w C:\Windows\System32\axaltocm.dll 2008-04-04 16:12 101,888 ----a-w C:\Windows\System32\ifxcardm.dll 2008-04-04 15:01 --------- d-----w C:\Users\ordi\AppData\Roaming\OpenOffice.org2 2008-03-11 07:12 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-03-07 12:40 13,035 ----a-w C:\Windows\system32\drivers\SymRedir.cat 2008-03-07 12:40 1,358 ----a-w C:\Windows\system32\drivers\SymRedir.inf 2008-03-07 12:39 39,984 ----a-w C:\Windows\system32\drivers\symids.sys 2008-03-07 12:39 37,936 ----a-w C:\Windows\system32\drivers\symndisv.sys 2008-03-07 12:39 27,696 ----a-w C:\Windows\system32\drivers\symredrv.sys 2008-03-07 12:39 191,536 ----a-w C:\Windows\system32\drivers\symtdi.sys 2008-03-07 12:39 145,968 ----a-w C:\Windows\system32\drivers\symfw.sys 2008-03-07 12:39 12,848 ----a-w C:\Windows\system32\drivers\symdns.sys 2008-03-06 20:32 706 ----a-w C:\Windows\system32\drivers\COH_Mon.inf 2008-03-06 20:32 23,904 ----a-w C:\Windows\system32\drivers\COH_Mon.sys 2008-03-06 20:32 10,537 ----a-w C:\Windows\system32\drivers\COH_Mon.cat 2008-02-14 02:09 6,656 ----a-w C:\Windows\System32\kbd106n.dll 2008-01-19 07:44 986,680 ----a-w C:\Windows\System32\winload.exe 2008-01-19 07:44 926,776 ----a-w C:\Windows\System32\winresume.exe 2008-01-19 07:43 614,968 ----a-w C:\Windows\System32\ci.dll 2008-01-19 07:43 376,376 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll 2008-01-19 07:43 3,600,440 ----a-w C:\Windows\System32\ntkrnlpa.exe 2008-01-19 07:43 3,548,728 ----a-w C:\Windows\System32\ntoskrnl.exe 2008-01-19 07:42 94,776 ----a-w C:\Windows\System32\MigAutoPlay.exe 2008-01-19 07:42 51,768 ----a-w C:\Windows\System32\PSHED.DLL 2008-01-19 07:42 247,352 ----a-w C:\Windows\System32\clfs.sys 2008-01-19 07:42 177,208 ----a-w C:\Windows\System32\halmacpi.dll 2008-01-19 07:42 141,880 ----a-w C:\Windows\System32\halacpi.dll 2008-01-19 07:41 24,120 ----a-w C:\Windows\System32\BOOTVID.DLL 2008-01-19 07:41 21,560 ----a-w C:\Windows\System32\kdusb.dll 2008-01-19 07:41 19,512 ----a-w C:\Windows\System32\kdcom.dll 2008-01-19 07:38 46,080 ----a-w C:\Windows\System32\NAPCRYPT.DLL 2008-01-19 07:38 4,595,712 ----a-w C:\Windows\System32\AuthFWSnapin.dll 2008-01-19 07:38 242,744 ----a-w C:\Windows\System32\rsaenh.dll 2008-01-19 07:38 155,704 ----a-w C:\Windows\System32\dssenh.dll 2008-01-19 07:38 131,640 ----a-w C:\Windows\System32\basecsp.dll 2008-01-19 07:38 103,936 ----a-w C:\Windows\System32\NAPHLPR.DLL 2008-01-19 07:38 1,203,792 ----a-w C:\Windows\System32\ntdll.dll 2008-01-19 07:36 996,352 ----a-w C:\Windows\System32\WMNetMgr.dll 2008-01-19 07:35 98,304 ----a-w C:\Windows\System32\mssitlb.dll 2008-01-19 07:34 98,816 ----a-w C:\Windows\System32\mfps.dll 2008-01-19 07:33 98,304 ----a-w C:\Windows\System32\makecab.exe 2008-01-19 07:32 879,616 ----a-w C:\Windows\System32\Bubbles.scr 2008-01-19 07:32 704,512 ----a-w C:\Windows\System32\PhotoScreensaver.scr 2008-01-19 07:32 5,714,432 ----a-w C:\Windows\System32\logon.scr 2008-01-19 07:32 258,048 ----a-w C:\Windows\System32\winspool.drv 2008-01-19 07:32 221,184 ----a-w C:\Windows\System32\Mystify.scr 2008-01-19 07:32 220,672 ----a-w C:\Windows\System32\Ribbons.scr 2008-01-19 07:32 21,504 ----a-w C:\Windows\System32\msacm32.drv 2008-01-19 07:32 166,912 ----a-w C:\Windows\System32\wdmaud.drv 2008-01-19 07:32 1,370,624 ----a-w C:\Windows\System32\Aurora.scr 2008-01-19 07:31 7,680 ----a-w C:\Windows\System32\spwizres.dll 2008-01-19 07:31 57,856 ----a-w C:\Windows\System32\nlsbres.dll 2008-01-19 07:31 118,272 ----a-w C:\Windows\System32\RDPENCDD.dll 2008-01-19 07:30 17,920 ----a-w C:\Windows\System32\netevent.dll 2008-01-19 07:29 705,536 ----a-w C:\Windows\System32\imagesp1.dll 2008-01-19 07:29 58,880 ----a-w C:\Windows\System32\msobjs.dll 2008-01-19 07:28 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll 2008-01-19 07:26 36,864 ----a-w C:\Windows\System32\cdd.dll 2008-01-19 06:06 8,147,456 ----a-w C:\Windows\System32\wmploc.DLL 2008-01-19 06:01 14,336 ----a-w C:\Windows\System32\tsddd.dll 2008-01-19 06:01 134,656 ----a-w C:\Windows\System32\rdpdd.dll 2008-01-19 05:52 56,320 ----a-w C:\Windows\System32\vga256.dll 2008-01-19 05:52 21,504 ----a-w C:\Windows\System32\vga64k.dll 2008-01-19 05:52 11,776 ----a-w C:\Windows\System32\framebuf.dll 2008-01-19 05:52 10,752 ----a-w C:\Windows\System32\vga.dll 2008-01-19 05:50 14,848 ----a-w C:\Windows\System32\iscsilog.dll 2008-01-19 05:48 20,992 ----a-w C:\Windows\System32\msdtcVSp1res.dll 2008-01-19 05:48 1,291,264 ----a-w C:\Windows\System32\comres.dll 2008-01-19 05:46 4,240,384 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll 2008-01-19 05:39 13,312 ----a-w C:\Windows\System32\WsmRes.dll 2008-01-19 05:37 2,031,616 ----a-w C:\Windows\System32\win32k.sys 2008-01-19 05:36 289,792 ----a-w C:\Windows\System32\atmfd.dll 2008-01-19 05:33 56,320 ----a-w C:\Windows\System32\graftabl.com 2008-01-19 05:27 8,704 ----a-w C:\Windows\System32\kd1394.dll 2008-01-19 05:26 605,696 ----a-w C:\Windows\System32\adtschema.dll 2008-01-19 03:17 100,043 ----a-w C:\Windows\System32\StructuredQuerySchema.bin 2007-10-14 16:33 540 ----a-w C:\Program Files\_DEISREG.ISR 1999-06-24 09:24 49,152 ----a-w C:\Program Files\_ISREG32.DLL . ((((((((((((((((((((((((((((( snapshot@2008-04-09_ 0.15.36.54 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-08 22:10:39 67,584 --s-a-w C:\Windows\bootstat.dat + 2008-04-08 23:26:47 67,584 --s-a-w C:\Windows\bootstat.dat - 2008-04-08 22:11:30 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-04-08 23:28:45 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-04-08 23:28:45 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-04-08 22:11:28 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-04-08 23:28:00 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-04-08 23:28:00 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-04-08 21:59:18 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-04-08 23:20:51 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-04-08 21:59:18 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-04-08 23:20:51 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-04-08 21:59:18 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-04-08 23:20:51 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-04-08 20:00:57 101,250 ----a-w C:\Windows\System32\perfc009.dat + 2008-04-08 23:34:47 101,250 ----a-w C:\Windows\System32\perfc009.dat - 2008-04-08 20:00:57 123,556 ----a-w C:\Windows\System32\perfc00C.dat + 2008-04-08 23:34:47 123,556 ----a-w C:\Windows\System32\perfc00C.dat - 2008-04-08 20:00:57 587,178 ----a-w C:\Windows\System32\perfh009.dat + 2008-04-08 23:34:47 587,178 ----a-w C:\Windows\System32\perfh009.dat - 2008-04-08 20:00:57 669,578 ----a-w C:\Windows\System32\perfh00C.dat + 2008-04-08 23:34:47 669,578 ----a-w C:\Windows\System32\perfh00C.dat - 2008-04-08 22:13:24 10,958 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1224772120-3823277818-4152024611-1000_UserData.bin + 2008-04-08 23:28:45 10,974 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1224772120-3823277818-4152024611-1000_UserData.bin - 2008-04-08 22:13:23 70,360 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-04-08 23:28:44 70,424 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-04-08 19:56:06 54,492 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-04-08 23:28:40 54,500 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920] "EPSON Stylus DX6000 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBIE.exe" [2006-09-22 06:01 139264] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952] "5NOEAsuPaW"="C:\ProgramData\bsdadmhw\bkbwtsvs.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Tour"="" [] "eRecoveryService"="" [] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 09:38 1008184] "Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-11-09 14:37 86016] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 21:00 815104] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 20:57 3784704 C:\Windows\RtHDVCpl.exe] "Persistence"="C:\Windows\system32\igfxpers.exe" [2006-11-06 18:02 81920] "osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [2006-11-21 22:30 22696] "LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2006-08-29 09:26 241664] "LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2007-01-10 11:34 200704] "LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 13:36 32768] "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2006-11-06 18:02 98304] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2006-11-06 18:05 106496] "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 18:58 464168] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 22:33 107112] "Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-14 20:38 151552] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696] Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-10 12:48:33 528384] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{8A01FC39-13F7-457E-8C62-7B4E57ADEAD2}"= UDP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite "{B624C9A4-F81C-400E-BF94-F1F1661678CA}"= TCP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-01-02 18:59] R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-01-02 18:59] R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-01-02 18:59] R1 Hotkey;Hotkey;C:\Windows\system32\drivers\Hotkey.sys [2003-04-28 11:27] R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080407.003\IDSvix86.sys [2008-02-13 18:18] R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-01-02 18:58] R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 20:07] R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 16:46] R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57] R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 09:33] R3 Cam5607;Acer OrbiCam;C:\Windows\system32\Drivers\BisonC07.sys [2006-11-25 11:17] R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 19:29] R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-03-07 14:39] R3 WisLMSvc;WisLMSvc;"C:\Program Files\Launch Manager\WisLMSvc.exe" [2006-11-17 20:45] S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 09:30] S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 21:18] *Newly Created Service* - COMHOST . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-04-04 15:34:02 C:\Windows\Tasks\Norton Internet Security - Analyse système complète - ordi.job" - c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK: . ************************************************************************** catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-09 01:35:15 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-04-09 1:36:15 ComboFix-quarantined-files.txt 2008-04-08 23:36:08 ComboFix2.txt 2008-04-08 22:42:30 Pre-Run: 36,148,449,280 octets libres Post-Run: 35,906,293,760 octets libres . 2008-04-04 16:30:16 --- E O F ---