Aller au contenu

patcar06

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    29

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par patcar06

  1. patcar06
    Super! Merci encore pour ton aide et tes précieux conseils. Au plaisir Patrice
  2. patcar06
    Bonjour Yesss çà y est le message d'erreur a disparu. Merci beaucoup pour ta persévérance et le partage de tes connaissances, j'apprécie beaucoup. J'imagine que j'ai intérêt à faire une image de mon système propre maintenant ou me conseilles-tu autre chose?
  3. patcar06
    OK me revoilou avec mon problème de boottson. Il n'y a qu'un utilisateur (et un administrateur) sur mon PC. Par contre je ne comprends pas trop la manip car je n'ai pû installer Hijackthis qu'en tant qu'admin, je l'ai donc lancé sous mon compte admin aussi. Voici le log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:18:45, on 13/08/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\nlssrv32.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\D-Link\DWA-131 revA\wirelesscm.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe" -r O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [AdobeBridge] (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [skype] "C:\Documents and Settings\Patrice\Local Settings\Application Data\Skype\Phone\Skype.exe" /nosplash /minimized (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [cleacomp] rundll32 "boottson.dll",CreateProcessNotify (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [EPSON SX525WD Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGAE.EXE /FU "C:\WINDOWS\TEMP\E_S3E4.tmp" /EF "HKCU" (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [Epson Stylus SX525WD(Réseau)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGAE.EXE /FU "C:\DOCUME~1\Patrice\LOCALS~1\Temp\E_S1A.tmp" /EF "HKCU" (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (User 'Patrice') O4 - S-1-5-21-796845957-117609710-1801674531-1003 Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'Patrice') O4 - S-1-5-21-796845957-117609710-1801674531-1003 User Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'Patrice') O4 - S-1-5-18 Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'SYSTEM') O4 - .DEFAULT Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{511CCF1A-5470-4302-AB7F-63158B11BAD9}: NameServer = 62.231.32.10,62.231.32.11 O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: DCService.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: SwitchBoard - Unknown owner - C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe (file missing) O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe O23 - Service: WLSVC - Unknown owner - C:\Program Files\D-Link\DWA-131 revA\WLSVC.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 12735 bytes
  4. patcar06
    Désolé pour le délai de réponse mais les scans sont très longs, il a fallut que je m'organise pour ne pas immobiliser le PC. Pour cela j'ai scanné les disques un par un, il n'y a pas de virus. DrWeb trouve des virus sur le disque C mais ce sont ceux qui étaient déjà mis en quarantaine par mon antivirus. A part çà le message d'erreur est toujours là. Je serai absent toute la semaine prochaine mais je reprendrai le problème à mon retour.Merci. Le fichier DrWeb.csv 4c8f0a91.qua\data001 C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4c8f0a91.qua Probablement Trojan.Packed.Based 4c8f0a91.qua C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED Conteneur comporte des objets infectés Quarantaine. 4cad7875.qua\data001 C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4cad7875.qua Trojan.MulDrop2.16892 4cad7875.qua C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED Conteneur comporte des objets infectés Quarantaine. 4ef0f8c0.qua\data001 C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4ef0f8c0.qua Probablement Trojan.Packed.Based 4ef0f8c0.qua C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED Conteneur comporte des objets infectés Quarantaine. 4ef9d4aa.qua\data001 C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4ef9d4aa.qua Probablement Trojan.Packed.Based 4ef9d4aa.qua C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED Conteneur comporte des objets infectés Quarantaine. 543a5d0a.qua\data001 C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\543a5d0a.qua Trojan.MulDrop2.16892 543a5d0a.qua C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED Conteneur comporte des objets infectés Quarantaine.
  5. patcar06
    Le message d'erreur est encore là. Pour être honnête mon xp est une copie donc la vérification système n'a pas dû être optimale.
  6. patcar06
    Désolé ce foutu message est toujours là. Le rapport ZHPFixReport.txt: Rapport de ZHPFix 1.12.3344 par Nicolas Coolman, Update du 21/07/2011 Fichier d'export Registre : Run by Pat-admin at 26/07/2011 20:30:40 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Logiciel(s) ========== SUPPRIME O42 - Logiciel: GrabIt 1.7.2 Beta 3 (build 996) - (.Ilan Shemes.) [HKLM] -- GrabIt_is1 ========== Clé(s) du Registre ========== SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} ========== Valeur(s) du Registre ========== SUPPRIME TDSD Value: ir50_32.dll SUPPRIME RunValue: Adobe Reader Speed Launcher SUPPRIME RunValue: ctfmon.exe ABSENT RunValue: ctfmon.exe ========== Elément(s) de donnée du Registre ========== SUPPRIME R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy ========== Dossier(s) ========== ABSENT C:\Program Files\GrabIt ========== Fichier(s) ========== SUPPRIME c:\error.log ========== Récapitulatif ========== 1 : Clé(s) du Registre 4 : Valeur(s) du Registre 1 : Elément(s) de donnée du Registre 1 : Dossier(s) 1 : Fichier(s) 1 : Logiciel(s) ========== Chemin du fichier rapport ========== C:\Program Files\ZHPDiag\ZHPFixReport.txt End of the scan in 00mn 12s
  7. patcar06
    Bonjour Pas de résultat avec les désactivations de programmes dans Ccleaner. Voici le rapport ZHPDiag.txt Lien CJoint.com 0GApryS89nQ
  8. patcar06
    J'ai toujours mon message d'erreur en redémarrant, j'ai donc lancé SystemLook mais que ce soit sous mon compte utilisateur ou administrateur j'ai ce message: SystemLook.exe a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru. Voici quand même le fichier SystemLook.txt SystemLook 04.09.10 by jpshortstuff Log created at 21:53 on 25/07/2011 by Pat-admin Administrator - Elevation successful ========== filefind ========== Searching for "*boottson*" No files found. ========== regfind ========== Searching for "boottson"
  9. patcar06
    ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager not found. File C:\Program Files\Fichiers communs\Adobe\CS5ServiceManager\CS5ServiceManager.exe not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ArcSoft Connection Service not found. File C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard not found. File C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\pdfSaver3 not found. File C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe not found. File move failed. C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\MRU-Blaster Silent Clean.lnk scheduled to be moved on reboot. File C:\Program Files\MRU-Blaster\mrublaster.exe not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== OTL by OldTimer - Version 3.2.26.1 log created on 07252011_212905 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\MRU-Blaster Silent Clean.lnk not found! Registry entries deleted on Reboot...
  10. patcar06
    Et enfin une copie d'écran du message d'erreur: Lien CJoint.com 0GztGfH0yTX
  11. patcar06
    Le rapport TDSSKiller.2.5.11.0_25.07.2011_19.18.37_log.txt: 2011/07/25 19:18:37.0359 3064 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56 2011/07/25 19:18:37.0859 3064 ================================================================================ 2011/07/25 19:18:37.0859 3064 SystemInfo: 2011/07/25 19:18:37.0859 3064 2011/07/25 19:18:37.0859 3064 OS Version: 5.1.2600 ServicePack: 3.0 2011/07/25 19:18:37.0859 3064 Product type: Workstation 2011/07/25 19:18:37.0859 3064 ComputerName: PATRICE-PC 2011/07/25 19:18:37.0859 3064 UserName: Pat-admin 2011/07/25 19:18:37.0859 3064 Windows directory: C:\WINDOWS 2011/07/25 19:18:37.0859 3064 System windows directory: C:\WINDOWS 2011/07/25 19:18:37.0859 3064 Processor architecture: Intel x86 2011/07/25 19:18:37.0859 3064 Number of processors: 4 2011/07/25 19:18:37.0859 3064 Page size: 0x1000 2011/07/25 19:18:37.0875 3064 Boot type: Normal boot 2011/07/25 19:18:37.0875 3064 ================================================================================ 2011/07/25 19:18:39.0578 3064 Initialize success 2011/07/25 19:19:26.0421 2524 ================================================================================ 2011/07/25 19:19:26.0421 2524 Scan started 2011/07/25 19:19:26.0421 2524 Mode: Manual; 2011/07/25 19:19:26.0421 2524 ================================================================================ 2011/07/25 19:19:27.0390 2524 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/07/25 19:19:27.0421 2524 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/07/25 19:19:27.0468 2524 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/07/25 19:19:27.0500 2524 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys 2011/07/25 19:19:27.0515 2524 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys 2011/07/25 19:19:27.0546 2524 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 2011/07/25 19:19:27.0656 2524 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/07/25 19:19:27.0718 2524 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\WINDOWS\system32\drivers\AsIO.sys 2011/07/25 19:19:27.0734 2524 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys 2011/07/25 19:19:27.0765 2524 asusgsb (d320732bcf5ff856120bd06855c66867) C:\WINDOWS\system32\drivers\asusgsb.sys 2011/07/25 19:19:27.0781 2524 asuskbnt (b3b881eb81013aac11594a5400ada47a) C:\WINDOWS\system32\drivers\atkkbnt.sys 2011/07/25 19:19:27.0812 2524 ASUSVRC (94442e3029ff6c9f08140fe6718af4fb) C:\WINDOWS\system32\DRIVERS\AsusVRC.sys 2011/07/25 19:19:27.0828 2524 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/07/25 19:19:27.0843 2524 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/07/25 19:19:27.0953 2524 ati2mtag (1d99d1b43638e31ea5cf4a8fd199762b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2011/07/25 19:19:28.0062 2524 AtiHdmiService (7e13f3f0f4c4c337a6949a18d1d23089) C:\WINDOWS\system32\drivers\AtiHdmi.sys 2011/07/25 19:19:28.0093 2524 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/07/25 19:19:28.0125 2524 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/07/25 19:19:28.0203 2524 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/07/25 19:19:28.0218 2524 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 2011/07/25 19:19:28.0250 2524 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys 2011/07/25 19:19:28.0281 2524 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys 2011/07/25 19:19:28.0312 2524 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/07/25 19:19:28.0359 2524 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 2011/07/25 19:19:28.0375 2524 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 2011/07/25 19:19:28.0406 2524 BTHPORT (ef26202fee56f7607c6b794059df347a) C:\WINDOWS\system32\Drivers\BTHport.sys 2011/07/25 19:19:28.0421 2524 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 2011/07/25 19:19:28.0453 2524 btiaa2dp (828320c73097597728593723ff5c2760) C:\WINDOWS\system32\drivers\btiaa2dp.sys 2011/07/25 19:19:28.0484 2524 BTiAPan (1599487510d9c84420689267dda53168) C:\WINDOWS\system32\DRIVERS\btiapan.sys 2011/07/25 19:19:28.0500 2524 btiarcp (416baf4f7c123fbc9b46b8e2a2619ea1) C:\WINDOWS\system32\DRIVERS\btiarcp.sys 2011/07/25 19:19:28.0531 2524 btiaspp (b6098e3275d306f4166d7d9d0f157584) C:\WINDOWS\system32\DRIVERS\btiaspp.sys 2011/07/25 19:19:28.0546 2524 BTIAUSB (529430030288a9c619c2ec569f7bb286) C:\WINDOWS\system32\DRIVERS\btiausb.sys 2011/07/25 19:19:28.0578 2524 BTPROT (c84b59444b41b71f6b4e469fa4072d69) C:\WINDOWS\system32\DRIVERS\btprot.sys 2011/07/25 19:19:28.0625 2524 camvid20 (5f68a3ab60262e3bf5b5c6c926e53525) C:\WINDOWS\system32\DRIVERS\camdrv21.sys 2011/07/25 19:19:28.0671 2524 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/07/25 19:19:28.0687 2524 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/07/25 19:19:28.0718 2524 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/07/25 19:19:28.0734 2524 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/07/25 19:19:28.0765 2524 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/07/25 19:19:28.0812 2524 cmdGuard (251f906328af49e7927a1ad12b543a2f) C:\WINDOWS\system32\DRIVERS\cmdguard.sys 2011/07/25 19:19:28.0843 2524 cmdHlp (207f06d08afcdd3bbc801eab1a845cfb) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys 2011/07/25 19:19:28.0921 2524 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/07/25 19:19:28.0968 2524 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2011/07/25 19:19:29.0000 2524 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2011/07/25 19:19:29.0031 2524 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/07/25 19:19:29.0062 2524 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/07/25 19:19:29.0156 2524 driverhardwarev2 (0f1189883690949ba7a9f68339587e51) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys 2011/07/25 19:19:29.0171 2524 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/07/25 19:19:29.0203 2524 EIO_XP (0daf3544804650526751c478aeccce63) C:\WINDOWS\system32\drivers\EIO_XP.sys 2011/07/25 19:19:29.0234 2524 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys 2011/07/25 19:19:29.0250 2524 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys 2011/07/25 19:19:29.0281 2524 ewusbnet (4fd02e31eac2cbc81eb08a1ce81e73a2) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys 2011/07/25 19:19:29.0312 2524 ew_hwusbdev (e98a64c7f106740a38fb2b78197816f8) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys 2011/07/25 19:19:29.0343 2524 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/07/25 19:19:29.0375 2524 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/07/25 19:19:29.0390 2524 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys 2011/07/25 19:19:29.0406 2524 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2011/07/25 19:19:29.0437 2524 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2011/07/25 19:19:29.0468 2524 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 2011/07/25 19:19:29.0484 2524 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/07/25 19:19:29.0500 2524 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/07/25 19:19:29.0515 2524 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys 2011/07/25 19:19:29.0562 2524 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/07/25 19:19:29.0593 2524 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/07/25 19:19:29.0625 2524 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/07/25 19:19:29.0671 2524 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/07/25 19:19:29.0703 2524 huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys 2011/07/25 19:19:29.0734 2524 hwdatacard (3e3bfe85b9fe3720bf4c108f57c945fb) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys 2011/07/25 19:19:29.0796 2524 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\drivers\i8042prt.sys 2011/07/25 19:19:29.0828 2524 iAnywhere_btAudio (bf5317124ccaa045c4ac1c0895fa08f7) C:\WINDOWS\system32\drivers\btiasco.sys 2011/07/25 19:19:29.0859 2524 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/07/25 19:19:29.0921 2524 Inspect (c9953067b2c9e3d3dd44ec22d1e0815a) C:\WINDOWS\system32\DRIVERS\inspect.sys 2011/07/25 19:19:30.0000 2524 IntcAzAudAddService (6f336c2d18ba1e7ce8d0f31541c87a1d) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2011/07/25 19:19:30.0109 2524 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/07/25 19:19:30.0125 2524 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 2011/07/25 19:19:30.0156 2524 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/07/25 19:19:30.0171 2524 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/07/25 19:19:30.0187 2524 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/07/25 19:19:30.0203 2524 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/07/25 19:19:30.0234 2524 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/07/25 19:19:30.0265 2524 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/07/25 19:19:30.0296 2524 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/07/25 19:19:30.0312 2524 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/07/25 19:19:30.0343 2524 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/07/25 19:19:30.0375 2524 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/07/25 19:19:30.0406 2524 L1e (fa46f5d09edf93e0c71fe6500fe3f4ae) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys 2011/07/25 19:19:30.0421 2524 LBeepKE (8f4d784b3f22f468eea99da02b0e39e5) C:\WINDOWS\system32\Drivers\LBeepKE.sys 2011/07/25 19:19:30.0453 2524 LHidFilt (dd83dc92463fce6324fd30a13d17d0da) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys 2011/07/25 19:19:30.0484 2524 LMouFilt (8fe0008e183ff0293a925b78a5581c5f) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys 2011/07/25 19:19:30.0500 2524 LUsbFilt (0dec219cb6efcbc872f88f9aec320ea6) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys 2011/07/25 19:19:30.0515 2524 lvpopflt (9fb982de1c8dd769f8ed681dd878b12f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys 2011/07/25 19:19:30.0546 2524 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 2011/07/25 19:19:30.0593 2524 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys 2011/07/25 19:19:30.0703 2524 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys 2011/07/25 19:19:30.0843 2524 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/07/25 19:19:30.0875 2524 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2011/07/25 19:19:30.0890 2524 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/07/25 19:19:30.0921 2524 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/07/25 19:19:30.0937 2524 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/07/25 19:19:30.0953 2524 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/07/25 19:19:30.0984 2524 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/07/25 19:19:31.0000 2524 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/07/25 19:19:31.0031 2524 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/07/25 19:19:31.0046 2524 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/07/25 19:19:31.0078 2524 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/07/25 19:19:31.0093 2524 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/07/25 19:19:31.0109 2524 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/07/25 19:19:31.0156 2524 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys 2011/07/25 19:19:31.0156 2524 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 2011/07/25 19:19:31.0187 2524 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/07/25 19:19:31.0218 2524 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/07/25 19:19:31.0250 2524 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/07/25 19:19:31.0265 2524 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/07/25 19:19:31.0296 2524 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/07/25 19:19:31.0328 2524 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/07/25 19:19:31.0343 2524 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/07/25 19:19:31.0359 2524 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/07/25 19:19:31.0453 2524 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/07/25 19:19:31.0500 2524 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/07/25 19:19:31.0546 2524 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/07/25 19:19:31.0562 2524 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/07/25 19:19:31.0609 2524 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/07/25 19:19:31.0640 2524 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/07/25 19:19:31.0671 2524 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/07/25 19:19:31.0687 2524 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/07/25 19:19:31.0718 2524 PalmUSBD (240c0d4049a833b16b63b636acf01672) C:\WINDOWS\system32\drivers\PalmUSBD.sys 2011/07/25 19:19:31.0734 2524 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 2011/07/25 19:19:31.0750 2524 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/07/25 19:19:31.0781 2524 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/07/25 19:19:31.0796 2524 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/07/25 19:19:31.0828 2524 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/07/25 19:19:31.0859 2524 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/07/25 19:19:31.0968 2524 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/07/25 19:19:31.0984 2524 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/07/25 19:19:32.0015 2524 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/07/25 19:19:32.0031 2524 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys 2011/07/25 19:19:32.0093 2524 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/07/25 19:19:32.0125 2524 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/07/25 19:19:32.0140 2524 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/07/25 19:19:32.0156 2524 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/07/25 19:19:32.0187 2524 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/07/25 19:19:32.0203 2524 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/07/25 19:19:32.0234 2524 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2011/07/25 19:19:32.0265 2524 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/07/25 19:19:32.0296 2524 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/07/25 19:19:32.0328 2524 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 2011/07/25 19:19:32.0375 2524 RTL8023xp (67c9511a760149797e806ffd9f14ad37) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 2011/07/25 19:19:32.0406 2524 RTL8192su (7bfdf13721f0366212ab8e94361a05bd) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys 2011/07/25 19:19:32.0437 2524 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys 2011/07/25 19:19:32.0453 2524 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys 2011/07/25 19:19:32.0468 2524 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys 2011/07/25 19:19:32.0500 2524 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys 2011/07/25 19:19:32.0531 2524 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys 2011/07/25 19:19:32.0546 2524 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys 2011/07/25 19:19:32.0578 2524 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys 2011/07/25 19:19:32.0593 2524 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys 2011/07/25 19:19:32.0625 2524 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/07/25 19:19:32.0656 2524 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/07/25 19:19:32.0687 2524 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/07/25 19:19:32.0703 2524 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/07/25 19:19:32.0750 2524 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/07/25 19:19:32.0765 2524 snapman380 (5ce1cf27620b144e212d407cdb14d339) C:\WINDOWS\system32\DRIVERS\snman380.sys 2011/07/25 19:19:32.0796 2524 speedfan (cadc69ceb6d6f32516c3da5795912b0a) C:\WINDOWS\system32\speedfan.sys 2011/07/25 19:19:32.0843 2524 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/07/25 19:19:32.0875 2524 Spyder2 (527bbe1a1e98e634b540325491927efe) C:\WINDOWS\system32\DRIVERS\Spyder2.sys 2011/07/25 19:19:32.0906 2524 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/07/25 19:19:32.0937 2524 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/07/25 19:19:32.0953 2524 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 2011/07/25 19:19:32.0984 2524 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/07/25 19:19:33.0015 2524 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/07/25 19:19:33.0031 2524 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/07/25 19:19:33.0093 2524 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/07/25 19:19:33.0125 2524 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/07/25 19:19:33.0156 2524 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/07/25 19:19:33.0203 2524 tdrpman174 (d953f161177dab3c8440844a9ab6e5a2) C:\WINDOWS\system32\DRIVERS\tdrpm174.sys 2011/07/25 19:19:33.0250 2524 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/07/25 19:19:33.0265 2524 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/07/25 19:19:33.0281 2524 tifsfilter (6dcb8ddb481cd3c40fa68593723b4d89) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys 2011/07/25 19:19:33.0296 2524 timounter (394fc70b88b7958fa85798bbc76d140a) C:\WINDOWS\system32\DRIVERS\timntr.sys 2011/07/25 19:19:33.0359 2524 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/07/25 19:19:33.0406 2524 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/07/25 19:19:33.0453 2524 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2011/07/25 19:19:33.0468 2524 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/07/25 19:19:33.0484 2524 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/07/25 19:19:33.0515 2524 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/07/25 19:19:33.0546 2524 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/07/25 19:19:33.0562 2524 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/07/25 19:19:33.0593 2524 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/07/25 19:19:33.0609 2524 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/07/25 19:19:33.0640 2524 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 2011/07/25 19:19:33.0671 2524 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/07/25 19:19:33.0703 2524 Video3D (8643da4a6c83da6c10fcab1e5ab6632d) C:\WINDOWS\system32\Drivers\Video3D32.sys 2011/07/25 19:19:33.0718 2524 VNUSB (ae01e1ed5a81e0d268b91b4a6de5a872) C:\WINDOWS\system32\DRIVERS\VNUSB.sys 2011/07/25 19:19:33.0734 2524 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/07/25 19:19:33.0765 2524 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/07/25 19:19:33.0812 2524 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 2011/07/25 19:19:33.0859 2524 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/07/25 19:19:33.0921 2524 WLNdis50 (bb2c5a7a555b387b85481b8bde5370d7) C:\WINDOWS\system32\DRIVERS\wlndis50.sys 2011/07/25 19:19:33.0968 2524 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/07/25 19:19:34.0015 2524 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0 2011/07/25 19:19:34.0109 2524 MBR (0x1B8) (06449e7c4af0550b77e260798769aa40) \Device\Harddisk1\DR3 2011/07/25 19:19:34.0125 2524 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR4 2011/07/25 19:19:34.0125 2524 MBR (0x1B8) (06449e7c4af0550b77e260798769aa40) \Device\Harddisk3\DR7 2011/07/25 19:19:34.0140 2524 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk4\DR8 2011/07/25 19:19:34.0156 2524 Boot (0x1200) (197d2cd50738e6e80c00d58b1a2fc155) \Device\Harddisk0\DR0\Partition0 2011/07/25 19:19:34.0171 2524 Boot (0x1200) (6364e0874f17a64734115d2a17962159) \Device\Harddisk0\DR0\Partition1 2011/07/25 19:19:34.0171 2524 Boot (0x1200) (7948918986d44b32fca2289eee8c6666) \Device\Harddisk1\DR3\Partition0 2011/07/25 19:19:34.0187 2524 Boot (0x1200) (5f4896965561740c7ba106fd9805b0c4) \Device\Harddisk2\DR4\Partition0 2011/07/25 19:19:34.0187 2524 Boot (0x1200) (3262454fc1b8c34fb00868b234632b21) \Device\Harddisk3\DR7\Partition0 2011/07/25 19:19:34.0187 2524 Boot (0x1200) (c6ce3013f3c67bab7a5aa7bfd5eaee4f) \Device\Harddisk4\DR8\Partition0 2011/07/25 19:19:34.0203 2524 ================================================================================ 2011/07/25 19:19:34.0203 2524 Scan finished 2011/07/25 19:19:34.0203 2524 ================================================================================ 2011/07/25 19:19:34.0203 3716 Detected object count: 0 2011/07/25 19:19:34.0203 3716 Actual detected object count: 0 et le OTL.Txt: OTL logfile created on: 25/07/2011 19:23:05 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Patrice\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,49% Memory free 3,85 Gb Paging File | 3,31 Gb Available in Paging File | 85,96% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 13,69 Gb Free Space | 28,03% Space Free | Partition Type: NTFS Drive D: | 547,34 Gb Total Space | 243,90 Gb Free Space | 44,56% Space Free | Partition Type: NTFS Drive F: | 1,90 Gb Total Space | 1,90 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Drive G: | 1,91 Gb Total Space | 1,40 Gb Free Space | 73,37% Space Free | Partition Type: FAT Drive H: | 465,76 Gb Total Space | 163,85 Gb Free Space | 35,18% Space Free | Partition Type: NTFS Drive L: | 465,64 Gb Total Space | 167,45 Gb Free Space | 35,96% Space Free | Partition Type: FAT32 Computer Name: PATRICE-PC | User Name: Pat-admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/07/25 19:22:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrice\Bureau\OTL.exe PRC - [2011/07/03 12:31:13 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/06/30 10:37:27 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2011/06/30 10:37:05 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2011/06/07 09:49:33 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/04/08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2011/02/09 21:36:21 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe PRC - [2010/11/04 09:56:26 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2010/02/12 21:23:32 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe PRC - [2010/01/14 23:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/12/22 11:17:04 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe PRC - [2009/12/18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe PRC - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe PRC - [2009/09/10 17:02:14 | 000,505,152 | ---- | M] (D-Link Corp.) -- C:\Program Files\D-Link\DWA-131 revA\wirelesscm.exe PRC - [2009/06/26 15:56:58 | 000,102,400 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2008/12/23 19:25:14 | 000,554,264 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe PRC - [2008/10/20 23:18:26 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2008/07/23 19:04:20 | 005,625,344 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe PRC - [2008/07/10 12:22:24 | 000,397,312 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe PRC - [2008/05/26 20:34:48 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/04/14 13:45:08 | 000,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2005/04/29 09:07:14 | 000,045,096 | ---- | M] (H+BEDV Datentechnik GmbH, Germany) -- C:\Program Files\AVPersonal\AVWUPSRV.EXE ========== Modules (SafeList) ========== MOD - [2011/07/25 19:22:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrice\Bureau\OTL.exe MOD - [2011/06/30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/07/09 16:03:20 | 000,311,928 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2011/07/03 12:31:13 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/06/30 10:37:27 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2011/06/07 09:49:33 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/02/09 21:36:21 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess) SRV - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/02/12 21:23:32 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS) SRV - [2009/12/22 11:17:04 | 000,225,280 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe -- (DCService.exe) SRV - [2009/12/18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc) SRV - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2009/06/26 15:56:58 | 000,102,400 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe) SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2009/05/07 23:19:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/02/11 19:12:38 | 000,167,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\D-Link\DWA-131 revA\WLSVC.exe -- (WLSVC) SRV - [2008/12/23 19:25:14 | 000,554,264 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2008/11/07 18:40:52 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2008/10/20 23:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008/04/14 13:45:08 | 000,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) SRV - [2006/10/26 21:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006/10/26 16:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2005/04/29 09:07:14 | 000,045,096 | ---- | M] (H+BEDV Datentechnik GmbH, Germany) [Auto | Running] -- C:\Program Files\AVPersonal\AVWUPSRV.EXE -- (AVWUpSrv) ========== Driver Services (SafeList) ========== DRV - [2011/07/03 12:31:14 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011/07/03 12:31:14 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/07/02 14:33:46 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2011/06/30 10:38:14 | 000,097,504 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2011/06/30 10:38:13 | 000,029,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2011/06/30 10:38:12 | 000,242,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2010/07/07 04:27:52 | 005,069,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/05/17 14:04:06 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2010/04/09 17:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010/03/25 12:08:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010/03/20 13:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010/03/20 12:28:00 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2009/10/07 10:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2009/10/07 10:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC) DRV - [2009/10/07 10:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2009/10/07 10:46:12 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2009/10/07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009/08/05 22:23:22 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2009/05/11 13:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/05/11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/04/10 09:34:30 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD) DRV - [2009/02/26 03:13:03 | 000,971,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm174.sys -- (tdrpman174) Acronis Try&Decide and Restore Points filter (build 174) DRV - [2009/02/26 03:12:59 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2009/02/26 03:12:59 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2009/02/26 03:12:51 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380) DRV - [2009/01/21 17:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008/11/14 16:18:48 | 000,484,096 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btprot.sys -- (BTPROT) DRV - [2008/11/14 16:18:48 | 000,023,808 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiausb.sys -- (BTIAUSB) DRV - [2008/10/02 13:01:46 | 004,878,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/09/26 11:53:00 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2008/09/26 11:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2008/09/26 11:52:00 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2008/09/26 11:52:00 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2008/09/23 19:15:00 | 000,038,400 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e) DRV - [2008/09/16 13:21:06 | 000,079,744 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiaspp.sys -- (btiaspp) DRV - [2008/09/16 13:21:06 | 000,067,456 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiaa2dp.sys -- (btiaa2dp) DRV - [2008/09/16 13:21:06 | 000,030,720 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiapan.sys -- (BTiAPan) DRV - [2008/07/30 18:04:24 | 000,019,712 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiasco.sys -- (iAnywhere_btAudio) DRV - [2008/07/30 18:04:24 | 000,009,216 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiarcp.sys -- (btiarcp) DRV - [2008/05/16 13:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) DRV - [2008/05/16 13:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) DRV - [2008/05/16 13:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008/05/16 13:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008/05/16 13:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV - [2008/05/16 13:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008/05/16 13:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV - [2008/04/14 13:45:12 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2008/04/14 13:45:12 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D) DRV - [2008/04/14 13:45:08 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2008/02/27 14:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt) DRV - [2008/02/27 10:54:00 | 000,020,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WLNdis50.sys -- (WLNdis50) DRV - [2007/12/17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2007/02/16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007/01/29 19:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC) DRV - [2007/01/17 16:30:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Spyder2.sys -- (Spyder2) DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2006/06/14 15:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2006/04/07 19:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VNUSB.sys -- (VNUSB) DRV - [2005/03/24 19:40:38 | 000,004,096 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2004/08/13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2001/08/17 23:04:46 | 000,223,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camdrv21.sys -- (camvid20) DRV - [1999/09/10 14:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32) DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr/ig?hl=" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter: C:\Program Files\Photodex Presenter\npPxPlay.dll ( ) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/14 10:11:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/25 15:52:59 | 000,000,000 | ---D | M] [2009/02/27 04:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Extensions [2011/07/03 14:29:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\extensions [2009/09/01 10:15:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/09/07 19:49:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011/07/03 14:29:49 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\extensions\foxmarks@kei.com [2011/07/14 10:11:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/06/25 15:53:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- [2011/06/16 06:38:33 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/06/25 15:52:51 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/07/20 09:00:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll () O2 - BHO: (CmjBrowserHelperObject Object) - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll (Mindjet) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe () O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe () O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [QFan Help] C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe () O4 - HKLM..\Run: [six Engine] C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [switchBoard] C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [pdfSaver3] C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe (ColorVision Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Connection Manager.lnk = C:\Program Files\D-Link\DWA-131 revA\wirelesscm.exe (D-Link Corp.) O4 - Startup: C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe () O4 - Startup: C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll (Mindjet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Pat-admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pat-admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/02/22 11:36:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/07/24 22:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\dvdcss [2011/07/24 22:37:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pat-admin\Recent [2011/07/23 22:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\DivX [2011/07/23 21:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\On2 Technologies [2011/07/23 21:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AC3Filter [2011/07/23 21:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter [2011/07/23 21:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2011/07/23 21:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\Haali [2011/07/23 21:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2011/07/23 21:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX [2011/07/23 19:52:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AviSynth 2.5 [2011/07/23 17:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\EAC [2011/07/23 17:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\AccurateRip [2011/07/23 17:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Exact Audio Copy [2011/07/22 19:10:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter [2011/07/22 19:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM [2011/07/22 18:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Enregistrement utilisateur de Canon iP4800 series [2011/07/22 18:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup [2011/07/22 18:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Canon Utilities [2011/07/22 18:41:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2011/07/22 18:41:13 | 000,290,816 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAF.DLL [2011/07/22 18:41:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information [2011/07/22 18:41:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Canon iP4800 series [2011/07/22 18:41:06 | 000,180,224 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUAF.DLL [2011/07/22 18:40:53 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2011/07/20 11:01:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/07/20 08:52:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/07/20 08:52:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/07/20 08:52:08 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/07/20 08:52:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/07/20 08:51:59 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/07/16 15:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ArcSoft Connect [2011/07/16 15:28:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ArcSoft Scan-n-Stitch Deluxe [2011/07/16 15:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\ArcSoft [2011/07/16 15:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ArcSoft MediaImpression 2 [2011/07/16 15:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ArcSoft [2011/07/16 15:25:00 | 000,018,688 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys [2011/07/16 15:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ArcSoft [2011/07/16 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft [2011/07/16 15:20:43 | 000,390,656 | ---- | C] (Seiko Epson Corp.) -- C:\WINDOWS\System32\eswiaad.dll [2011/07/16 15:20:43 | 000,204,800 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\esintad.dll [2011/07/15 19:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\Malwarebytes [2011/07/15 19:59:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/07/15 14:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ma-config.com [2011/07/13 14:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\WinRAR [2011/07/13 14:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2011/07/08 21:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital Technologies [2011/07/07 18:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2011/07/05 22:42:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\Epson [2011/07/05 21:29:29 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\E_DCINST.DLL [2011/07/05 21:29:28 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FLBGAE.DLL [2011/07/05 21:29:28 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FD4BGAE.DLL [2011/07/05 21:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UDL [2011/07/05 21:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Epson Software [2011/07/05 21:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software [2011/07/05 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\ABBYY [2011/07/05 21:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ABBYY FineReader 9.0 Sprint [2011/07/05 21:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 9.0 Sprint [2011/07/05 21:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ABBYY [2011/07/05 21:15:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ABBYY [2011/07/05 21:14:28 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\ensppmon.dll [2011/07/05 21:14:28 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\enppmon.dll [2011/07/05 21:14:28 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\ensppui.dll [2011/07/05 21:14:28 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\enppui.dll [2011/07/05 21:14:28 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\enspres.dll [2011/07/05 21:14:28 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\enpres.dll [2011/07/05 21:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\EPSON [2011/07/05 21:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet [2011/07/05 21:12:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EPSON [2011/07/05 21:12:45 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\esdevapp.exe [2011/07/05 21:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EPSON [2011/07/05 21:12:44 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\eswiaud.dll [2011/07/05 21:12:44 | 000,012,800 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\escdev.dll [2011/07/05 21:12:39 | 000,000,000 | ---D | C] -- C:\Program Files\epson [2011/07/02 00:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Mes documents\DriverGenius [2011/07/02 00:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\ma-config.com [2011/07/02 00:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/07/25 19:12:31 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/07/25 19:12:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/07/25 13:49:00 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/07/25 10:57:14 | 000,005,938 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110725_105711.reg [2011/07/24 22:54:39 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ColorVisionStartup.lnk [2011/07/24 22:54:39 | 000,000,683 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\MRU-Blaster Silent Clean.lnk [2011/07/24 22:54:39 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk [2011/07/24 22:54:39 | 000,000,641 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Connection Manager.lnk [2011/07/24 22:50:37 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX [2011/07/24 22:50:37 | 000,000,004 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx [2011/07/24 22:43:41 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/07/24 22:37:50 | 000,002,150 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110724_223747.reg [2011/07/24 22:31:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/07/24 22:00:48 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Bookmarks-PC-Patrice.job [2011/07/24 20:00:49 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Lucille.job [2011/07/24 19:34:18 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Sabine-PC.job [2011/07/24 18:17:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/07/24 10:30:36 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Photos-Patrice.job [2011/07/23 20:06:42 | 049,599,861 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\SetupRiamCodecPack_4.2.7.exe [2011/07/20 10:05:39 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Sabine-Outlook.job [2011/07/20 09:31:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Patrice-PC.job [2011/07/20 09:00:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/07/17 11:24:31 | 000,504,006 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/07/17 11:24:31 | 000,435,704 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/07/17 11:24:31 | 000,081,774 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/07/17 11:24:31 | 000,068,408 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/07/14 10:11:21 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/07/14 10:10:15 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/07/14 09:58:03 | 000,002,474 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110714_095800.reg [2011/07/14 09:53:19 | 003,778,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/07/08 21:29:53 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110708_212948.reg [2011/07/06 17:02:16 | 000,000,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2011/07/06 09:15:04 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Patrice-Outlook.job [2011/07/05 22:53:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI [2011/07/05 22:37:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Twunk002.MTX [2011/07/05 21:22:59 | 000,000,306 | ---- | M] () -- C:\WINDOWS\setup.iss [2011/07/05 02:00:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PATRICE-PC-Patrice.job [2011/07/05 01:59:59 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PATRICE-PC-Pat-admin.job [2011/07/04 09:42:40 | 000,025,722 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110704_094236.reg [2011/07/03 12:31:14 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/07/03 12:31:14 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011/06/30 10:38:14 | 000,097,504 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys [2011/06/30 10:38:13 | 000,029,400 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys [2011/06/30 10:38:12 | 000,242,600 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys [2011/06/30 10:38:10 | 000,017,416 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys [2011/06/30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll [2011/06/26 08:45:56 | 000,256,000 | ---- | M] () -- C:\WINDOWS\PEV.exe [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/07/25 10:57:13 | 000,005,938 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110725_105711.reg [2011/07/24 22:37:49 | 000,002,150 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110724_223747.reg [2011/07/24 18:17:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/07/23 21:51:56 | 000,497,664 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm [2011/07/23 20:06:40 | 049,599,861 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\SetupRiamCodecPack_4.2.7.exe [2011/07/20 08:52:08 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/07/20 08:52:08 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/07/20 08:52:08 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/07/20 08:52:08 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/07/20 08:52:08 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/07/16 15:20:43 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfwad.bin [2011/07/14 18:35:54 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\SyncBack Bookmarks-PC-Patrice.job [2011/07/14 10:11:21 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/07/14 10:11:20 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk [2011/07/14 09:58:02 | 000,002,474 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110714_095800.reg [2011/07/08 21:29:49 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110708_212948.reg [2011/07/05 22:53:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2011/07/05 22:37:59 | 000,000,156 | ---- | C] () -- C:\WINDOWS\Twunk001.MTX [2011/07/05 22:37:59 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Twain001.Mtx [2011/07/05 22:37:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Twunk002.MTX [2011/07/05 21:22:54 | 000,000,306 | ---- | C] () -- C:\WINDOWS\setup.iss [2011/07/04 09:42:38 | 000,025,722 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110704_094236.reg [2011/06/06 15:53:04 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe [2011/06/06 15:52:39 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.sys [2011/06/06 15:52:39 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys [2011/01/30 18:08:42 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010/09/15 10:03:19 | 000,007,763 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini [2010/09/15 10:03:18 | 000,008,802 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini [2010/09/15 09:26:39 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010/08/18 18:55:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Pipe Organ [2010/08/15 02:05:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2010/08/15 02:05:39 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2010/08/15 02:05:39 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe [2010/08/15 02:05:39 | 000,205,156 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010/08/15 02:05:39 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe [2010/08/15 02:05:39 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2010/03/28 20:27:53 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2009/12/18 11:58:28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\Viveza2FC32.dll [2009/10/11 15:10:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/10/07 02:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2009/10/07 02:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll [2009/06/07 00:58:31 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Work - Home [2009/06/07 00:58:31 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Pat-admin\Application Data\WebServer [2009/06/07 00:58:31 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Desktop Pictures [2009/06/07 00:55:18 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT [2009/05/21 21:16:46 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2009/05/10 18:47:23 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbz.DAT [2009/04/04 11:44:13 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2009/04/03 23:51:29 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2009/03/23 23:27:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI [2009/03/20 01:09:27 | 000,000,094 | ---- | C] () -- C:\WINDOWS\family.ini [2009/03/16 20:28:58 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\OdiOlDVR.dll [2009/03/16 20:28:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\OdiAPI.dll [2009/02/27 13:17:01 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys [2009/02/27 01:11:14 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/02/24 22:23:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdy.DAT [2009/02/24 13:54:16 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS58.DLL [2009/02/23 06:47:43 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/02/23 06:44:29 | 003,778,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/02/23 04:31:28 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nVivid.bin [2009/02/23 04:31:28 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nStandard.bin [2009/02/23 04:31:28 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAsmedia.bin [2009/02/23 04:31:28 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAdvanced.bin [2009/02/23 04:31:27 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/02/23 04:31:27 | 000,196,653 | ---- | C] () -- C:\WINDOWS\System32\drivers\aVivid.bin [2009/02/23 04:31:27 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\aAdvanced.bin [2009/02/23 04:31:27 | 000,196,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\aStandard.bin [2009/02/23 04:31:27 | 000,196,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\aAsmedia.bin [2009/02/23 04:31:27 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/02/23 04:31:27 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll [2009/02/23 04:31:27 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll [2009/02/23 04:31:27 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll [2009/02/23 04:31:27 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll [2009/02/23 04:31:27 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll [2009/02/23 04:31:27 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll [2009/02/23 04:31:27 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll [2009/02/23 04:31:27 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2009/02/23 04:31:26 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll [2009/02/23 03:43:11 | 000,260,248 | ---- | C] () -- C:\WINDOWS\System32\QMO.dll [2009/02/23 03:43:11 | 000,092,312 | ---- | C] () -- C:\WINDOWS\System32\QMOCameraDll.dll [2009/02/23 01:45:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/02/22 12:50:57 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2009/02/22 12:50:57 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2009/02/22 12:50:55 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2009/02/22 12:50:55 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2009/02/22 12:42:13 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009/02/22 12:42:05 | 000,029,180 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/02/22 12:42:05 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/02/22 11:37:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009/02/22 11:33:37 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008/05/09 18:08:32 | 000,000,995 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\bmarchive.bms [2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/04/14 14:00:00 | 000,504,006 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2008/04/14 14:00:00 | 000,435,704 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/04/14 14:00:00 | 000,081,774 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2008/04/14 14:00:00 | 000,068,408 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/04/14 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2007/03/20 19:16:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ASDR.exe [2007/02/13 19:16:04 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\Spyder2.sys [2006/03/06 11:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll [2004/10/11 13:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL [2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS [2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS [2004/07/10 20:55:38 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\wsiShared.dll [1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\All Users\Documents\test2.txt:SummaryInformation @Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE @Alternate Data Stream - 1190 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:Bx5k1wsubtgZUmf9LlQGwFMEqJGnT @Alternate Data Stream - 1034 bytes -> C:\Program Files\Fichiers communs\System:Uo2AHWFkvddMwoVQaLB8yF @Alternate Data Stream - 1025 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:McNYHDyd9ZViID54V6M5NJQ7Mujev @Alternate Data Stream - 1021 bytes -> C:\Program Files\Fichiers communs\System:PVCJausQNS3n3qUvj4hC01dmJajW @Alternate Data Stream - 1001 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:lar6WI5lOSGnGAUb5VT65FDrKA < End of report >
  12. patcar06
    Le message apparait à l'affichage du bureau (uniquement en mode utilisateur) je ne sais pas comment insérer une image dans ma réponse, apparemment il faut que l'image soit hébergée quelque part? C'est une fenêtre RUNDLL et le message est: Erreur de chargement de boottson.dll le module spécifié est introuvable.
  13. patcar06
    Bonjour Après désinstallation de inkscape, suppression du dossier + un coup de ccleaner dans la base de registre, j'ai toujours le message d'erreur Rundll au redémarrage. Comme apparemment je n'ai pas de virus y a t'il un moyen de supprimer ce message d'erreur?
  14. patcar06
    OK merci pour ces réponses très instructives. Voici le ckfiles.txt CKScanner - Additional Security Risks - These are not necessarily bad c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.py scanner sequence 3.NA.11.XFAPVN ----- EOF -----
  15. patcar06
    Et enfin le fichier Extras.Txt OTL Extras logfile created on: 24/07/2011 18:17:00 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Patrice\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,85% Memory free 3,85 Gb Paging File | 3,03 Gb Available in Paging File | 78,92% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 13,85 Gb Free Space | 28,37% Space Free | Partition Type: NTFS Drive D: | 547,34 Gb Total Space | 244,17 Gb Free Space | 44,61% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 147,72 Gb Free Space | 31,72% Space Free | Partition Type: NTFS Drive G: | 1,91 Gb Total Space | 1,40 Gb Free Space | 73,36% Space Free | Partition Type: FAT Drive H: | 1,90 Gb Total Space | 1,90 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Drive L: | 465,64 Gb Total Space | 167,45 Gb Free Space | 35,96% Space Free | Partition Type: FAT32 Computer Name: PATRICE-PC | User Name: Pat-admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Pixum EasyBook] -- "C:\Program Files\Pixum\Pixum EasyBook\Pixum EasyBook.exe" "%1" () Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4 "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" = C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount -- (VoipDiscount) "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated) "C:\Program Files\Logitech\Logitech Vid\Vid.exe" = C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid -- (Logitech Inc.) "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION) "C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{07805B72-99B2-4D42-87D9-BF5D39AAFB12}" = Mindjet MindManager Pro 6 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{0FC65BD2-FB46-4E89-AEB9-C5CB53E4BC1F}_is1" = JkDefrag 3.36 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver "{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS Smart Doctor "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{1BA7B068-4719-42A3-B553-D4ED97434F92}" = ASUS Utilities "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4 "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler "{1E327F9A-A509-510A-26EE-B37B74305508}" = Catalyst Control Center Localization All "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{23DD8A17-65DB-4D49-A2E0-164C6F460E3F}" = Adobe Photoshop Lightroom 3 "{259646F8-FBFD-5073-6B31-8E3E1AA71179}" = CCC Help German "{2660C96D-37FC-5BC2-8DEE-E287734862B9}" = CCC Help French "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 26 "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2 "{28B0F39B-C0C6-4CC5-902B-9BF20111804C}" = Blue Manager Suite "{2A329709-A0F3-11D0-9501-444553540000}_is1" = PocketMirror (Standard Edition) 4.3.1 "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman) "{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00 "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite "{310C1558-F6B5-4889-98B0-7471966BA7F2}" = Epson Easy Photo Print 2 "{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Gamer OSD "{33EC2184-5484-AB4A-E96B-86C034A950EE}" = CCC Help Spanish "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{377B2121-65F6-4C5F-998F-5284DEF41F3E}" = COMODO livePCsupport "{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis True Image Home "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B30E966-251F-967F-ECA6-85762DAEDA32}" = CCC Help English "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3EA007AD-9F8A-51C5-C167-4EC7F7D90166}" = Catalyst Control Center Graphics Previews Common "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4 "{4F5EE84F-D675-5C6E-D758-B744C6655CD6}" = ccc-utility "{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid "{523B1E21-0B29-4402-9B8A-339086462028}_is1" = VirtualDub-MPEG2 v1.6.19 b24587 Fr "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3 "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{5628EBAF-F067-AE51-3714-BF21FBB4857F}" = CCC Help Italian "{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{616A66CD-D36D-4E24-8B67-33AFDFF48061}" = Palm Outlook Conduits Updater "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{6488C559-8E0A-E61D-8287-63EB6638227F}" = CCC Help Hungarian "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{69F02EF7-5303-4ECC-B2ED-A6433DA1B305}" = Ma-Config.com "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6FDE7D2C-2D4A-561C-1434-54CC9613569C}" = ccc-core-static "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{813EE1F0-D251-4F98-AC91-9B98CF22717E}" = WD Drive Manager (x86) "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.15 "{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine "{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}" = Express Gate "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A61D4172-C0E2-4954-8132-73B1B70EB114}" = calibre "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in "{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5 "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox 4.1 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C97D06C9-1A67-492B-26B1-72617062AB7E}" = Adobe Lens Profile Downloader "{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}" = Adobe Setup "{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF09EF05-81A8-000F-0A98-AB306B70803B}" = CCC Help Polish "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{D9198056-A296-4583-A790-C0E73694CFE8}" = D-Link DWA-131 Wireless N Nano USB Adapter "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DA85F579-3C60-A492-6B3F-9F4C85529C9E}" = ATI Catalyst Install Manager "{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}" = On2 VP7 Personal Edition "{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector "{E064390A-2F64-4195-9A55-30D4B20B865A}" = WDCSAM Driver "{E697054C-E87D-47A8-B8A8-5B3F94389DF3}" = PTLens "{E92934FD-FAC7-4E5B-B6F0-9E4D1CF9CD56}" = CCC Help Portuguese "{EA076E9B-A0B9-07C5-1B5D-8147CF31AFB7}" = bayardKids "{F0559CD3-9FCA-ADE3-9006-1D2B897F2F31}" = CCC Help Greek "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FB46F473-333E-4A06-A777-31C54188593E}" = ArcSoft MediaImpression 2 "{FB91E774-867B-4567-ACE7-8144EF036068}" = Olympus Digital Wave Player "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FE5ED0AC-BCC8-482A-8B08-AA11D5F00152}" = Epson Event Manager "{FE96C49B-DB90-405E-A00E-09E38372F880}" = Camera Control Pro 2 "{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}" = palmOne "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FF8455A9-21E8-457D-AC64-510A705D53B3}" = ArcSoft Scan-n-Stitch Deluxe "7-Zip" = 7-Zip 4.65 "8A1D0449E9CBCC93DCB0CF47934D695423632CA7" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (12/05/2006 1.0.0007.0) "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_1710d324011afc3e7658e969025f4ba" = Adobe InDesign CS4 "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4 "AdobeLensProfileDownloader" = Adobe Lens Profile Downloader "A-PDF Restrictions Remover_is1" = A-PDF Restrictions Remover 1.6 "Audacity_is1" = Audacity 1.2.6 "Autopano Pro" = Autopano Pro "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AviSynth" = AviSynth 2.5 "BankPerfect" = BankPerfect 7.3 "bayardKids.08AE7BFC096D057FBA48C7E4F898C35F7FA11BBA.1" = bayardKids "Belarc Advisor" = Belarc Advisor 7.2 "BookSmart® 2.9.1 2.9.1" = BookSmart® 2.9.1 2.9.1 "CANONBJ_Deinstall_CNMCP58.DLL" = Canon i560 "CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program "CanonMyPrinter" = Canon My Printer "Capture NX 2" = Capture NX 2 "CCleaner" = CCleaner "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "CloneCD" = CloneCD "Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "CoreAAC Audio Decoder" = CoreAAC Audio Decoder (remove only) "Dfine 2.0" = Dfine 2.0 "DivX Setup.divx.com" = Configuration DivX "DIVXCodec" = DivX Codec 3.1alpha release "DrvImagerXP_is1" = DrvImagerXP 2.2 "DVD Shrink_is1" = DVD Shrink 3.2 "Enregistrement utilisateur de Canon iP4800 series" = Enregistrement utilisateur de Canon iP4800 series "EPSON Perfection V33_V330 Manual" = EPSON Perfection V33/V330 Manuel "EPSON Scanner" = EPSON Scan "EPSON SX525WD Series Network Guide" = Guide réseau pour EPSON SX525WD Series "ERUNT_is1" = ERUNT 1.1j "Exact Audio Copy" = Exact Audio Copy 1.0beta2 "FileZilla Client" = FileZilla Client 3.3.5.1 "foobar2000" = foobar2000 v1.0.1 "GanttProject" = GanttProject "GPL Ghostscript 8.64" = GPL Ghostscript 8.64 "GrabIt_is1" = GrabIt 1.7.2 Beta 3 (build 996) "HaaliMkx" = Haali Media Splitter "HijackThis" = HijackThis 2.0.2 "ie8" = Windows Internet Explorer 8 "Inkscape" = Inkscape 0.48.1 "InstallShield_{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS Smart Doctor "InstallShield_{28B0F39B-C0C6-4CC5-902B-9BF20111804C}" = Blue Manager Suite "InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online "LameACM" = Lame ACM MP3 Codec "lvdrivers_12.10" = Coffret de pilotes Logitech Webcam Software "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Money2005b" = Microsoft Money "Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr) "MRU-Blaster_is1" = MRU-Blaster v1.5 (Database 3/28/2004) "Noise Ninja (Standalone Version)_is1" = Noise Ninja 2 (Standalone Version) "NTREGOPT_is1" = NTREGOPT 1.1j "O2 Broadband" = O2 Broadband "OggDS" = Direct Show Ogg Vorbis Filter (remove only) "PDF-XChange 3_is1" = PDF-XChange 3.0 "Photodex Presenter" = Photodex Presenter "PhotomatixPro3_is1" = Photomatix Pro version 3.1.3 "Pixum EasyBook" = Pixum EasyBook "Pocket Tunes" = Pocket Tunes 4.0.2 "PROPLUS" = Microsoft Office Professional Plus 2007 "ProShow Gold" = ProShow Gold "QuickPar" = QuickPar 0.9 "QuickTime" = QuickTime "RADVideo" = RAD Video Tools "RealPlayer 6.0" = RealPlayer "Ri4m v5.0.1d" = Ri4m v5.0.1d "Ripp-It Codec Pack" = Ripp-It Codec Pack v 4.2.7 "Sharpener Pro 3.0" = Sharpener Pro 3.0 "Silver Efex Pro" = Silver Efex Pro "SpeedFan" = SpeedFan (remove only) "Spyder2" = Spyder2 "SpywareGuard_is1" = SpywareGuard v2.2 "SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010) "SyncBack_is1" = SyncBack "Total Uninstall_is1" = Total Uninstall 2.35 "Viveza" = Viveza "Viveza 2" = Viveza 2 "VLC media player" = VLC media player 0.9.8a "VoipDiscount_is1" = VoipDiscount "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windames" = Windames "x264vfw" = x264vfw - H.264/MPEG-4 AVC codec (remove only) "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "xvid" = XviD MPEG-4 Video Codec "Xvid_is1" = Xvid 1.2.2 final uninstall ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "757980bd62c97274" = Downloadr ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 23/07/2011 15:27:37 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante ripp-it_am.exe, version 5.0.3.0, module défaillant ripp-it_am.exe, version 5.0.3.0, adresse de défaillance 0x000abea5. Error - 23/07/2011 17:07:22 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant shmedia.dll, version 6.0.2900.5512, adresse de défaillance 0x0000ac54. Error - 23/07/2011 17:07:39 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant shmedia.dll, version 6.0.2900.5512, adresse de défaillance 0x0000ac54. Error - 23/07/2011 17:07:52 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant shmedia.dll, version 6.0.2900.5512, adresse de défaillance 0x0000ac54. Error - 23/07/2011 17:08:05 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant shmedia.dll, version 6.0.2900.5512, adresse de défaillance 0x0000ac54. Error - 23/07/2011 17:08:20 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant shmedia.dll, version 6.0.2900.5512, adresse de défaillance 0x0000ac54. Error - 23/07/2011 17:08:31 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant shmedia.dll, version 6.0.2900.5512, adresse de défaillance 0x0000ac54. Error - 23/07/2011 17:08:51 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant shmedia.dll, version 6.0.2900.5512, adresse de défaillance 0x0000ac54. Error - 23/07/2011 17:11:11 | Computer Name = PATRICE-PC | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant shmedia.dll, version 6.0.2900.5512, adresse de défaillance 0x0000ac54. Error - 23/07/2011 17:13:52 | Computer Name = PATRICE-PC | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : The server name or address could not be resolved [ OSession Events ] Error - 21/05/2009 16:45:42 | Computer Name = PATRICE-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 77 seconds with 0 seconds of active time. This session ended with a crash. Error - 05/10/2009 18:11:41 | Computer Name = PATRICE-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3424 seconds with 0 seconds of active time. This session ended with a crash. Error - 23/04/2010 17:48:58 | Computer Name = PATRICE-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6852 seconds with 1320 seconds of active time. This session ended with a crash. Error - 23/06/2010 14:03:13 | Computer Name = PATRICE-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash. Error - 09/09/2010 07:42:11 | Computer Name = PATRICE-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4421 seconds with 1500 seconds of active time. This session ended with a crash. Error - 17/01/2011 11:20:03 | Computer Name = PATRICE-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 373 seconds with 120 seconds of active time. This session ended with a crash. Error - 01/07/2011 18:06:33 | Computer Name = PATRICE-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 23/07/2011 11:47:28 | Computer Name = PATRICE-PC | Source = Cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 23/07/2011 11:47:29 | Computer Name = PATRICE-PC | Source = Cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 23/07/2011 11:47:30 | Computer Name = PATRICE-PC | Source = Cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 23/07/2011 11:47:30 | Computer Name = PATRICE-PC | Source = Cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 23/07/2011 11:47:31 | Computer Name = PATRICE-PC | Source = Cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 23/07/2011 13:58:05 | Computer Name = PATRICE-PC | Source = Service Control Manager | ID = 7000 Description = Le service adfs n'a pas pu démarrer en raison de l'erreur : %%2 Error - 23/07/2011 13:58:06 | Computer Name = PATRICE-PC | Source = Dhcp | ID = 1002 Description = Le bail de l'adresse IP 192.168.0.11 pour la carte réseau dont l'adresse réseau est 14D64D07C8E6 a été refusé par le serveur DHCP 78.250.255.254 (celui-ci a envoyé un message DHCPNACK). Error - 23/07/2011 17:13:55 | Computer Name = PATRICE-PC | Source = Service Control Manager | ID = 7000 Description = Le service adfs n'a pas pu démarrer en raison de l'erreur : %%2 Error - 23/07/2011 17:13:56 | Computer Name = PATRICE-PC | Source = Dhcp | ID = 1002 Description = Le bail de l'adresse IP 192.168.0.11 pour la carte réseau dont l'adresse réseau est 14D64D07C8E6 a été refusé par le serveur DHCP 78.250.255.254 (celui-ci a envoyé un message DHCPNACK). Error - 24/07/2011 04:20:06 | Computer Name = PATRICE-PC | Source = Service Control Manager | ID = 7000 Description = Le service adfs n'a pas pu démarrer en raison de l'erreur : %%2 < End of report >
  16. patcar06
    Voici le fichier OTL.Txt OTL logfile created on: 24/07/2011 18:17:00 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Patrice\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,85% Memory free 3,85 Gb Paging File | 3,03 Gb Available in Paging File | 78,92% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 13,85 Gb Free Space | 28,37% Space Free | Partition Type: NTFS Drive D: | 547,34 Gb Total Space | 244,17 Gb Free Space | 44,61% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 147,72 Gb Free Space | 31,72% Space Free | Partition Type: NTFS Drive G: | 1,91 Gb Total Space | 1,40 Gb Free Space | 73,36% Space Free | Partition Type: FAT Drive H: | 1,90 Gb Total Space | 1,90 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Drive L: | 465,64 Gb Total Space | 167,45 Gb Free Space | 35,96% Space Free | Partition Type: FAT32 Computer Name: PATRICE-PC | User Name: Pat-admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/07/24 14:35:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrice\Bureau\OTL.exe PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/07/03 12:31:13 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/06/30 10:37:27 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2011/06/30 10:37:05 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2011/06/07 09:49:33 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/04/08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe PRC - [2011/03/21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2011/02/09 21:36:21 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe PRC - [2010/11/04 09:56:26 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2010/03/25 04:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2010/02/12 21:23:32 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe PRC - [2010/01/14 23:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/12/22 11:17:04 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe PRC - [2009/12/18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe PRC - [2009/12/17 19:50:18 | 000,976,832 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe PRC - [2009/06/26 15:56:58 | 000,102,400 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe PRC - [2009/06/26 15:56:20 | 000,450,560 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2008/12/23 19:25:14 | 000,554,264 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe PRC - [2008/10/20 23:18:26 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2008/07/23 19:04:20 | 005,625,344 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe PRC - [2008/07/10 12:22:24 | 000,397,312 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe PRC - [2008/05/26 20:34:48 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/04/14 13:45:08 | 000,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2005/04/29 09:07:14 | 000,045,096 | ---- | M] (H+BEDV Datentechnik GmbH, Germany) -- C:\Program Files\AVPersonal\AVWUPSRV.EXE ========== Modules (SafeList) ========== MOD - [2011/07/24 14:35:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrice\Bureau\OTL.exe MOD - [2011/06/30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/07/09 16:03:20 | 000,311,928 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/07/03 12:31:13 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/06/30 10:37:27 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2011/06/07 09:49:33 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/02/09 21:36:21 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess) SRV - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/02/12 21:23:32 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS) SRV - [2009/12/22 11:17:04 | 000,225,280 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe -- (DCService.exe) SRV - [2009/12/18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc) SRV - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2009/06/26 15:56:58 | 000,102,400 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe) SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2009/05/07 23:19:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/02/11 19:12:38 | 000,167,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\D-Link\DWA-131 revA\WLSVC.exe -- (WLSVC) SRV - [2008/12/23 19:25:14 | 000,554,264 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2008/11/07 18:40:52 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2008/10/20 23:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008/04/14 13:45:08 | 000,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) SRV - [2006/10/26 21:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006/10/26 16:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2005/04/29 09:07:14 | 000,045,096 | ---- | M] (H+BEDV Datentechnik GmbH, Germany) [Auto | Running] -- C:\Program Files\AVPersonal\AVWUPSRV.EXE -- (AVWUpSrv) ========== Driver Services (SafeList) ========== DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/07/03 12:31:14 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011/07/03 12:31:14 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/07/02 14:33:46 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2011/06/30 10:38:14 | 000,097,504 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2011/06/30 10:38:13 | 000,029,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2011/06/30 10:38:12 | 000,242,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2010/07/07 04:27:52 | 005,069,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/05/17 14:04:06 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2010/04/09 17:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010/03/25 12:08:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010/03/20 13:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010/03/20 12:28:00 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2009/10/07 10:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2009/10/07 10:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC) DRV - [2009/10/07 10:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2009/10/07 10:46:12 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2009/10/07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009/08/05 22:23:22 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2009/05/11 13:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/05/11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/04/10 09:34:30 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD) DRV - [2009/02/26 03:13:03 | 000,971,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm174.sys -- (tdrpman174) Acronis Try&Decide and Restore Points filter (build 174) DRV - [2009/02/26 03:12:59 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2009/02/26 03:12:59 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2009/02/26 03:12:51 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380) DRV - [2009/01/21 17:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008/11/14 16:18:48 | 000,484,096 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btprot.sys -- (BTPROT) DRV - [2008/11/14 16:18:48 | 000,023,808 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiausb.sys -- (BTIAUSB) DRV - [2008/10/02 13:01:46 | 004,878,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/09/26 11:53:00 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2008/09/26 11:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2008/09/26 11:52:00 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2008/09/26 11:52:00 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2008/09/23 19:15:00 | 000,038,400 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e) DRV - [2008/09/16 13:21:06 | 000,079,744 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiaspp.sys -- (btiaspp) DRV - [2008/09/16 13:21:06 | 000,067,456 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiaa2dp.sys -- (btiaa2dp) DRV - [2008/09/16 13:21:06 | 000,030,720 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiapan.sys -- (BTiAPan) DRV - [2008/07/30 18:04:24 | 000,019,712 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiasco.sys -- (iAnywhere_btAudio) DRV - [2008/07/30 18:04:24 | 000,009,216 | ---- | M] (iAnywhere Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btiarcp.sys -- (btiarcp) DRV - [2008/05/16 13:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) DRV - [2008/05/16 13:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) DRV - [2008/05/16 13:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008/05/16 13:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008/05/16 13:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV - [2008/05/16 13:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008/05/16 13:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV - [2008/04/14 13:45:12 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2008/04/14 13:45:12 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D) DRV - [2008/04/14 13:45:08 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2008/02/27 14:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt) DRV - [2008/02/27 10:54:00 | 000,020,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WLNdis50.sys -- (WLNdis50) DRV - [2007/12/17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2007/02/16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007/01/29 19:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC) DRV - [2007/01/17 16:30:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Spyder2.sys -- (Spyder2) DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2006/06/14 15:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2006/04/07 19:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VNUSB.sys -- (VNUSB) DRV - [2005/03/24 19:40:38 | 000,004,096 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2004/08/13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2001/08/17 23:04:46 | 000,223,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camdrv21.sys -- (camvid20) DRV - [1999/09/10 14:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32) DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr/ig?hl=" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter: C:\Program Files\Photodex Presenter\npPxPlay.dll ( ) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/14 10:11:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/25 15:52:59 | 000,000,000 | ---D | M] [2009/02/27 04:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Extensions [2011/07/03 14:29:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\extensions [2009/09/01 10:15:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/09/07 19:49:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011/07/03 14:29:49 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\extensions\foxmarks@kei.com [2011/07/14 10:11:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/06/25 15:53:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- [2011/06/16 06:38:33 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/06/25 15:52:51 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/07/20 09:00:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll () O2 - BHO: (CmjBrowserHelperObject Object) - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll (Mindjet) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe () O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [QFan Help] C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe () O4 - HKLM..\Run: [six Engine] C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe () O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [switchBoard] C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC) O4 - HKCU..\Run: [pdfSaver3] C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe (ColorVision Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Connection Manager.lnk = C:\Program Files\D-Link\DWA-131 revA\wirelesscm.exe (D-Link Corp.) O4 - Startup: C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe () O4 - Startup: C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll (Mindjet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Pat-admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pat-admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/02/22 11:36:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Hacked With Joy !) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\LameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.asv2 - C:\WINDOWS\System32\ASUSASV2.DLL () Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !) Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com) Drivers32: vidc.x264 - C:\WINDOWS\System32\x264vfw.dll () Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/07/23 23:37:57 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/07/23 22:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\DivX [2011/07/23 21:53:41 | 000,630,784 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll [2011/07/23 21:53:41 | 000,237,568 | ---- | C] (On2.com Inc.) -- C:\WINDOWS\System32\vp7dec.ax [2011/07/23 21:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\On2 Technologies [2011/07/23 21:53:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\On2 Technologies [2011/07/23 21:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AC3Filter [2011/07/23 21:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter [2011/07/23 21:26:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\x264vfw [2011/07/23 21:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DivX Plus [2011/07/23 21:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\DivX Shared [2011/07/23 21:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2011/07/23 21:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Haali Media Splitter [2011/07/23 21:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\Haali [2011/07/23 21:23:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Xvid [2011/07/23 21:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2011/07/23 21:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX [2011/07/23 21:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Ripp-It Codec Pack [2011/07/23 19:52:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\AviSynth 2.5 [2011/07/23 19:52:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AviSynth 2.5 [2011/07/23 19:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Menu Démarrer\Programmes\Ripp-it_am [2011/07/23 19:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\Ripp-it_AM [2011/07/23 17:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\EAC [2011/07/23 17:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\AccurateRip [2011/07/23 17:59:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Exact Audio Copy [2011/07/23 17:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Exact Audio Copy [2011/07/22 19:10:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter [2011/07/22 19:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM [2011/07/22 18:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Enregistrement utilisateur de Canon iP4800 series [2011/07/22 18:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup [2011/07/22 18:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Canon Utilities [2011/07/22 18:41:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2011/07/22 18:41:13 | 000,290,816 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAF.DLL [2011/07/22 18:41:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information [2011/07/22 18:41:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Canon iP4800 series [2011/07/22 18:41:06 | 000,180,224 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUAF.DLL [2011/07/22 18:40:53 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2011/07/20 11:01:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/07/20 08:52:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/07/20 08:52:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/07/20 08:52:08 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/07/20 08:52:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/07/20 08:51:59 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/07/19 16:42:53 | 004,157,619 | R--- | C] (Swearware) -- C:\Documents and Settings\Pat-admin\Bureau\ComboFix.exe [2011/07/16 15:50:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pat-admin\Recent [2011/07/16 15:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ArcSoft Connect [2011/07/16 15:28:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ArcSoft Scan-n-Stitch Deluxe [2011/07/16 15:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\ArcSoft [2011/07/16 15:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ArcSoft MediaImpression 2 [2011/07/16 15:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ArcSoft [2011/07/16 15:25:00 | 000,018,688 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys [2011/07/16 15:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ArcSoft [2011/07/16 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft [2011/07/16 15:20:43 | 000,390,656 | ---- | C] (Seiko Epson Corp.) -- C:\WINDOWS\System32\eswiaad.dll [2011/07/16 15:20:43 | 000,204,800 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\esintad.dll [2011/07/15 19:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\Malwarebytes [2011/07/15 19:59:34 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/07/15 19:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/07/15 19:59:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/07/15 19:59:30 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/07/15 19:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/07/15 14:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ma-config.com [2011/07/13 14:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\WinRAR [2011/07/13 14:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2011/07/08 21:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital Technologies [2011/07/07 18:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2011/07/05 22:42:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Application Data\Epson [2011/07/05 21:29:29 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\E_DCINST.DLL [2011/07/05 21:29:28 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FLBGAE.DLL [2011/07/05 21:29:28 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FD4BGAE.DLL [2011/07/05 21:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UDL [2011/07/05 21:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Epson Software [2011/07/05 21:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software [2011/07/05 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\ABBYY [2011/07/05 21:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ABBYY FineReader 9.0 Sprint [2011/07/05 21:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 9.0 Sprint [2011/07/05 21:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ABBYY [2011/07/05 21:15:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ABBYY [2011/07/05 21:14:28 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\ensppmon.dll [2011/07/05 21:14:28 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\enppmon.dll [2011/07/05 21:14:28 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\ensppui.dll [2011/07/05 21:14:28 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\enppui.dll [2011/07/05 21:14:28 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\enspres.dll [2011/07/05 21:14:28 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\enpres.dll [2011/07/05 21:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\EPSON [2011/07/05 21:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet [2011/07/05 21:12:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EPSON [2011/07/05 21:12:45 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\esdevapp.exe [2011/07/05 21:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EPSON [2011/07/05 21:12:44 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\eswiaud.dll [2011/07/05 21:12:44 | 000,012,800 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\escdev.dll [2011/07/05 21:12:39 | 000,000,000 | ---D | C] -- C:\Program Files\epson [2011/07/02 00:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pat-admin\Mes documents\DriverGenius [2011/07/02 00:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\ma-config.com [2011/07/02 00:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [2011/06/25 15:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2011/06/25 15:53:15 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java [2011/06/25 15:52:59 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011/06/25 15:52:59 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011/06/25 15:52:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011/06/25 15:52:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011/06/25 15:52:59 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011/06/25 15:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/07/24 18:17:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/07/24 18:12:41 | 000,000,004 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx [2011/07/24 18:12:23 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX [2011/07/24 17:49:00 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/07/24 10:30:36 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Photos-Patrice.job [2011/07/24 10:20:11 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/07/24 10:20:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/07/23 22:00:42 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Bookmarks-PC-Patrice.job [2011/07/23 21:52:30 | 000,036,734 | ---- | M] () -- C:\WINDOWS\System32\OggDSuninst.exe [2011/07/23 21:52:24 | 000,021,764 | ---- | M] () -- C:\WINDOWS\System32\CoreAAC-uninstall.exe [2011/07/23 21:26:11 | 000,067,863 | ---- | M] () -- C:\WINDOWS\System32\x264vfw-uninstall.exe [2011/07/23 20:06:42 | 049,599,861 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\SetupRiamCodecPack_4.2.7.exe [2011/07/23 20:00:47 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Lucille.job [2011/07/23 19:51:49 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Bureau\Ripp-it_AM.lnk [2011/07/23 19:35:03 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Sabine-PC.job [2011/07/23 13:09:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/07/20 10:05:39 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Sabine-Outlook.job [2011/07/20 09:31:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Patrice-PC.job [2011/07/20 09:00:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/07/19 16:43:45 | 004,157,619 | R--- | M] (Swearware) -- C:\Documents and Settings\Pat-admin\Bureau\ComboFix.exe [2011/07/19 16:43:34 | 000,879,223 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Bureau\SecurityCheck.exe [2011/07/17 11:24:31 | 000,504,006 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/07/17 11:24:31 | 000,435,704 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/07/17 11:24:31 | 000,081,774 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/07/17 11:24:31 | 000,068,408 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/07/14 10:11:21 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/07/14 10:10:15 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/07/14 09:58:03 | 000,002,474 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110714_095800.reg [2011/07/14 09:53:19 | 003,778,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/07/08 21:29:53 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110708_212948.reg [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/07/06 17:02:16 | 000,000,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2011/07/06 09:15:04 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Backup-Patrice-Outlook.job [2011/07/05 22:53:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI [2011/07/05 22:37:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Twunk002.MTX [2011/07/05 21:22:59 | 000,000,306 | ---- | M] () -- C:\WINDOWS\setup.iss [2011/07/05 02:00:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PATRICE-PC-Patrice.job [2011/07/05 01:59:59 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PATRICE-PC-Pat-admin.job [2011/07/04 09:42:40 | 000,025,722 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110704_094236.reg [2011/07/03 12:31:14 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/07/03 12:31:14 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011/06/30 10:38:14 | 000,097,504 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys [2011/06/30 10:38:13 | 000,029,400 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys [2011/06/30 10:38:12 | 000,242,600 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys [2011/06/30 10:38:10 | 000,017,416 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys [2011/06/30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll [2011/06/26 08:45:56 | 000,256,000 | ---- | M] () -- C:\WINDOWS\PEV.exe [2011/06/25 15:52:50 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011/06/25 15:52:50 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011/06/25 15:52:50 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011/06/25 15:52:50 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011/06/25 15:52:49 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011/06/25 15:49:07 | 000,007,816 | ---- | M] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110625_154904.reg [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/07/24 18:17:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/07/23 21:53:41 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vp7dec_settings.cpl [2011/07/23 21:52:30 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe [2011/07/23 21:52:24 | 000,021,764 | ---- | C] () -- C:\WINDOWS\System32\CoreAAC-uninstall.exe [2011/07/23 21:51:56 | 000,497,664 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm [2011/07/23 21:26:11 | 000,067,863 | ---- | C] () -- C:\WINDOWS\System32\x264vfw-uninstall.exe [2011/07/23 20:06:40 | 049,599,861 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\SetupRiamCodecPack_4.2.7.exe [2011/07/23 19:51:49 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Bureau\Ripp-it_AM.lnk [2011/07/20 08:52:08 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/07/20 08:52:08 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/07/20 08:52:08 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/07/20 08:52:08 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/07/20 08:52:08 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/07/19 16:43:33 | 000,879,223 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Bureau\SecurityCheck.exe [2011/07/16 15:20:43 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfwad.bin [2011/07/14 18:35:54 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\SyncBack Bookmarks-PC-Patrice.job [2011/07/14 10:11:21 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/07/14 10:11:20 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk [2011/07/14 09:58:02 | 000,002,474 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110714_095800.reg [2011/07/08 21:29:49 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110708_212948.reg [2011/07/05 22:53:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2011/07/05 22:37:59 | 000,000,156 | ---- | C] () -- C:\WINDOWS\Twunk001.MTX [2011/07/05 22:37:59 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Twain001.Mtx [2011/07/05 22:37:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Twunk002.MTX [2011/07/05 21:22:54 | 000,000,306 | ---- | C] () -- C:\WINDOWS\setup.iss [2011/07/04 09:42:38 | 000,025,722 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110704_094236.reg [2011/06/25 15:49:06 | 000,007,816 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Mes documents\cc_20110625_154904.reg [2011/06/06 15:53:04 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe [2011/06/06 15:52:39 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.sys [2011/06/06 15:52:39 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys [2011/01/30 18:08:42 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010/09/15 10:03:19 | 000,007,763 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini [2010/09/15 10:03:18 | 000,008,802 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini [2010/09/15 09:26:39 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010/08/18 18:55:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Pipe Organ [2010/08/15 02:05:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2010/08/15 02:05:39 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2010/08/15 02:05:39 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe [2010/08/15 02:05:39 | 000,205,156 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010/08/15 02:05:39 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe [2010/08/15 02:05:39 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2010/03/28 20:27:53 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2009/12/18 11:58:28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\Viveza2FC32.dll [2009/10/11 15:10:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/10/07 02:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2009/10/07 02:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll [2009/07/29 08:35:54 | 002,378,752 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2009/06/07 00:58:31 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Work - Home [2009/06/07 00:58:31 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Pat-admin\Application Data\WebServer [2009/06/07 00:58:31 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Desktop Pictures [2009/06/07 00:55:18 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT [2009/05/21 21:16:46 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2009/05/10 18:47:23 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbz.DAT [2009/04/04 11:44:13 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2009/04/03 23:51:29 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2009/03/23 23:27:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI [2009/03/20 01:09:27 | 000,000,094 | ---- | C] () -- C:\WINDOWS\family.ini [2009/03/16 20:28:58 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\OdiOlDVR.dll [2009/03/16 20:28:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\OdiAPI.dll [2009/02/27 13:17:01 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys [2009/02/27 01:11:14 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/02/24 22:23:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdy.DAT [2009/02/24 13:54:16 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS58.DLL [2009/02/23 06:47:43 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/02/23 06:44:29 | 003,778,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/02/23 04:31:28 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nVivid.bin [2009/02/23 04:31:28 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nStandard.bin [2009/02/23 04:31:28 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAsmedia.bin [2009/02/23 04:31:28 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAdvanced.bin [2009/02/23 04:31:27 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/02/23 04:31:27 | 000,196,653 | ---- | C] () -- C:\WINDOWS\System32\drivers\aVivid.bin [2009/02/23 04:31:27 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\aAdvanced.bin [2009/02/23 04:31:27 | 000,196,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\aStandard.bin [2009/02/23 04:31:27 | 000,196,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\aAsmedia.bin [2009/02/23 04:31:27 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/02/23 04:31:27 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll [2009/02/23 04:31:27 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll [2009/02/23 04:31:27 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll [2009/02/23 04:31:27 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll [2009/02/23 04:31:27 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll [2009/02/23 04:31:27 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll [2009/02/23 04:31:27 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll [2009/02/23 04:31:27 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2009/02/23 04:31:26 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll [2009/02/23 03:43:11 | 000,260,248 | ---- | C] () -- C:\WINDOWS\System32\QMO.dll [2009/02/23 03:43:11 | 000,092,312 | ---- | C] () -- C:\WINDOWS\System32\QMOCameraDll.dll [2009/02/23 01:45:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/02/22 12:50:57 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2009/02/22 12:50:57 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2009/02/22 12:50:55 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2009/02/22 12:50:55 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2009/02/22 12:42:13 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009/02/22 12:42:05 | 000,029,180 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/02/22 12:42:05 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/02/22 11:37:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009/02/22 11:33:37 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008/05/09 18:08:32 | 000,000,995 | ---- | C] () -- C:\Documents and Settings\Pat-admin\Local Settings\Application Data\bmarchive.bms [2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/04/14 14:00:00 | 000,504,006 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2008/04/14 14:00:00 | 000,435,704 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/04/14 14:00:00 | 000,081,774 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2008/04/14 14:00:00 | 000,068,408 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/04/14 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2007/03/20 19:16:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ASDR.exe [2007/02/13 19:16:04 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\Spyder2.sys [2006/03/06 11:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll [2004/10/11 13:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL [2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS [2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS [2004/07/10 20:55:38 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\wsiShared.dll [2002/10/06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2002/10/05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2002/10/05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2002/10/05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/02/22 11:36:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009/02/22 11:31:10 | 000,000,212 | -HS- | M] () -- C:\BOOT.BAK [2010/03/21 12:12:27 | 000,000,292 | -HS- | M] () -- C:\boot.ini [2008/04/14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2008/04/14 14:00:00 | 000,263,504 | RHS- | M] () -- C:\cmldr [2009/02/22 11:36:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011/07/19 17:02:19 | 000,000,045 | ---- | M] () -- C:\error.log [2009/04/10 09:35:39 | 004,086,414 | ---- | M] () -- C:\HuskyInstallerLog.txt [2009/02/22 11:36:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/02/22 11:36:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/04/14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/04/14 14:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/07/24 10:19:56 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2011/02/01 21:37:01 | 000,001,656 | ---- | M] () -- C:\photodex-presenter-install.log [2011/07/24 18:17:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2009/05/20 14:38:23 | 000,009,187 | ---- | M] () -- C:\resetlog.txt [2009/02/22 12:44:38 | 000,000,057 | ---- | M] () -- C:\splash.idx [2008/10/13 13:33:08 | 000,005,552 | -H-- | M] () -- C:\version < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2009/02/23 06:43:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2009/02/23 06:43:26 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2009/02/23 06:43:26 | 000,479,232 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/06/06 15:53:04 | 000,021,361 | ---- | M] (Cisco Systems, Inc.) -- C:\WINDOWS\system32\drivers\AegisP.sys [2011/07/03 12:31:14 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys [2011/07/03 12:31:14 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys [2011/06/30 10:38:10 | 000,017,416 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmderd.sys [2011/06/30 10:38:12 | 000,242,600 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdGuard.sys [2011/06/30 10:38:13 | 000,029,400 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdhlp.sys [2011/06/30 10:38:14 | 000,097,504 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\inspect.sys [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2011/04/29 18:19:43 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-14 07:45:51 ========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\All Users\Documents\test2.txt:SummaryInformation @Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE @Alternate Data Stream - 1190 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:Bx5k1wsubtgZUmf9LlQGwFMEqJGnT @Alternate Data Stream - 1034 bytes -> C:\Program Files\Fichiers communs\System:Uo2AHWFkvddMwoVQaLB8yF @Alternate Data Stream - 1025 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:McNYHDyd9ZViID54V6M5NJQ7Mujev @Alternate Data Stream - 1021 bytes -> C:\Program Files\Fichiers communs\System:PVCJausQNS3n3qUvj4hC01dmJajW @Alternate Data Stream - 1001 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:lar6WI5lOSGnGAUb5VT65FDrKA < End of report >
  17. patcar06
    Bonjour Cà y est, l'analyse est terminée (plus de 7h). Je ne reçois toujours pas de notification par mail lorsque tu réponds. J'ai également une question, pour l'analyse tu demandes de désactiver toutes les protections donc mon pc s'est trouvé sans protection pendant 7h. Est-ce bien prudent? Sinon voici les résultats de ce que tu m'as demandé en commençant par le scan-results.txt D:\Patrice\Photo\ACDSee Pro v2.0.238 (French)\Keygen\keygen.exe une variante de Win32/Keygen.AG application D:\Patrice\Photo\Logiciels\ACDSee Pro v2.0.238 (French).zip une variante de Win32/Keygen.AG application D:\Patrice\Utilitaires_Windows\Video\FFSetup220.zip Win32/Adware.ADON application F:\Backup-Patrice-PC-2010\Photo\ACDSee Pro v2.0.238 (French)\Keygen\keygen.exe une variante de Win32/Keygen.AG application F:\Backup-Patrice-PC-2010\Photo\Logiciels\ACDSee Pro v2.0.238 (French).zip une variante de Win32/Keygen.AG application F:\Backup-Patrice-PC-2010\Utilitaires_Windows\Video\FFSetup220.zip Win32/Adware.ADON application L:\Backup-Patrice-PC-2010\Photo\ACDSee Pro v2.0.238 (French)\Keygen\keygen.exe une variante de Win32/Keygen.AG application L:\Backup-Patrice-PC-2010\Photo\Logiciels\ACDSee Pro v2.0.238 (French).zip une variante de Win32/Keygen.AG application L:\Backup-Patrice-PC-2010\Utilitaires_Windows\Video\FFSetup220.zip Win32/Adware.ADON application
  18. patcar06
    Bonjour et merci pour vos explications. Désolé pour ma réponse tardive, je n'avais pas reçu de notification mais j'ai corrigé çà dans mes paramètres. J'ai bien effectué les 3 étapes dont voici les rapports par contre mon message d'erreur apparait encore. Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Version de la base de données: 7200 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 19/07/2011 17:15:40 mbam-log-2011-07-19 (17-15-40).txt Type d'examen: Examen rapide Elément(s) analysé(s): 181737 Temps écoulé: 4 minute(s), 41 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\dllcache (Backdoor.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\dllcache (Backdoor.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ---------------------------------------------------------------------------------------------- ComboFix 11-07-19.02 - Pat-admin 20/07/2011 8:53.1.4 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1210 [GMT 2:00] Lancé depuis: c:\documents and settings\Pat-admin\Bureau\ComboFix.exe FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Pat-admin\Application Data\Microsoft\Internet Explorer\Desktop.htt c:\documents and settings\Patrice\Local Settings\Application Data\Skype\Phone\Skype.exe c:\documents and settings\Patrice\WINDOWS D:\install.exe . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_1 -------\Service_5 . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-06-20 au 2011-07-20 )))))))))))))))))))))))))))))))))))) . . 2011-07-16 13:51 . 2011-07-16 13:51 -------- d-----w- c:\documents and settings\Patrice\Local Settings\Application Data\ArcSoft 2011-07-16 13:27 . 2011-07-16 13:27 -------- d-----w- c:\documents and settings\Pat-admin\Local Settings\Application Data\ArcSoft 2011-07-16 13:26 . 2011-07-19 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft 2011-07-16 13:25 . 2006-11-10 13:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys 2011-07-16 13:24 . 2011-07-16 13:25 -------- d-----w- c:\program files\Fichiers communs\ArcSoft 2011-07-16 13:24 . 2011-07-16 13:28 -------- d-----w- c:\program files\ArcSoft 2011-07-16 13:20 . 2009-12-20 22:00 65793 ----a-w- c:\windows\system32\esfwad.bin 2011-07-16 13:20 . 2009-12-06 22:00 204800 ----a-w- c:\windows\system32\esintad.dll 2011-07-16 13:20 . 2009-10-21 12:48 390656 ----a-w- c:\windows\system32\eswiaad.dll 2011-07-15 17:59 . 2011-07-15 17:59 -------- d-----w- c:\documents and settings\Pat-admin\Application Data\Malwarebytes 2011-07-15 17:59 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-15 17:59 . 2011-07-15 17:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-07-15 17:59 . 2011-07-15 18:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-15 17:59 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-08 19:52 . 2011-07-08 19:52 -------- d-----w- c:\program files\Western Digital Technologies 2011-07-07 16:27 . 2011-07-07 16:27 -------- d-----w- c:\program files\DIFX 2011-07-05 20:42 . 2011-07-05 21:11 -------- d-----w- c:\documents and settings\Pat-admin\Application Data\Epson 2011-07-05 19:29 . 2011-07-05 19:29 -------- d-----w- c:\documents and settings\LocalService\Bureau 2011-07-05 19:29 . 2007-04-10 01:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL 2011-07-05 19:29 . 2009-10-01 03:01 63488 ----a-w- c:\windows\system32\E_FD4BGAE.DLL 2011-07-05 19:29 . 2008-11-12 03:00 93696 ----a-w- c:\windows\system32\E_FLBGAE.DLL 2011-07-05 19:24 . 2011-07-05 19:24 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL 2011-07-05 19:20 . 2011-07-16 13:33 -------- d-----w- c:\program files\Epson Software 2011-07-05 19:19 . 2011-07-05 19:19 -------- d-----w- c:\documents and settings\Pat-admin\Local Settings\Application Data\ABBYY 2011-07-05 19:15 . 2011-07-16 13:30 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint 2011-07-05 19:15 . 2011-07-05 19:15 -------- d-----w- c:\program files\Fichiers communs\ABBYY 2011-07-05 19:15 . 2011-07-05 19:15 -------- d-----w- c:\documents and settings\All Users\Application Data\ABBYY 2011-07-05 19:14 . 2008-12-01 11:00 457611 ----a-w- c:\windows\system32\ensppui.dll 2011-07-05 19:14 . 2008-12-01 11:00 457611 ----a-w- c:\windows\system32\enppui.dll 2011-07-05 19:14 . 2008-12-01 10:58 474892 ----a-w- c:\windows\system32\ensppmon.dll 2011-07-05 19:14 . 2008-12-01 10:58 474892 ----a-w- c:\windows\system32\enppmon.dll 2011-07-05 19:14 . 2008-06-18 09:49 249344 ----a-w- c:\windows\system32\enspres.dll 2011-07-05 19:14 . 2008-06-18 09:49 249344 ----a-w- c:\windows\system32\enpres.dll 2011-07-05 19:14 . 2011-07-17 09:20 -------- d-----w- c:\program files\Fichiers communs\EPSON 2011-07-05 19:13 . 2011-07-16 13:47 -------- d-----w- c:\program files\EpsonNet 2011-07-05 19:12 . 2011-07-16 13:48 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON 2011-07-05 19:12 . 2009-10-15 22:00 132560 ----a-w- c:\windows\system32\esdevapp.exe 2011-07-05 19:12 . 2009-10-15 22:00 12800 ----a-w- c:\windows\system32\escdev.dll 2011-07-05 19:12 . 2009-09-16 22:00 342016 ----a-w- c:\windows\system32\eswiaud.dll 2011-07-05 19:12 . 2011-07-16 13:33 -------- d-----w- c:\program files\epson 2011-07-01 22:08 . 2011-07-15 12:36 -------- d-----w- c:\program files\ma-config.com 2011-07-01 22:08 . 2011-07-15 12:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com 2011-06-25 13:53 . 2011-06-25 13:53 -------- d-----w- c:\program files\Fichiers communs\Java 2011-06-25 13:52 . 2011-06-25 13:52 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-06-25 13:52 . 2011-06-25 13:52 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-06-25 13:52 . 2011-06-25 13:52 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-06-25 13:52 . 2011-06-25 13:52 -------- d-----w- c:\program files\Java . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-14 08:10 . 2011-06-14 07:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-03 10:31 . 2009-05-16 07:05 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-07-03 10:31 . 2009-05-16 07:05 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-06-30 08:38 . 2010-03-03 19:54 97504 ----a-w- c:\windows\system32\drivers\inspect.sys 2011-06-30 08:38 . 2010-03-03 19:54 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2011-06-30 08:38 . 2010-03-03 19:54 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2011-06-30 08:38 . 2010-03-03 19:54 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys 2011-06-30 08:37 . 2010-03-03 19:54 285256 ----a-w- c:\windows\system32\guard32.dll 2011-06-06 13:53 . 2011-06-06 13:53 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe 2011-06-06 13:53 . 2011-06-06 13:53 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2011-06-06 11:35 . 2008-04-14 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-05-02 15:31 . 2009-02-22 09:34 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2008-04-14 12:00 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-26 11:07 . 2008-04-14 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-04-25 16:06 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:06 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:06 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2008-04-14 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-06-16 04:38 . 2011-07-14 08:11 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "pdfSaver3"="c:\program files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe" [2004-09-05 380928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-09-30 16864768] "Six Engine"="c:\program files\ASUS\EPU-4 Engine\FourEngine.exe" [2008-07-23 5625344] "Ai Nap"="c:\program files\ASUS\AI Suite\AiNap\AiNap.exe" [2008-05-26 1423360] "QFan Help"="c:\program files\ASUS\AI Suite\QFan3\QFanHelp.exe" [2008-05-06 594432] "Cpu Level Up help"="c:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-11-30 881152] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 69632] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-04 281768] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304] "AdobeAAMUpdater-1.0"="c:\program files\Fichiers communs\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Fichiers communs\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 110592] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2011-04-08 254696] "WD Drive Manager"="c:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-06-26 450560] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] "ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-17 976832] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Patrice\Menu D‚marrer\Programmes\D‚marrage\ palmOne Registration.lnk - c:\recycler\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe [N/A] . c:\documents and settings\Patrice\Menu D‚marrer\Programmes\D‚marrage\ palmOne Registration.lnk - c:\recycler\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe [N/A] . c:\documents and settings\Pat-admin\Menu D‚marrer\Programmes\D‚marrage\ MRU-Blaster Silent Clean.lnk - c:\program files\MRU-Blaster\mrublaster.exe [2004-3-28 1216512] SpywareGuard.lnk - c:\program files\SpywareGuard\sgmain.exe [2003-8-29 360448] . c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ ColorVisionStartup.lnk - c:\program files\ColorVision\Utility\ColorVisionStartup.exe [2007-2-13 385024] Wireless Connection Manager.lnk - c:\program files\D-Link\DWA-131 revA\wirelesscm.exe [2011-6-6 505152] . c:\documents and settings\Patrice\Menu D‚marrer\Programmes\D‚marrage\ palmOne Registration.lnk - c:\recycler\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-11-07 16:41 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Device Detector 3.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Device Detector 3.lnk backup=c:\windows\pss\Device Detector 3.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HOTSYNCSHORTCUTNAME.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HOTSYNCSHORTCUTNAME.lnk backup=c:\windows\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Pat-admin^Menu Démarrer^Programmes^Démarrage^MRU-Blaster Scheduler.lnk] path=c:\documents and settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\MRU-Blaster Scheduler.lnk backup=c:\windows\pss\MRU-Blaster Scheduler.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^Pat-admin^Menu Démarrer^Programmes^Démarrage^palmOne Registration.lnk] path=c:\documents and settings\Pat-admin\Menu Démarrer\Programmes\Démarrage\palmOne Registration.lnk backup=c:\windows\pss\palmOne Registration.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] 2008-08-14 06:58 611712 ----a-w- c:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] 2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService] 2006-05-02 20:55 31232 ----a-r- c:\program files\Mindjet\MindManager 6\MmReminderService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-04-03 21:51 98304 ----a-w- c:\program files\QuickTime\qttask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-03-31 11:08 198160 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= "c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 . R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [03/03/2010 21:54 242600] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [03/03/2010 21:54 29400] R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14/05/2009 17:07 759048] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [16/05/2009 09:05 136360] R2 AVWUpSrv;AntiVir Update;c:\program files\AVPersonal\AVWUPSRV.EXE [16/05/2009 08:53 45096] R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [12/02/2010 21:23 148744] R2 DCService.exe;DCService.exe;c:\documents and settings\All Users\Application Data\DatacardService\DCService.exe [22/12/2009 11:17 225280] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [24/02/2009 17:19 10384] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [15/07/2011 19:59 366640] R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [18/12/2009 11:58 57344] R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [26/06/2009 15:56 102400] R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\system32\drivers\WLNdis50.sys [06/06/2011 15:52 20480] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [08/12/2010 22:55 63616] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [15/07/2011 19:59 22712] S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19/06/2010 23:23 136176] S2 WLSVC;WLSVC;c:\program files\D-Link\DWA-131 revA\WLSVC.exe [06/06/2011 15:52 167936] S3 btiaa2dp;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btiaa2dp.sys [02/11/2010 22:55 67456] S3 BTiAPan;Bluetooth PAN Miniport;c:\windows\system32\drivers\btiapan.sys [02/11/2010 22:55 30720] S3 btiarcp;Bluetooth AVRCP Device;c:\windows\system32\drivers\btiarcp.sys [02/11/2010 22:55 9216] S3 btiaspp;Bluetooth Serial driver;c:\windows\system32\drivers\btiaspp.sys [02/11/2010 22:55 79744] S3 BTIAUSB;Generic Bluetooth Device;c:\windows\system32\drivers\btiausb.sys [02/11/2010 22:55 23808] S3 BTPROT;Generic Bluetooth Filter;c:\windows\system32\drivers\btprot.sys [02/11/2010 22:55 484096] S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [16/08/2009 17:04 223232] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [08/12/2010 22:55 101504] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [08/12/2010 22:55 117504] S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [19/06/2010 23:23 136176] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?] S3 iAnywhere_btAudio;Bluetooth Virtual SCO Device;c:\windows\system32\drivers\btiasco.sys [02/11/2010 22:55 19712] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [09/07/2011 16:03 311928] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [15/07/2011 19:59 41272] S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [06/06/2011 15:51 588032] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [16/03/2009 11:12 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [16/03/2009 11:12 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [16/03/2009 11:12 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [16/03/2009 11:12 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [16/03/2009 11:12 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [16/03/2009 11:12 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [16/03/2009 11:12 115752] S3 Spyder2;ColorVision Spyder2;c:\windows\system32\drivers\Spyder2.sys [13/02/2007 19:16 12288] S3 SwitchBoard;SwitchBoard;c:\program files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 14:37 517096] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?] . Contenu du dossier 'Tâches planifiées' . 2011-07-04 c:\windows\Tasks\AdobeAAMUpdater-1.0-PATRICE-PC-Pat-admin.job - c:\program files\Fichiers communs\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-09-05 02:44] . 2011-07-05 c:\windows\Tasks\AdobeAAMUpdater-1.0-PATRICE-PC-Patrice.job - c:\program files\Fichiers communs\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-09-05 02:44] . 2011-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-19 21:22] . 2011-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-06-19 21:22] . 2011-07-19 c:\windows\Tasks\SyncBack Backup-Lucille.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-02-24 17:45] . 2011-07-06 c:\windows\Tasks\SyncBack Backup-Patrice-Outlook.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-02-24 17:45] . 2011-07-13 c:\windows\Tasks\SyncBack Backup-Patrice-PC.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-02-24 17:45] . 2011-07-19 c:\windows\Tasks\SyncBack Backup-Photos-Patrice.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-02-24 17:45] . 2011-07-15 c:\windows\Tasks\SyncBack Backup-Sabine-Outlook.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-02-24 17:45] . 2011-07-19 c:\windows\Tasks\SyncBack Backup-Sabine-PC.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-02-24 17:45] . 2011-07-19 c:\windows\Tasks\SyncBack Bookmarks-PC-Patrice.job - c:\program files\2BrightSparks\SyncBack\SyncBack.exe [2009-02-24 17:45] . . ------- Examen supplémentaire ------- . IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: Interfaces\{511CCF1A-5470-4302-AB7F-63158B11BAD9}: NameServer = 62.231.32.10,62.231.32.11 FF - ProfilePath - c:\documents and settings\Pat-admin\Application Data\Mozilla\Firefox\Profiles\7y5kqfwf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig?hl= FF - user.js: yahoo.homepage.dontask - true . - - - - ORPHELINS SUPPRIMES - - - - . HKLM-Run-pdfSaver3 - (no file) MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe AddRemove-XnView_is1 - g:\xnview\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-07-20 09:00 Windows 5.1.2600 Service Pack 3 NTFS . detected NTDLL code modification: ZwClose . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'winlogon.exe'(756) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll . - - - - - - - > 'lsass.exe'(812) c:\windows\system32\guard32.dll . - - - - - - - > 'explorer.exe'(3544) c:\windows\system32\guard32.dll c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\COMODO\COMODO Internet Security\cmdagent.exe c:\windows\system32\Ati2evxx.exe c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Fichiers communs\Acronis\Schedule2\schedul2.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\windows\ATKKBService.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\CDBurnerXP\NMSAccessU.exe c:\program files\Photodex\ProShowGold\ScsiAccess.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\RTHDCPL.EXE c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\system32\rundll32.exe c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2011-07-20 09:03:58 - La machine a redémarré ComboFix-quarantined-files.txt 2011-07-20 07:03 . Avant-CF: 14 773 903 360 octets libres Après-CF: 15 082 299 392 octets libres . - - End Of File - - 443AADCDED98E288B473635D4A0B2B7E --------------------------------------------------------------------------------------------------------------- Results of screen317's Security Check version 0.99.17 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus Antivirus up to date! (On Access scanning disabled!) ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java 6 Update 26 Adobe Flash Player 10.3.181.26 ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Comodo Firewall cmdagent.exe Comodo Firewall cfp.exe ``````````End of Log````````````
  19. patcar06
    Si çà peut aider je rajoute le rapport Malwarebytes Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Version de la base de données: 7149 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 15/07/2011 21:01:40 mbam-log-2011-07-15 (21-00-44).txt Type d'examen: Examen rapide Elément(s) analysé(s): 179860 Temps écoulé: 4 minute(s), 17 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal\dllcache (Backdoor.Agent) -> No action taken. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Network\dllcache (Backdoor.Agent) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  20. patcar06
    Bonjour Depuis qq jours j'ai ce message à chaque démarrage: Erreur de chargement de boottson.dll Le module spécifié est introuvable. Pour l'instant mon PC n'a pas d'autres symptômes. J'ai trouvé et supprimé ce fichier mais le message apparait toujours. Un scan avec antivir en mode sans échec n'a rien donné et mes compétences s'arrêtent là. Pourriez-vous m'aider s'il vous plait? Ci-dessous le rapport HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:40:09, on 15/07/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe C:\Program Files\Fichiers communs\EPSON\EPW!3 SSRP\E_S50ST7.EXE C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Fichiers communs\EPSON\EPW!3 SSRP\E_S50RP7.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\nlssrv32.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe" -r O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe" O4 - HKCU\..\Run: [Epson Stylus SX525WD(Réseau)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGAE.EXE /FU "C:\WINDOWS\TEMP\E_S3A.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [AdobeBridge] (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [skype] "C:\Documents and Settings\Patrice\Local Settings\Application Data\Skype\Phone\Skype.exe" /nosplash /minimized (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [cleacomp] rundll32 "boottson.dll",CreateProcessNotify (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [EPSON SX525WD Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGAE.EXE /FU "C:\WINDOWS\TEMP\E_S3E4.tmp" /EF "HKCU" (User 'Patrice') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [Epson Stylus SX525WD(Réseau)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGAE.EXE /FU "C:\DOCUME~1\Patrice\LOCALS~1\Temp\E_S1A.tmp" /EF "HKCU" (User 'Patrice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-21-796845957-117609710-1801674531-1003 Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'Patrice') O4 - S-1-5-21-796845957-117609710-1801674531-1003 User Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'Patrice') O4 - S-1-5-18 Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'SYSTEM') O4 - .DEFAULT Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'Default user') O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{511CCF1A-5470-4302-AB7F-63158B11BAD9}: NameServer = 62.231.32.10,62.231.32.11 O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: DCService.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EPW!3 SSRP\E_S50ST7.EXE O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EPW!3 SSRP\E_S50RP7.EXE O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe O23 - Service: WLSVC - Unknown owner - C:\Program Files\D-Link\DWA-131 revA\WLSVC.exe -- End of file - 12131 bytes
  21. patcar06
    J'ai supprimé les 3 fichiers infectés. J'ai fait tourner un Kaspersky on line et un hijackthis, apparemment tout est bon. Y a t'il une autre vérif à faire ?
  22. patcar06
    Voici le rapport Kaspersky. J'ai quelques fichiers infectés, qu'est-ce que j'en fais ? KASPERSKY ON-LINE SCANNER REPORT Tuesday, May 19, 2009 10:24:51 PM Système d'exploitation : Microsoft Windows XP Professional, Service Pack 3 (Build 2600) Kaspersky On-line Scanner version : 5.0.84.2 Dernière mise à jour de la base antivirus Kaspersky : 19/05/2009 Enregistrements dans la base antivirus Kaspersky : 1992090 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail A:\ C:\ D:\ E:\ F:\ Statistiques de l'analyse Total d'objets analysés 144841 Nombre de virus trouvés 1 Nombre d'objets infectés 3 / 0 Nombre d'objets suspects 0 Durée de l'analyse 02:20:38 Nom de l'objet infecté Nom du virus Dernière action C:\0ea7e537e1114c64a61a2e0814abe1\amd64\filterpipelineprintproc.dll L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\amd64\msxpsdrv.cat L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\amd64\msxpsdrv.inf L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\amd64\msxpsinc.gpd L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\amd64\msxpsinc.ppd L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\amd64\mxdwdrv.dll L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\amd64\xpssvcs.dll L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\i386\filterpipelineprintproc.dll L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\i386\msxpsdrv.cat L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\i386\msxpsdrv.inf L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\i386\msxpsinc.gpd L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\i386\msxpsinc.ppd L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\i386\mxdwdrv.dll L'objet est verrouillé ignoré C:\0ea7e537e1114c64a61a2e0814abe1\i386\xpssvcs.dll L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\avguard.tmp L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\comodo\Firewall Pro\cfplogdb.sdb L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Application Data\Microsoft\Templates\Normal.dotm L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Historique\History.IE5\MSHist012009051920090520\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Temp\~DF182C.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Temp\~DF192F.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Temp\~DF4AFA.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Temp\~DF6633.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Temporary Internet Files\Content.Word\~WRS{48C4D4C9-688F-41D2-B785-171766ED9065}.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\Local Settings\Temporary Internet Files\Content.Word\~WRS{9E8FEE00-DBDB-4FF5-BEB9-37665F8AB337}.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\Pat-admin\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\cert8.db L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\content-prefs.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\cookies.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\downloads.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\formhistory.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\key3.db L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\parent.lock L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\permissions.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\places.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\places.sqlite-journal L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\search.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Bureau\Zebulon.doc L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\ith80ejd.default\urlclassifier3.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Historique\History.IE5\MSHist012009051920090520\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Temp\etilqs_0tkfdcp2Nf3DMvdrZlue L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\Local Settings\Temporary Internet Files\Content.IE5\FYTUMTFG\n5[1].txt Infecté : Worm.Win32.AutoRun.fvv ignoré C:\Documents and Settings\Patrice\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\Patrice\ntuser.dat.LOG L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\System Volume Information\_restore{41489E81-1758-460E-AC81-65A6D2678DBE}\RP111\A0023418.exe Infecté : Worm.Win32.AutoRun.fvv ignoré C:\System Volume Information\_restore{41489E81-1758-460E-AC81-65A6D2678DBE}\RP113\A0023501.exe Infecté : Worm.Win32.AutoRun.fvv ignoré C:\System Volume Information\_restore{41489E81-1758-460E-AC81-65A6D2678DBE}\RP116\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\Temp\Perflib_Perfdata_3a4.dat L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré D:\System Volume Information\_restore{41489E81-1758-460E-AC81-65A6D2678DBE}\RP116\change.log L'objet est verrouillé ignoré D:\System Volume Information\_restore{41489E81-1758-460E-AC81-65A6D2678DBE}\RP74\A0018101.exe L'objet est verrouillé ignoré D:\System Volume Information\_restore{41489E81-1758-460E-AC81-65A6D2678DBE}\RP74\A0018303.exe L'objet est verrouillé ignoré F:\System Volume Information\_restore{41489E81-1758-460E-AC81-65A6D2678DBE}\RP116\change.log L'objet est verrouillé ignoré Analyse interrompue par l'utilisateur !
  23. patcar06
    Merci pour ton temps à suivre mon problème. Voici le rapport, il semble que ce dllcache ait disparu. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:24:20, on 19/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe" -r O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-796845957-117609710-1801674531-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Patrice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-21-796845957-117609710-1801674531-1003 Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'Patrice') O4 - S-1-5-21-796845957-117609710-1801674531-1003 User Startup: palmOne Registration.lnk = C:\RECYCLER\S-1-5-21-796845957-117609710-1801674531-1004\Dc1\register.exe (User 'Patrice') O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{511CCF1A-5470-4302-AB7F-63158B11BAD9}: NameServer = 62.231.32.10,62.231.32.11 O20 - AppInit_DLLs: O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe -- End of file - 7411 bytes
  24. patcar06
    En fait je comprends que Moveit ne le trouve pas car ce fichier n'apparait pas dans C:\WINDOWS\system\ Seul Hijacthis le détecte. A tout hasard j'ai comodo qui bloque un Windows operating system toutes les 3 secondes je ne sais pas si çà a un rapport.
  25. patcar06
    Voici le rapport Moveit : Il ne m'a pas demandé de redémarrer. Error: Unable to interpret <C:\WINDOWS\system\dllcache.exe> in the current context! OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05172009_145058
×
×
  • Créer...