sylwya

Pour l'UAC, la case était déjà cochée. Problème mise à jour avec code erreur sur une mise à jour importante de windows update : code 80070020 Je vais installer le reste pour la sécurisation. Une chose à signaler, il y a 1 heure le PC s'est éteint tout seul, beaucoup de difficulté à relancer. Au bout d'un moment, a réagit et a afficher sur un fond noir des tas de ligne qui défilées du style : 63 % effectués "des chiffres différents sur chaque ligne" entrées d'index sur "chiffres toujours le même sur chaque ligne" traitées Puis correction erreur $I30 Puis récupération orpheline Tout défilé trsè très vite, les pourcentages évolués. Depuis le PC refonctionne bien, nous supposons que se sont les MAJ windows installées hier (+ de 200) qui ont dues être mal digérées par le PC. Voilà, bon dimanche Merci

Le rapport check security Results of screen317's Security Check version 0.99.8 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 23 Java 6 Update 7 Out of date Java installed! Adobe Flash Player Adobe Reader X - Français ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log````````````

Bonjour Lance-Yien Voici des nouvelles de la bête Rapport Hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:02:24, on 09/01/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\La route pour tous\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hp-notebook | MSN.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Login sur Webmail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hp-notebook | MSN.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hp-notebook | MSN.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Accès du périphérique d'interface utilisateur (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ouverture de session secondaire (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: Hôte de périphérique UPnP (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: WebClient - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 21514 bytes

Bonsoir Lance-yien Voilà DD de 500 GO acheté, tout transféré, et le grand saut effectué - tout réinstallé après reformatage donc : - Adobe OK - Java OK, mais toujours update 7 car si je n'acceptais pas le 7 ne voulait pas installer le 23 - antivir OK - désinstalle norton OK - MBAM OK - CCleaner OK - Deffraggler OK Une seule chose "merdouille", j'ai désactiver certains services comme il est conseillé de le faire pour optimiser le démarrage, et Windows defender est donc désactiver mais il me dit à chaque démarrage du PC : echec initialisation de l'application Windows defender 0x800106ba ?? cela va apparaître à chaque fois ? Ton précédent post disait : te donner quelques astuces bien utiles je les attends avec impatience As-tu besoin d'un rapport pour une vérification, un contrôle ?? Merci pour tout Ta réactivité et la clareté de tes explications sont

Il n'y a plus qu'à acheter le DD et puis sauter dans le vide Je te tiens informé du résultat de tout cela Merci

Bon, nous allons acheter un DD externe , de tout façon il fallait que nous le fassions Est-on sur à 100 % que le PC ne risque pas de bugger, je sais tu ne me dirais pas de le faire si il y avait un risque, mais j'ai besoin d'être rassurée et puis c'est le genre de manipulations que l'on ne fais pas tous les jours, alors j'appréhende un peu. MERCI

Bon ben, nouveau compte administrateur créé mais toujours les mêmes soucis de manipulations, pas d'"exécuter en tant que adm" "ouvrir" à la place, et donc pour le fichier zeb-restore c'est idem tableau sur fond bleu sans annotation à côté des cases à cocher. Oui en mode sans échec j'ai "réparer l'ordinateur", il n'y a pas de risque de bug ou de perte de données ? j'attends avant de cliquer dessus car il manquerait plus que je fasse une bourde Chose nouvelle MSE s'est désactivé tout seul donc j'ai téléchargé Avira, j'espère qu'il n'y a pas de risque que MSE se reconnecte tout seul car Avira et lui ne vont pas s'entendre, faudrait pas qu'ils se bagarrent et bloquent tout Merci

Bonjour Lance-Yien Déplacement dans C : OK Mode sans échec : OK mais pas de choix d'utilisateur ; manip désinstallation Java 6 update 7 échec suite erreur Windows Installer Je suis allée avec le mode sans échec dans le panneau de config "comptes utlisateurs" indique mon conjoint en tant qu'administrateur (un coup il y est, un coup il y est pas ) J'ai pu me rendre sur zeb-restore dans C : j'ai pu avoir le tableau sur fond bleu abec les cases à cocher : panneau de config + ajt/sup - Policies - Windows update, je les ai cochées, j'ai cliqué sur Restauration, à peine coché un message m'indique que restauration OK (cela va aussi vite ??). Donc ai redémarré le PC en mode normal, ai refais manip ZEB-Restore, mais là la tableau sur fond bleu apparaît mais pas les nom à côté des cases à cocher, j'ai attendu plusieurs minutes mais rien. cela se complique..... A savoir que je n'ai toujours pas le "exécuter en tant qu'admin" simplement "ouvrir" et cela aussi bien en mode normal que sans échec J'y comprend de moins en moins Merci

Bonsoir Tu as raison au niveau administration, il y a un souci, car je n'ai pas la fonction "exécuter en tant qu'administrateur", j'ai "ouvrir". Je lis régulièrement le Forum Zebulon (j'y apprend beaucoup de choses) et j'ai lu plusieurs fois que sous Vista il fallait toujours faire "exécuter en tant qu'administrateur" et depuis le départ de la discussion avec toi je n'y ai pas pris garde (ben oui, mon PC est sous XP, je n'ai pas ce souci). C'est vrai que l'on voit C/:auchan partout ?????? c'est lui l'administrateur ? Bizarre à l'ouverture du PC, il ne nous demande pas de choisir de session ?? comment faire ?? Quelle galère !!!! Je n'arrive pas à dézipper pour cocher les cases. Désolée pour tout cela; Snifff !! Merci

Bonjour Lance_yien Impossible de désinstaller Java 6 update 7 "erreur interne 2753 RegUtils" Update 23 ok Adobe OK Impossible Windows Update : erreur 80070490 Impossible désinstaller MSE : erreur 0x80070643, pour MSE est-il possible que je le désactive de façon permanente et que j'installe et utilise Avira ? OTL et ComboFix OK Qu'entends-tu par "se connecter comme Administrateur" nous ne le sommes pas d'office ? Merci

Bonsoir Nous connaissons le risque d'utiliser le même PC pour le privé et le pro, mais malheureusement pour l'instant nous ne pouvons investir dans un PC pour l'activité qui débute seulement. Et de plus, nous nous interrogeons sur prendre Microsoft ou MAC ? Car manque semble moins infecté mais voilà est-ce que tout est compatible avec (administration sites, forum, logiciels)? J'irai jeter un oeil sur le forum Zebulon dédié à cela. Voici le log OTL. Merci All processes killed ========== OTL ========== No active process named SMSTray.exe was found! C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} folder moved successfully. C:\Users\auchan\AppData\Roaming\mozilla\Extensions folder moved successfully. Folder C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ deleted successfully. C:\Program Files\Lexmark Toolbar\toolband.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found. File C:\Program Files\Lexmark Toolbar\toolband.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found. File C:\Program Files\Lexmark Toolbar\toolband.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found. File C:\Program Files\Lexmark Toolbar\toolband.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SMSTray deleted successfully. C:\Program Files\Samsung\EmoDio\SMSTray.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut deleted successfully. C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut deleted successfully. C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdatePDIRShortCut deleted successfully. C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdatePSTShortCut deleted successfully. C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: auchan ->Temp folder emptied: 20497240 bytes ->Temporary Internet Files folder emptied: 21220818 bytes ->Java cache emptied: 38759772 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 1507 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 533507 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 154842 bytes Total Files Cleaned = 77,00 mb [EMPTYFLASH] User: All Users User: auchan ->Flash cache emptied: 0 bytes User: Default User: Default User User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.1 log created on 01042011_184622 Files\Folders moved on Reboot... C:\Users\auchan\AppData\Local\Temp\ehmsas.txt moved successfully. File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE307.tmp not found! File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE30D.tmp not found! File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE33C.tmp not found! File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE342.tmp not found! File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE75A.tmp not found! File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE761.tmp not found! File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE9FC.tmp not found! File\Folder C:\Users\auchan\AppData\Local\Temp\~DFEA02.tmp not found! C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y99TIYCQ\afr[1].htm moved successfully. C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y99TIYCQ\pup-dealio-42-infections-t182034[1].htm moved successfully. C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X8TE1LYM\AP_ADV_728x90[1].htm moved successfully. C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LJ5AGVZQ\AP_CPL_728x90[1].htm moved successfully. C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\06XDVPVK\ban_home_728x90[1].htm moved successfully. C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully. File\Folder C:\Windows\temp\TMP000000034A22E56AA2D65FDB not found! Registry entries deleted on Reboot...

OTL logfile created on: 04/01/2011 11:31:08 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\auchan\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 287,05 Gb Total Space | 185,99 Gb Free Space | 64,79% Space Free | Partition Type: NTFS Drive D: | 11,04 Gb Total Space | 1,83 Gb Free Space | 16,56% Space Free | Partition Type: NTFS Computer Name: LAROUTEPOURTOUS | User Name: auchan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe PRC - [2009/09/06 13:38:06 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2009/04/22 22:06:52 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe PRC - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe PRC - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe PRC - [2008/09/26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe PRC - [2008/09/26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe PRC - [2008/09/26 02:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2008/09/25 18:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2008/09/17 11:36:04 | 000,484,880 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe PRC - [2008/02/28 01:53:25 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdxcoms.exe PRC - [2005/07/15 22:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe ========== Modules (SafeList) ========== MOD - [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/09/06 13:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS) SRV - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS) SRV - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/09/26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe -- (STacSV) SRV - [2008/09/26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe -- (AESTFilters) SRV - [2008/02/28 01:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdxcoms.exe -- (lxdx_device) SRV - [2008/02/28 01:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService) SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\auchan\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2010/03/25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2008/11/17 13:40:19 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/11/17 13:40:19 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/11/17 13:40:19 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/09/29 17:27:56 | 003,930,112 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/09/26 20:14:12 | 000,389,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008/09/26 02:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) DRV - [2008/07/21 11:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008/05/28 17:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2008/04/28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/03/27 12:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008/03/27 12:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008/02/14 15:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008/01/24 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel® DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/18 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Hp-notebook | MSN.fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Webmail Free.fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== [2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions [2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} O1 HOSTS File: ([2011/01/03 17:24:01 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.) O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [sMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [uCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\auchan\Documents\patchwork\amis.JPG O24 - Desktop BackupWallPaper: C:\Users\auchan\Documents\patchwork\amis.JPG O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/01/04 11:29:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe [2011/01/03 17:35:47 | 000,000,000 | ---D | C] -- C:\Windows\TEMP [2011/01/03 17:25:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/01/03 17:14:50 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/01/03 17:14:50 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/01/03 17:14:50 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/01/03 17:14:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/01/03 17:13:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/01/03 17:11:22 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/12/28 12:14:06 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\Gendarmerie [2010/12/27 13:39:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/12/27 13:39:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/12/27 13:39:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/12/16 11:23:54 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\CV Claudine Arotcaren [2010/12/07 14:31:27 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\Téléthon [2009/06/30 12:10:45 | 001,105,920 | ---- | C] ( ) -- C:\Windows\System32\lxdxserv.dll [2009/06/30 12:10:45 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdxusb1.dll [2009/06/30 12:10:45 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDXhcp.dll [2009/06/30 12:10:45 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdxinpa.dll [2009/06/30 12:10:45 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxiesc.dll [2009/06/30 12:10:44 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdxpmui.dll [2009/06/30 12:10:44 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdxlmpm.dll [2009/06/30 12:10:44 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdxprox.dll [2009/06/30 12:10:43 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdxhbn3.dll [2009/06/30 12:10:42 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomc.dll [2009/06/30 12:10:42 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomm.dll [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [120 C:\Users\auchan\AppData\Roaming\*.tmp files -> C:\Users\auchan\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/04 11:33:40 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0D088B3C-1A96-4B45-B34B-4CAA2112D607}.job [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe [2011/01/04 10:50:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/04 10:08:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/04 10:08:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/04 08:13:12 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/01/04 08:13:12 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/01/04 08:13:12 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/01/04 08:13:12 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/01/04 08:08:53 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/04 08:08:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/04 08:08:32 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2011/01/04 00:26:26 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011/01/03 20:38:36 | 000,002,865 | ---- | M] () -- C:\Users\auchan\AppData\Roaming\QuickZip45.ini [2011/01/03 17:24:01 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/12/25 11:07:00 | 000,010,104 | ---- | M] () -- C:\Users\auchan\Documents\sylvienoel.jpg [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/18 11:12:28 | 000,006,836 | ---- | M] () -- C:\Users\auchan\AppData\Local\d3d9caps.dat [2010/12/07 14:25:01 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForauchan.job [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [120 C:\Users\auchan\AppData\Roaming\*.tmp files -> C:\Users\auchan\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/03 17:14:50 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/01/03 17:14:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/01/03 17:14:50 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/01/03 17:14:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/01/03 17:14:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010/12/25 11:00:19 | 000,010,104 | ---- | C] () -- C:\Users\auchan\Documents\sylvienoel.jpg [2010/03/04 20:28:04 | 000,006,836 | ---- | C] () -- C:\Users\auchan\AppData\Local\d3d9caps.dat [2009/12/06 15:05:29 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009/12/02 09:24:55 | 000,012,588 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\UserTile.png [2009/11/23 00:01:50 | 000,042,136 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpGALETS.0 [2009/11/23 00:01:50 | 000,025,579 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpGALETS.JPG [2009/11/06 05:22:42 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll [2009/11/02 09:04:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009/11/02 09:04:23 | 000,000,000 | ---- | C] () -- C:\Windows\NSREX.INI [2009/09/25 11:42:10 | 000,002,790 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpTROMBONEXI.JPG [2009/09/25 11:42:10 | 000,002,656 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpTROMBONEXI.0 [2009/09/24 08:29:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/21 10:10:37 | 000,002,865 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\QuickZip45.ini [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/07/01 18:02:38 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2009/06/30 12:21:51 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdxcoin.dll [2009/06/30 12:21:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdxvs.dll [2009/06/30 12:19:43 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdxdrs.dll [2009/06/30 12:19:43 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdxcaps.dll [2009/06/30 12:19:43 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdxcnv4.dll [2009/06/30 12:18:59 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL [2009/06/30 12:18:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL [2009/06/30 12:18:39 | 000,053,248 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll [2009/06/30 12:18:39 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL [2009/06/30 12:16:12 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdxrwrd.ini [2009/06/30 12:16:01 | 000,000,260 | ---- | C] () -- C:\ProgramData\lxdx.log [2009/06/30 12:10:46 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDXinst.dll [2009/06/30 12:10:43 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdxgrd.dll [2009/03/21 16:45:34 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\wklnhst.dat [2009/03/21 11:37:07 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\FnF4.txt [2009/02/25 02:41:29 | 000,061,440 | ---- | C] () -- C:\Users\auchan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\QSwitch.txt [2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\DSwitch.txt [2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\AtStart.txt [2009/01/14 18:59:06 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009/01/14 18:58:53 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009/01/14 18:58:20 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009/01/14 18:57:40 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009/01/14 18:55:30 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2009/01/14 17:59:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008/11/17 06:53:19 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2008/11/17 06:46:04 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2008/11/17 06:43:39 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2008/11/17 06:42:00 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2008/09/29 16:51:26 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008/09/17 11:36:22 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2008/09/17 11:36:20 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll [2008/09/17 11:36:20 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2008/09/17 11:36:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [1999/01/22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007/11/07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007/11/07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007/11/07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2011/01/04 08:08:32 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2007/11/07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2010/01/01 22:09:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/06/30 12:16:01 | 000,000,086 | ---- | M] () -- C:\lxdx.log [2010/05/23 19:42:34 | 000,000,086 | ---- | M] () -- C:\lxdxjswx.log [2010/01/01 22:09:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/01/04 08:08:30 | 3532,742,656 | -HS- | M] () -- C:\pagefile.sys [2007/11/07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007/11/07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007/11/07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008/09/29 16:52:50 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys < > < End of report > OTL logfile created on: 04/01/2011 11:31:08 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\auchan\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 287,05 Gb Total Space | 185,99 Gb Free Space | 64,79% Space Free | Partition Type: NTFS Drive D: | 11,04 Gb Total Space | 1,83 Gb Free Space | 16,56% Space Free | Partition Type: NTFS Computer Name: LAROUTEPOURTOUS | User Name: auchan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe PRC - [2009/09/06 13:38:06 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2009/04/22 22:06:52 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe PRC - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe PRC - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe PRC - [2008/09/26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe PRC - [2008/09/26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe PRC - [2008/09/26 02:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2008/09/25 18:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2008/09/17 11:36:04 | 000,484,880 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe PRC - [2008/02/28 01:53:25 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdxcoms.exe PRC - [2005/07/15 22:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe ========== Modules (SafeList) ========== MOD - [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/09/06 13:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS) SRV - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS) SRV - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/09/26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe -- (STacSV) SRV - [2008/09/26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe -- (AESTFilters) SRV - [2008/02/28 01:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdxcoms.exe -- (lxdx_device) SRV - [2008/02/28 01:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService) SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\auchan\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2010/03/25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2008/11/17 13:40:19 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/11/17 13:40:19 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/11/17 13:40:19 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/09/29 17:27:56 | 003,930,112 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/09/26 20:14:12 | 000,389,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008/09/26 02:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) DRV - [2008/07/21 11:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008/05/28 17:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2008/04/28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/03/27 12:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008/03/27 12:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008/02/14 15:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008/01/24 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel® DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/18 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Hp-notebook | MSN.fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Webmail Free.fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== [2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions [2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} O1 HOSTS File: ([2011/01/03 17:24:01 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.) O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [sMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [uCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\auchan\Documents\patchwork\amis.JPG O24 - Desktop BackupWallPaper: C:\Users\auchan\Documents\patchwork\amis.JPG O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/01/04 11:29:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe [2011/01/03 17:35:47 | 000,000,000 | ---D | C] -- C:\Windows\TEMP [2011/01/03 17:25:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/01/03 17:14:50 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/01/03 17:14:50 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/01/03 17:14:50 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/01/03 17:14:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/01/03 17:13:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/01/03 17:11:22 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/12/28 12:14:06 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\Gendarmerie [2010/12/27 13:39:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/12/27 13:39:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/12/27 13:39:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/12/16 11:23:54 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\CV Claudine Arotcaren [2010/12/07 14:31:27 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\Téléthon [2009/06/30 12:10:45 | 001,105,920 | ---- | C] ( ) -- C:\Windows\System32\lxdxserv.dll [2009/06/30 12:10:45 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdxusb1.dll [2009/06/30 12:10:45 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDXhcp.dll [2009/06/30 12:10:45 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdxinpa.dll [2009/06/30 12:10:45 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxiesc.dll [2009/06/30 12:10:44 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdxpmui.dll [2009/06/30 12:10:44 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdxlmpm.dll [2009/06/30 12:10:44 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdxprox.dll [2009/06/30 12:10:43 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdxhbn3.dll [2009/06/30 12:10:42 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomc.dll [2009/06/30 12:10:42 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomm.dll [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [120 C:\Users\auchan\AppData\Roaming\*.tmp files -> C:\Users\auchan\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/04 11:33:40 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0D088B3C-1A96-4B45-B34B-4CAA2112D607}.job [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe [2011/01/04 10:50:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/04 10:08:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/04 10:08:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/04 08:13:12 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/01/04 08:13:12 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/01/04 08:13:12 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/01/04 08:13:12 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/01/04 08:08:53 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/04 08:08:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/04 08:08:32 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2011/01/04 00:26:26 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011/01/03 20:38:36 | 000,002,865 | ---- | M] () -- C:\Users\auchan\AppData\Roaming\QuickZip45.ini [2011/01/03 17:24:01 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/12/25 11:07:00 | 000,010,104 | ---- | M] () -- C:\Users\auchan\Documents\sylvienoel.jpg [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/18 11:12:28 | 000,006,836 | ---- | M] () -- C:\Users\auchan\AppData\Local\d3d9caps.dat [2010/12/07 14:25:01 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForauchan.job [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [120 C:\Users\auchan\AppData\Roaming\*.tmp files -> C:\Users\auchan\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/03 17:14:50 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/01/03 17:14:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/01/03 17:14:50 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/01/03 17:14:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/01/03 17:14:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010/12/25 11:00:19 | 000,010,104 | ---- | C] () -- C:\Users\auchan\Documents\sylvienoel.jpg [2010/03/04 20:28:04 | 000,006,836 | ---- | C] () -- C:\Users\auchan\AppData\Local\d3d9caps.dat [2009/12/06 15:05:29 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009/12/02 09:24:55 | 000,012,588 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\UserTile.png [2009/11/23 00:01:50 | 000,042,136 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpGALETS.0 [2009/11/23 00:01:50 | 000,025,579 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpGALETS.JPG [2009/11/06 05:22:42 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll [2009/11/02 09:04:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009/11/02 09:04:23 | 000,000,000 | ---- | C] () -- C:\Windows\NSREX.INI [2009/09/25 11:42:10 | 000,002,790 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpTROMBONEXI.JPG [2009/09/25 11:42:10 | 000,002,656 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpTROMBONEXI.0 [2009/09/24 08:29:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/21 10:10:37 | 000,002,865 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\QuickZip45.ini [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/07/01 18:02:38 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2009/06/30 12:21:51 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdxcoin.dll [2009/06/30 12:21:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdxvs.dll [2009/06/30 12:19:43 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdxdrs.dll [2009/06/30 12:19:43 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdxcaps.dll [2009/06/30 12:19:43 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdxcnv4.dll [2009/06/30 12:18:59 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL [2009/06/30 12:18:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL [2009/06/30 12:18:39 | 000,053,248 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll [2009/06/30 12:18:39 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL [2009/06/30 12:16:12 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdxrwrd.ini [2009/06/30 12:16:01 | 000,000,260 | ---- | C] () -- C:\ProgramData\lxdx.log [2009/06/30 12:10:46 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDXinst.dll [2009/06/30 12:10:43 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdxgrd.dll [2009/03/21 16:45:34 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\wklnhst.dat [2009/03/21 11:37:07 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\FnF4.txt [2009/02/25 02:41:29 | 000,061,440 | ---- | C] () -- C:\Users\auchan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\QSwitch.txt [2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\DSwitch.txt [2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\AtStart.txt [2009/01/14 18:59:06 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009/01/14 18:58:53 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009/01/14 18:58:20 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009/01/14 18:57:40 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009/01/14 18:55:30 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2009/01/14 17:59:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008/11/17 06:53:19 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2008/11/17 06:46:04 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2008/11/17 06:43:39 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2008/11/17 06:42:00 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2008/09/29 16:51:26 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008/09/17 11:36:22 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2008/09/17 11:36:20 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll [2008/09/17 11:36:20 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2008/09/17 11:36:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [1999/01/22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007/11/07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007/11/07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007/11/07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2011/01/04 08:08:32 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2007/11/07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2010/01/01 22:09:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/06/30 12:16:01 | 000,000,086 | ---- | M] () -- C:\lxdx.log [2010/05/23 19:42:34 | 000,000,086 | ---- | M] () -- C:\lxdxjswx.log [2010/01/01 22:09:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/01/04 08:08:30 | 3532,742,656 | -HS- | M] () -- C:\pagefile.sys [2007/11/07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007/11/07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007/11/07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008/09/29 16:52:50 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys < > < End of report > OTL Extras logfile created on: 04/01/2011 11:31:08 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\auchan\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 287,05 Gb Total Space | 185,99 Gb Free Space | 64,79% Space Free | Partition Type: NTFS Drive D: | 11,04 Gb Total Space | 1,83 Gb Free Space | 16,56% Space Free | Partition Type: NTFS Computer Name: LAROUTEPOURTOUS | User Name: auchan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{AB61B6CC-DBFA-41CE-B42A-42C55C2326DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{E980F432-DE92-474F-9D6E-40D7464A5575}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02613A23-1CED-451F-9E35-CEC66229E154}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe | "{05864A93-983F-4060-92D7-FC7FBED55B40}" = protocol=6 | dir=in | app=c:\windows\system32\lxdxcfg.exe | "{145D1B83-0E98-4095-BA58-96C631F160C4}" = protocol=6 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxamon.exe | "{178CE79E-57D2-4C77-A7C8-A59122A6AB0E}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe | "{1956E7CB-DBCF-4725-8CAB-E74A2A924924}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | "{1A81180B-1253-499C-96EA-C7B3982DAEEB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{1C1547B9-1A71-4299-9919-233482A3B044}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | "{1D629D06-509D-4588-AD78-BBBE114AFE90}" = protocol=17 | dir=in | app=c:\program files\lexmark 3600-4600 series\frun.exe | "{1F0CFDDB-CCE1-4E1C-9C08-D27A0748E686}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxjswx.exe | "{20F437E8-36AD-4451-9518-4C4EE91CC43E}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe | "{21867B8D-8459-45AB-82A8-C90767EC1607}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe | "{22FC5876-79B0-41B7-9362-3AAC4FDB64B8}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | "{279419D7-936B-430E-BAF5-C972CF392C33}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{2B64DA24-D4B2-4D36-A51C-5967C44DD308}" = protocol=17 | dir=in | app=c:\windows\system32\lxdxcfg.exe | "{3782B7A2-4412-4A68-9B3C-4B317B617E99}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | "{3C65D931-E620-4706-8A8F-51EABD3BB020}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | "{44AF85DF-D186-4636-9167-BCE4D39226F7}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | "{44EA5368-3D5C-4198-91B3-CEC7E17CBFF3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxtime.exe | "{45BA5594-0AEB-475D-AF33-8E87872C489F}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxpswx.exe | "{4813FE9B-91D6-49AA-8840-3251F206127B}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe | "{4A218011-F5E7-42E8-971D-A986CECC6A1B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{4EA7EFC9-D9AF-4F22-907E-C4B379355E58}" = protocol=17 | dir=in | app=c:\windows\system32\lxdxcoms.exe | "{5537F741-4E7D-417C-BA23-CF2DF25FFC7B}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{59B102BD-E12F-4007-8BD5-C811DEBC47E1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{5B096746-AEBE-467C-AE46-E08D5C488659}" = protocol=6 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxmon.exe | "{5B9DFDE7-7BA1-4023-B05C-6B0EE51B1546}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxjswx.exe | "{5CEF256E-C63B-4873-BA52-54013537BF7C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{62CE6459-7380-4D23-BDE6-815713279EDA}" = protocol=6 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe | "{69CC44B2-F3D7-40A5-9775-15F14CF9F0BA}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxpswx.exe | "{6C81BAB4-6A2C-4595-BD81-8FC5CE21364E}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe | "{6FD501AB-A1A2-4AE9-8A68-C324382E3045}" = protocol=17 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe | "{71F62FE2-79A3-4A1A-87E4-B7E89673B79D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxtime.exe | "{8CFC8919-99F7-4BC5-A71C-DF372B7DB143}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{941C8351-F27A-45C5-8E14-010386F79E7D}" = protocol=6 | dir=in | app=c:\windows\system32\lxdxcoms.exe | "{9E1D673F-5D80-435A-835C-21F6F45742B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A9CAD971-39A8-4FB6-BF35-003EB3FC4054}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{B486AEBC-E032-43D3-95C6-CDAD874D8C9E}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{CC85D8F6-7038-47A2-ACE4-CD34A5F66B38}" = protocol=17 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxamon.exe | "{D2E4B946-B8CF-4A21-8410-762C2EE337BA}" = protocol=6 | dir=in | app=c:\users\auchan\appdata\local\temp\7zsb84a.tmp\symnrt.exe | "{D30CB295-0337-4C66-97AA-13E1ED46E39E}" = protocol=6 | dir=in | app=c:\users\auchan\appdata\local\temp\7zsfd52.tmp\symnrt.exe | "{D4F7B15D-87B2-4DD4-9B7E-74789D420974}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe | "{DB1326B0-05CB-4FC2-B5DC-78D40353CCED}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | "{DB8210F7-F0DE-426D-B209-DCCC93859FFD}" = protocol=17 | dir=in | app=c:\users\auchan\appdata\local\temp\7zsfd52.tmp\symnrt.exe | "{E2059F32-1EDB-41AD-8BC0-B2C4992EB37A}" = protocol=6 | dir=in | app=c:\program files\lexmark 3600-4600 series\frun.exe | "{E6A79B84-11E6-40E5-A6D5-18E003B84327}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{E79025A4-755C-4855-8B6E-FA77A74C64C5}" = protocol=17 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxmon.exe | "{F2E107BF-64FB-4770-A35A-84D5E92A58D4}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe | "{F3B35046-D1AA-4786-AEA4-61B7CA90AB8E}" = protocol=17 | dir=in | app=c:\users\auchan\appdata\local\temp\7zsb84a.tmp\symnrt.exe | "TCP Query User{0B0FA1F5-9824-4716-854C-EC002297C05B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{1E7733C9-2A4E-4CDB-A769-32FAE1675A1A}C:\program files\lexmark 3600-4600 series\lxdxmon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxmon.exe | "TCP Query User{D74EF8A7-C965-4343-840E-BBFAC05C5F91}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{6894EDDC-2DC1-4B8B-9184-861D2D73949A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{6AECE442-1965-46F1-8EDA-CE5EBC27E283}C:\program files\lexmark 3600-4600 series\lxdxmon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxmon.exe | "UDP Query User{EDA0830D-D72B-42A7-A736-6492AE9B9368}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support "{0183F4E0-2B34-B591-5738-83FC76C87A14}" = Catalyst Control Center Localization Korean "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier "{03F1CC67-5BD8-4C36-8394-76311B2AE69A}" = ArcSoft PhotoStudio 5 "{0701BF04-7B0E-7A8E-F26C-04323F3466D3}" = Catalyst Control Center Graphics Previews Common "{07893099-BC83-FB66-EA99-DF5EC407E446}" = Catalyst Control Center Localization Finnish "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}" = Search Settings 1.2.1 "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Barre d'outils "{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office "{124716B7-62A0-566F-7D83-3CFFBA804283}" = CCC Help Chinese Standard "{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129 "{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor "{15833C34-C1DB-AD8D-1450-F10A35332585}" = CCC Help Finnish "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{19CE6D7C-31FC-FA8C-CACD-829C34C9664F}" = Catalyst Control Center Localization Polish "{1D7B2D4C-81C6-5487-16BE-04FF0A3D1ECE}" = CCC Help German "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{20561C24-E5C2-3F82-754C-AA3AE9FA9616}" = ATI Catalyst Install Manager "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{209108CE-8F84-E0A8-B1B4-164236CF88CD}" = ccc-utility "{20A089BF-5446-D7F9-F795-A4DD003A4D83}" = CCC Help Japanese "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 23 "{2C593FF4-50CD-4790-8AAE-52E557B96AFA}" = CCC Help Spanish "{30F25CDF-FCF1-907E-B7C9-962932163BA9}" = CCC Help Russian "{3201EAFA-B950-EEF7-7EA9-60619D77E503}" = Catalyst Control Center Graphics Light "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{32621722-017F-7B1D-0DC3-EF1173FCF91D}" = Catalyst Control Center Localization Thai "{348D10E8-5346-0285-D517-662E278B2EA0}" = Catalyst Control Center Localization Italian "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2 "{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup "{3825057D-0BA7-4A33-F30E-9337C2E236D0}" = Catalyst Control Center Graphics Previews Vista "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista "{3A55C011-4D00-8867-CBB6-1228B31789B5}" = Catalyst Control Center Localization Danish "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{41B80470-ED91-BA55-B261-022EAE1792B4}" = Catalyst Control Center Localization Chinese Standard "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BA62EA4-F90D-4B9F-9D77-864A8F74F4F4}" = Giration "{4C2C6174-20E4-F973-DE93-371E0894417A}" = Catalyst Control Center Localization French "{4C64F887-A1DB-E2AD-41EE-52A1E534C7AB}" = Catalyst Control Center Localization Greek "{4D904393-7FBF-BD78-0978-D8502F9C4A00}" = Catalyst Control Center Localization Portuguese "{4FD74810-817D-6E6C-03D8-CE5225C72348}" = Catalyst Control Center Localization Spanish "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker "{558FF444-F562-4E4C-98BD-7B20EE184D2E}" = Catalyst Control Center - Branding "{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements "{5A4B3122-D87F-D5F5-D67C-94E1D93476AC}" = CCC Help English "{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser "{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{61C8A2C7-A329-A37D-B3E5-F0F252455F1B}" = Catalyst Control Center Graphics Full Existing "{61E70B7C-B2E8-67E0-4284-8E3CE5794CFB}" = CCC Help Hungarian "{64530F96-CFAC-C452-7EE0-99AEE869DBA1}" = CCC Help Dutch "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV "{6F930A14-B2B8-3ABD-50F2-0F282D5F832C}" = Catalyst Control Center Graphics Full New "{6FB0F078-126C-4C2F-014A-95647880F7BE}" = CCC Help Swedish "{7148F0A8-6813-11D6-A77B-00B0D0142180}" = Java 2 Runtime Environment, SE v1.4.2_18 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7C9018BB-12EB-CB69-E385-F86298711834}" = CCC Help Turkish "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{87F6CE5C-5165-8AB6-9680-DC9F8E0439ED}" = Catalyst Control Center Localization Turkish "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F38334E-1973-4AA3-9E94-957E717DB308}" = Ciel Auto-entrepreneur Facile 2.0 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{924B7593-B3F4-D47E-A72E-60B2EEB2C4E1}" = Catalyst Control Center Localization German "{94BBD695-79CC-B3FF-33E9-58AE57EC578C}" = CCC Help Korean "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{985DAFC5-78D4-BB31-C349-FD2872FEB5EF}" = CCC Help Greek "{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant "{9D615069-AA8F-4E89-AE9D-77AAE90F529F}" = ProtectSmart Hard Drive Protection "{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter "{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}" = Microsoft Antimalware Service FR-FR Language Pack "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A578B344-70B8-9F08-45E7-FB8885A5B97F}" = CCC Help Polish "{A601A126-664A-3199-3989-416106FA729B}" = Catalyst Control Center Localization Swedish "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AAFA9A30-E842-7B49-2BBE-05DF047CB424}" = Catalyst Control Center InstallProxy "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B2CB864F-CB12-7EF5-0B9A-315E3D578EE8}" = CCC Help Italian "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0 "{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}" = LauncherMA "{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax "{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}" = ArcSoft PhotoBase 3 "{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C65A2C53-9173-8F8A-9BB0-CA30E60A3FFF}" = ccc-core-static "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CDFF4D17-315B-B05E-0BA0-3BE53626EFCD}" = CCC Help Thai "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5 "{D225D111-25D0-36B3-0EFC-7787A9488875}" = Catalyst Control Center Localization Russian "{D81D0AE5-7D12-4044-94D5-EB7A205D577A}" = FRANCE PROSPECT DECOUVERTE "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal "{DF9D968F-2473-A25F-6745-78AD0EB48A68}" = CCC Help Portuguese "{E04B018C-D011-4F34-B179-1F93AC1C98F8}" = Micro Application - Assistant Etiquettes "{E0766AD5-FE36-AFBC-359A-16DA8A59FC44}" = Catalyst Control Center Localization Japanese "{E23B1CF4-87B0-8B1B-67C9-2ABFDD2991A8}" = Catalyst Control Center Localization Norwegian "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{E965B25B-BAD9-4EB3-BB8F-E3B82C0749C9}" = CCC Help French "{E9B21DFF-9E4C-98FC-9ADB-DCC4C07628CB}" = CCC Help Chinese Traditional "{EA6A73CD-4107-34AA-812A-E2F3ED1318A8}" = Skins "{EABC9B4F-6DA1-2E8B-CEDD-E67E427F2E67}" = CCC Help Danish "{EC9A5560-9BF9-A22E-DE04-FE890547D130}" = Catalyst Control Center Localization Czech "{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition "{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}" = HP MediaSmart SmartMenu "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F3A88294-F0C5-66FF-EF03-025D44C86184}" = CCC Help Czech "{FA017B85-B68B-8BD6-60EE-7DD3A6A2A52F}" = Catalyst Control Center Core Implementation "{FC974C09-8418-BD5B-ACCA-0F436E4D1D57}" = CCC Help Norwegian "{FDE60234-1626-10F7-F547-FF97B5E76CDB}" = Catalyst Control Center Localization Hungarian "{FF4D4CC0-858A-A446-567A-0FFB56D9EA92}" = Catalyst Control Center Localization Chinese Traditional "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "ALUpdate_is1" = ALTools Update "AnyBizSoft PDF to Word (Build 2.0.0.12)_is1" = AnyBizSoft PDF to Word "CCleaner" = CCleaner "Code de la Route Deluxe" = Code de la Route Deluxe "Defraggler" = Defraggler "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "EasyBits Magic Desktop" = Magic Desktop "Ethylotest_ID_is1" = Ethylotest "FileZilla Client" = FileZilla Client 3.3.5.1 "FotoMix" = Digital Photo Software FotoMix 6.1.1 "Free Video Converter_is1" = Free Video Converter V 2.9 "GIF Animator" = Microsoft GIF Animator "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series "Lexmark Fax Solutions" = Solutions de télécopie Lexmark "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft Security Essentials" = Microsoft Security Essentials "Nvu_is1" = Nvu 1.0 "PhotoFiltre" = PhotoFiltre "Picasa 3" = Picasa 3 "PrintPratic" = PrintPratic "Quick Zip_is1" = Quick Zip 4.60.019 "Sécu - Pack 2005 MPSRA" = Sécu - Pack 2005 MPSRA "Sécu - Pack MPSRA 2006" = Sécu - Pack MPSRA 2006 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Web Creator Pro 5" = LMSOFT Web Creator Pro 5 "WildTangent hp Master Uninstall" = My HP Games "WinLiveSuite_Wave3" = Installation Windows Live "XHeader" = XHeader "XHeader Bonus Download" = XHeader Bonus Download ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "ANNUCAPT" = ANNUCAPT "EMA" = EMA "WINLASSIE" = NEWLAS ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 25/03/2010 08:26:31 | Computer Name = PC-de-auchan | Source = EventSystem | ID = 4621 Description = Error - 25/03/2010 11:16:31 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10 Description = Error - 25/03/2010 14:21:25 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10 Description = Error - 26/03/2010 00:13:41 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10 Description = Error - 26/03/2010 00:31:58 | Computer Name = PC-de-auchan | Source = EventSystem | ID = 4621 Description = Error - 26/03/2010 06:08:50 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10 Description = Error - 26/03/2010 06:20:28 | Computer Name = PC-de-auchan | Source = EventSystem | ID = 4621 Description = Error - 26/03/2010 10:36:56 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10 Description = Error - 26/03/2010 14:18:48 | Computer Name = PC-de-auchan | Source = EventSystem | ID = 4621 Description = Error - 26/03/2010 18:05:44 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10 Description = [ OSession Events ] Error - 01/11/2009 05:28:27 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash. Error - 14/01/2010 08:49:05 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash. Error - 25/01/2010 05:46:58 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash. Error - 01/03/2010 10:46:25 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25 seconds with 0 seconds of active time. This session ended with a crash. Error - 20/10/2010 05:22:06 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash. Error - 04/11/2010 05:22:18 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30 seconds with 0 seconds of active time. This session ended with a crash. Error - 17/11/2010 09:51:00 | Computer Name = laroutepourtous | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25321 seconds with 19320 seconds of active time. This session ended with a crash. Error - 30/11/2010 12:39:54 | Computer Name = laroutepourtous | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34 seconds with 0 seconds of active time. This session ended with a crash. Error - 14/12/2010 03:52:27 | Computer Name = laroutepourtous | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash. Error - 15/12/2010 09:44:59 | Computer Name = laroutepourtous | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 03/01/2011 13:18:41 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12 Description = Le périphérique 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0428) a disparu du système sans que sa suppression ait tout d'abord été préparée. Error - 03/01/2011 15:34:01 | Computer Name = laroutepourtous | Source = Print | ID = 6161 Description = Impossible d'imprimer le document http://forum.zebulon.fr/pup-dealio-42-infections-t182034.html&g appartenant à auchan sur l'imprimante Lexmark 3600-4600 Series. Essayez de réimprimer le document ou redémarrez le spouleur d'impression. Type de données : LEMF. Taille du fichier spouleur en octets : 1101158. Nombre d'octets imprimés : 0. Nombre de pages dans le document : 13. Nombre de pages imprimées : 2. Ordinateur client : \\LAROUTEPOURTOUS. Code d'erreur Win32 retourné par le processeur d'impression : 0. Opération réussie. Error - 04/01/2011 03:09:07 | Computer Name = laroutepourtous | Source = Service Control Manager | ID = 7000 Description = Error - 04/01/2011 03:09:07 | Computer Name = laroutepourtous | Source = Service Control Manager | ID = 7009 Description = Error - 04/01/2011 03:09:07 | Computer Name = laroutepourtous | Source = Service Control Manager | ID = 7000 Description = Error - 04/01/2011 03:10:30 | Computer Name = laroutepourtous | Source = Service Control Manager | ID = 7022 Description = Error - 04/01/2011 03:13:24 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12 Description = Le périphérique 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0128) a disparu du système sans que sa suppression ait tout d'abord été préparée. Error - 04/01/2011 03:13:24 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12 Description = Le périphérique 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0228) a disparu du système sans que sa suppression ait tout d'abord été préparée. Error - 04/01/2011 03:13:25 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12 Description = Le périphérique 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0328) a disparu du système sans que sa suppression ait tout d'abord été préparée. Error - 04/01/2011 03:13:25 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12 Description = Le périphérique 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0428) a disparu du système sans que sa suppression ait tout d'abord été préparée. < End of report >

Bonjour Je réponds dans un 1er temps aux questions - C'est lors de l'installation que les mises à jour "merdouillent", voici les différents codes erreurs windows update rencontrées : 80070490 - 80070422 - 800f020b - 800f0826 - 800f0829 - C'est un PC tout ce qu'il y a de légal, le souci est que nous avons acheté celui d'expo dans une grande surface et tout était déjà installé, donc nous n'avons pu graver un CD. C'est dingue que les Cd d'installation ne soient plus fournis. De plus, c'est le PC de mon conjoint qui l'utilise à titre perso mais aussi pro (gestion de site, de plusieurs forum..... donc tout ce qui se trouve dans le PC est hyper important, et reformater semblerait irréalisable. Le fonction "sfc /scannow" dans exécuter ne fonctionne pas, aucune fenêtre ne s'ouvre et le PC ne travaille pas...... - Emodio est dans le panneau de config Ajout et Supp et ce depuis 20/06/2009 ?? nous ne savons pas ce que c'est et c'est la 1ère fois que nous voyons cet icône. Voilà, je m'attèle maintenant aux manipulations A tout à l'heure et encore merci.

Voici le log ESET, il est bien court ! C:\Users\auchan\Documents\fm Mozilla\Install MPD.exe probably a variant of Win32/Spy.Agent.LJHAMTI trojan deleted - quarantined Merci

Voici le log TDSSKiller 2011/01/03 20:36:51.0451 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46 2011/01/03 20:36:51.0452 ================================================================================ 2011/01/03 20:36:51.0452 SystemInfo: 2011/01/03 20:36:51.0452 2011/01/03 20:36:51.0452 OS Version: 6.0.6002 ServicePack: 2.0 2011/01/03 20:36:51.0452 Product type: Workstation 2011/01/03 20:36:51.0452 ComputerName: LAROUTEPOURTOUS 2011/01/03 20:36:51.0453 UserName: auchan 2011/01/03 20:36:51.0453 Windows directory: C:\Windows 2011/01/03 20:36:51.0453 System windows directory: C:\Windows 2011/01/03 20:36:51.0453 Processor architecture: Intel x86 2011/01/03 20:36:51.0453 Number of processors: 2 2011/01/03 20:36:51.0453 Page size: 0x1000 2011/01/03 20:36:51.0453 Boot type: Normal boot 2011/01/03 20:36:51.0454 ================================================================================ 2011/01/03 20:36:52.0015 Initialize success 2011/01/03 20:38:46.0462 ================================================================================ 2011/01/03 20:38:46.0462 Scan started 2011/01/03 20:38:46.0462 Mode: Manual; 2011/01/03 20:38:46.0462 ================================================================================ 2011/01/03 20:38:47.0633 Accelerometer (3b10711ad8656c097e0d16a41b29c54c) C:\Windows\system32\DRIVERS\Accelerometer.sys 2011/01/03 20:38:47.0793 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/01/03 20:38:47.0884 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/01/03 20:38:47.0921 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/01/03 20:38:47.0949 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/01/03 20:38:47.0983 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/01/03 20:38:48.0065 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2011/01/03 20:38:48.0384 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/01/03 20:38:48.0421 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/01/03 20:38:48.0467 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys 2011/01/03 20:38:48.0504 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/01/03 20:38:48.0526 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys 2011/01/03 20:38:48.0564 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/01/03 20:38:48.0615 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/01/03 20:38:48.0707 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/01/03 20:38:48.0775 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/01/03 20:38:48.0839 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/03 20:38:48.0898 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/01/03 20:38:48.0969 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys 2011/01/03 20:38:49.0128 atikmdag (5e80c91ca04c46a9ac6d4f39e1bce636) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/01/03 20:38:49.0277 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys 2011/01/03 20:38:49.0347 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/01/03 20:38:49.0408 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/01/03 20:38:49.0446 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/03 20:38:49.0497 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/01/03 20:38:49.0535 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/01/03 20:38:49.0597 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/01/03 20:38:49.0633 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/01/03 20:38:49.0672 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/01/03 20:38:49.0713 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/01/03 20:38:49.0774 BthEnum (cce53afc28347cc18ea139972e5b5e5a) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/01/03 20:38:49.0842 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/01/03 20:38:49.0902 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/01/03 20:38:49.0944 BTHPORT (ac8a1689d5efc4d214201155a78d8f4b) C:\Windows\system32\Drivers\BTHport.sys 2011/01/03 20:38:50.0039 BTHUSB (288c1f74e3e2eed6c7b54eb3aac70856) C:\Windows\system32\Drivers\BTHUSB.sys 2011/01/03 20:38:50.0171 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/03 20:38:50.0236 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/03 20:38:50.0272 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 2011/01/03 20:38:50.0311 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/01/03 20:38:50.0394 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/03 20:38:50.0429 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys 2011/01/03 20:38:50.0484 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/03 20:38:50.0526 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/01/03 20:38:50.0558 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/01/03 20:38:50.0627 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2011/01/03 20:38:50.0690 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/01/03 20:38:50.0779 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/01/03 20:38:50.0844 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/03 20:38:50.0902 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/01/03 20:38:50.0967 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/01/03 20:38:51.0036 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/01/03 20:38:51.0103 enecir (4cd6b056c5fd9e97c06fe74c81479517) C:\Windows\system32\DRIVERS\enecir.sys 2011/01/03 20:38:51.0142 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/01/03 20:38:51.0229 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/01/03 20:38:51.0323 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/01/03 20:38:51.0364 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/03 20:38:51.0426 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/01/03 20:38:51.0462 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/01/03 20:38:51.0489 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/03 20:38:51.0532 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/01/03 20:38:51.0614 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/03 20:38:51.0649 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/01/03 20:38:51.0734 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 2011/01/03 20:38:51.0798 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/03 20:38:51.0860 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/01/03 20:38:51.0898 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 2011/01/03 20:38:51.0955 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/03 20:38:52.0007 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/01/03 20:38:52.0048 hpdskflt (24f3f496c18efc234777723a67a85f81) C:\Windows\system32\DRIVERS\hpdskflt.sys 2011/01/03 20:38:52.0092 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 2011/01/03 20:38:52.0162 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/01/03 20:38:52.0232 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/01/03 20:38:52.0277 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/03 20:38:52.0312 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/01/03 20:38:52.0350 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/01/03 20:38:52.0393 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys 2011/01/03 20:38:52.0428 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/03 20:38:52.0477 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/03 20:38:52.0547 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/01/03 20:38:52.0592 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/01/03 20:38:52.0622 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/01/03 20:38:52.0658 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/01/03 20:38:52.0706 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/03 20:38:52.0735 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/01/03 20:38:52.0767 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/01/03 20:38:52.0821 JMCR (ed9103e5b70761ebc9809f4bd9673bb2) C:\Windows\system32\DRIVERS\jmcr.sys 2011/01/03 20:38:52.0856 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/03 20:38:52.0890 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/03 20:38:52.0955 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/03 20:38:53.0052 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/03 20:38:53.0107 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/01/03 20:38:53.0143 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/01/03 20:38:53.0198 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/01/03 20:38:53.0227 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/01/03 20:38:53.0366 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/01/03 20:38:53.0419 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/01/03 20:38:53.0464 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/01/03 20:38:53.0502 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/03 20:38:53.0538 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/03 20:38:53.0567 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/03 20:38:53.0590 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/01/03 20:38:53.0656 MpFilter (c98301ad8173a2235a9ab828955c32bb) C:\Windows\system32\DRIVERS\MpFilter.sys 2011/01/03 20:38:53.0690 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/01/03 20:38:53.0715 MpNWMon (aeb186afff5d9cfed823c15d846aac3b) C:\Windows\system32\DRIVERS\MpNWMon.sys 2011/01/03 20:38:53.0748 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/03 20:38:53.0785 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/01/03 20:38:53.0816 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/01/03 20:38:53.0850 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/03 20:38:53.0886 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/03 20:38:53.0912 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/03 20:38:53.0976 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys 2011/01/03 20:38:54.0014 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/01/03 20:38:54.0060 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/01/03 20:38:54.0105 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/01/03 20:38:54.0163 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/03 20:38:54.0227 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/03 20:38:54.0268 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/01/03 20:38:54.0318 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/01/03 20:38:54.0356 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/03 20:38:54.0384 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/01/03 20:38:54.0421 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/01/03 20:38:54.0537 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/03 20:38:54.0618 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/01/03 20:38:54.0711 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/03 20:38:54.0752 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/03 20:38:54.0801 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/03 20:38:54.0830 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/01/03 20:38:54.0858 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/03 20:38:54.0894 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/03 20:38:55.0030 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys 2011/01/03 20:38:55.0125 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/01/03 20:38:55.0178 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/01/03 20:38:55.0228 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/03 20:38:55.0311 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/01/03 20:38:55.0377 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/01/03 20:38:55.0399 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/01/03 20:38:55.0428 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/01/03 20:38:55.0455 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/01/03 20:38:55.0489 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/01/03 20:38:55.0617 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/03 20:38:55.0681 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/01/03 20:38:55.0742 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/01/03 20:38:55.0807 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/01/03 20:38:55.0858 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/01/03 20:38:55.0917 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 2011/01/03 20:38:55.0979 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/01/03 20:38:56.0047 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/01/03 20:38:56.0210 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/03 20:38:56.0240 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys 2011/01/03 20:38:56.0299 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/03 20:38:56.0397 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/01/03 20:38:56.0470 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/01/03 20:38:56.0511 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/03 20:38:56.0536 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/03 20:38:56.0576 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/03 20:38:56.0618 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/03 20:38:56.0652 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/03 20:38:56.0694 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/03 20:38:56.0720 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/03 20:38:56.0770 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/01/03 20:38:56.0796 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/03 20:38:56.0845 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/01/03 20:38:56.0918 RFCOMM (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/01/03 20:38:57.0009 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/03 20:38:57.0073 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys 2011/01/03 20:38:57.0117 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/01/03 20:38:57.0175 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys 2011/01/03 20:38:57.0220 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/01/03 20:38:57.0293 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/01/03 20:38:57.0336 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/01/03 20:38:57.0371 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/01/03 20:38:57.0431 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/01/03 20:38:57.0462 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/01/03 20:38:57.0495 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/01/03 20:38:57.0541 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/01/03 20:38:57.0600 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/01/03 20:38:57.0634 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/01/03 20:38:57.0664 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/01/03 20:38:57.0731 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/01/03 20:38:57.0780 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/01/03 20:38:57.0875 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys 2011/01/03 20:38:57.0905 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/03 20:38:57.0943 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/03 20:38:58.0020 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys 2011/01/03 20:38:58.0095 STHDA (87a094ca41bc86ce430df0ed0c846dc8) C:\Windows\system32\DRIVERS\stwrt.sys 2011/01/03 20:38:58.0144 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/03 20:38:58.0202 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/01/03 20:38:58.0245 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/01/03 20:38:58.0268 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/01/03 20:38:58.0323 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys 2011/01/03 20:38:58.0461 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/01/03 20:38:58.0518 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/03 20:38:58.0599 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/03 20:38:58.0645 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/01/03 20:38:58.0685 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/01/03 20:38:58.0742 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/03 20:38:58.0786 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/03 20:38:58.0866 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/03 20:38:58.0935 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/01/03 20:38:58.0991 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/03 20:38:59.0055 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/01/03 20:38:59.0115 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/03 20:38:59.0179 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/01/03 20:38:59.0227 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/01/03 20:38:59.0253 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/01/03 20:38:59.0281 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/01/03 20:38:59.0320 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/03 20:38:59.0387 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/03 20:38:59.0426 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/01/03 20:38:59.0464 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/03 20:38:59.0511 usbfilter (edca5124b54bcf04e5c0538aa397a9c1) C:\Windows\system32\DRIVERS\usbfilter.sys 2011/01/03 20:38:59.0544 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/03 20:38:59.0575 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 2011/01/03 20:38:59.0616 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 2011/01/03 20:38:59.0657 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/01/03 20:38:59.0700 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/03 20:38:59.0741 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/03 20:38:59.0790 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/01/03 20:38:59.0844 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/03 20:38:59.0882 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/01/03 20:38:59.0922 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/01/03 20:38:59.0951 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/01/03 20:38:59.0990 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys 2011/01/03 20:39:00.0019 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/01/03 20:39:00.0055 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/01/03 20:39:00.0109 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/01/03 20:39:00.0142 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/01/03 20:39:00.0200 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/01/03 20:39:00.0236 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/03 20:39:00.0262 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/03 20:39:00.0323 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/01/03 20:39:00.0369 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/03 20:39:00.0588 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/01/03 20:39:00.0719 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/01/03 20:39:00.0771 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/03 20:39:00.0856 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/01/03 20:39:00.0932 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys 2011/01/03 20:39:01.0049 {55662437-DA8C-40c0-AADA-2C816A897A49} (bdfde977f5e88a539187aef24ded7c40) C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl 2011/01/03 20:39:01.0135 ================================================================================ 2011/01/03 20:39:01.0135 Scan finished 2011/01/03 20:39:01.0135 ================================================================================

Bonsoir Je réponds aux questions avant de faire les manipulations : - Les mises à jour sont en automatiques a une heure définie, mais même en voulant les effectuer en mode manuel, elles ne se font pas - non pas de cd d'installation, le PC était déjà équipé lors de l'achat et pas de partition non plus Une précision depuis les verifs de tout à l'heure, une icone "emodio" apparait dans la barre de tache en bas A tout à l'heure pour les 2 logs Merci

!et voici le 3ème log, je précise que Norton est désinstallé depuis le début du PC (bizarre on le voit encore ?) MSE impossible à désinstaller, java 6 update 7 impossible à désinstaller ; j'ai essayé plusieurs fois au cours des mois précédents par le panneau de config et désinstalle/supprime mais rien à faire. De plus toutes les MAJ microsoft semblent ne plus s'installer................. Y aurait-il un plus gros souci ?? Merci Results of screen317's Security Check version 0.99.8 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Norton Internet Security Microsoft Security Essentials WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 23 Java 6 Update 7 Java 2 Runtime Environment, SE v1.4.2_18 Out of date Java installed! Adobe Flash Player Adobe Reader 9.4.1 - Français Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSMpEng.exe Microsoft Security Essentials msseces.exe ``````````End of Log````````````

Voici le log Combofix et je me lance dans le dernier, à tout de suite. Merci ComboFix 11-01-02.04 - auchan 03/01/2011 17:16:52.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3069.1855 [GMT 1:00] Lancé depuis: c:\users\auchan\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66} SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Install.exe C:\NORTON~1.EXE c:\program files\pdfforge Toolbar\WiDGitoolbarie.dll c:\program files\Search Settings c:\program files\Search Settings\kb128\SearchSettingsRes409.dll c:\program files\Search Settings\SearchSettings.exe c:\windows\system32\muzapp.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-03 au 2011-01-03 )))))))))))))))))))))))))))))))))))) . 2011-01-03 16:23 . 2011-01-03 16:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-02 17:27 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49B9447F-2BE4-40A3-B84E-E2D024DCED33}\mpengine.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-20 17:09 . 2010-09-18 07:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-20 17:08 . 2010-09-18 07:24 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-12 17:53 . 2010-04-25 16:38 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-10 04:33 . 2010-07-28 18:36 6273872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2010-10-19 20:51 . 2009-10-03 06:02 222080 ------w- c:\windows\system32\MpSigStub.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512] "DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200] "CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-25 189736] "UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-09-26 210216] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752] "SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2008-09-17 484880] "TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-04-22 206120] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MBCameraMonitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MBCameraMonitor.lnk backup=c:\windows\pss\MBCameraMonitor.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^auchan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lanceur.lnk] path=c:\users\auchan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk backup=c:\windows\pss\Lanceur.lnk.Startup backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^auchan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk] path=c:\users\auchan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer] 2008-06-13 16:00 320168 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2009-08-20 11:25 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdxamon] 2008-06-13 16:04 16040 ----a-w- c:\program files\Lexmark 3600-4600 Series\lxdxamon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdxmon.exe] 2008-06-13 16:04 668328 ----a-w- c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent] 2008-09-25 17:41 1152296 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1ca5e5d5eab3290;Service Google Update (gupdate1ca5e5d5eab3290);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-05 133104] R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe [2008-02-28 98984] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-07-21 100184] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [2008-09-26 77824] S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456] S2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe [2008-02-28 594600] S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952] S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-04-22 296320] S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-04-22 116104] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-24 52736] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 11:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' 2011-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-05 21:17] 2011-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-05 21:17] 2010-12-07 c:\windows\Tasks\HPCeeScheduleForauchan.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-11-17 10:34] 2011-01-03 c:\windows\Tasks\User_Feed_Synchronization-{0D088B3C-1A96-4B45-B34B-4CAA2112D607}.job - c:\windows\system32\msfeedssync.exe [2010-10-13 04:25] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://imp.free.fr/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-SmartMenu - %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe HKLM-Run-SysTrayApp - %ProgramFiles%\IDT\WDM\sttray.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe AddRemove-Adobe Flash Player 10 ActiveX - c:\windows\system32\Macromed\Flash\uninstall_activeX.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-01-03 17:24 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl" . Heure de fin: 2011-01-03 17:25:43 ComboFix-quarantined-files.txt 2011-01-03 16:25 Avant-CF: 201 813 266 432 octets libres Après-CF: 201 756 876 800 octets libres - - End Of File - - 07C2FF8DD33E3E93EC8D6A41F044C1D7

Coucou_Yien Je veux bien faire la suite mais..... voici un copié/collé de mon post précédent Ensuite, avant de faire Combofix (qui me fait peur), je ne peux désactiver MSE car j'essaye de le désinstaller (pour mettre antivir) depuis plusieurs semaines et c'est impossible, j'ai essayé de le désactiver mais je ne trouve pas la fonction ?! Comment faire : faire combofix tout de même avec antivirus activer ? ou y a t-il un "truc" pour le désactiver ? que dois-je faire ? Merci

Bonjour Lance_Yen et merci de ta réponse Voici déjà le log MBAM, en rapide il n'a trouvé que 16 pup dealio à la place des 42. Ensuite, avant de faire Combofix (qui me fait peur), je ne peux désactiver MSE car j'essaye de le désinstaller (pour mettre antivir) depuis plusieurs semaines et c'est impossible, j'ai essayé de le désactiver mais je ne trouve pas la fonction ?! Comment faire : faire combofix tout de même avec antivirus activer ? ou y a t-il un "truc" pour le désactiver ? Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5447 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18975 03/01/2011 10:46:13 mbam-log-2011-01-03 (10-46-13).txt Type d'examen: Examen rapide Elément(s) analysé(s): 139051 Temps écoulé: 4 minute(s), 29 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 9 Valeur(s) du Registre infectée(s): 6 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SearchSettings.BHO.1 (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SearchSettings.BHO (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\PDFFORGE TOOLBAR\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\KB128\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\PDFFORGE TOOLBAR\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\program files\pdfforge toolbar\searchsettings.exe (PUP.Dealio) -> Quarantined and deleted successfully. c:\program files\pdfforge toolbar\searchsettings.dll (PUP.Dealio) -> Quarantined and deleted successfully. c:\program files\search settings\kb128\searchsettings.dll (PUP.Dealio) -> Quarantined and deleted successfully. Merci de ton aide

Bonjour et meilleurs voeux à toutes et tous Je suis sur le Pc de mon conjoint et suite à un scanne MBAM, ce dernier a trouvé 42 Pup Dealio, j'ai donc effectué la suppression de la sélection, mais je suis surprise de ne pas voir ces bêbêtes dans la quarantaine !? Est-ce normal ? devons-nous faire une autre vérification pour être surs ? Le PC est un portable HP sous Vista - utilisation principale IE - MSE est l'antivirus. Voici le log MBAM Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5443 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18975 02/01/2011 18:47:45 mbam-log-2011-01-02 (18-47-45).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 391918 Temps écoulé: 1 heure(s), 52 minute(s), 19 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 9 Valeur(s) du Registre infectée(s): 7 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 29 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal. HKEY_CLASSES_ROOT\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} (PUP.Dealio) -> Not selected for removal. HKEY_CLASSES_ROOT\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} (PUP.Dealio) -> Not selected for removal. HKEY_CLASSES_ROOT\SearchSettings.BHO.1 (PUP.Dealio) -> Not selected for removal. HKEY_CLASSES_ROOT\SearchSettings.BHO (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Not selected for removal. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\PDFFORGE TOOLBAR\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\KB128\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\PDFFORGE TOOLBAR\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): c:\program files\dealio toolbar (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res (PUP.Dealio) -> Not selected for removal. Fichier(s) infecté(s): c:\program files\pdfforge toolbar\searchsettings.exe (PUP.Dealio) -> Not selected for removal. c:\program files\pdfforge toolbar\searchsettings.dll (PUP.Dealio) -> Not selected for removal. c:\program files\search settings\kb128\searchsettings.dll (PUP.Dealio) -> Not selected for removal. c:\program files\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\searchsettingskit.exe (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\config.ini (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\apple.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\barnes.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\bestbuy.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\dealio_logo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\icon_settings.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\macys.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\newegg.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\overstock.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-button-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-button.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-chevron.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_dealio.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_yahoo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\separator.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\target.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\walmart.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\widgets.xml (PUP.Dealio) -> Not selected for removal. Merci de votre aide

Bonjour comme promis je viens vous informez de la suite..... Tout semble être rentré dans l'ordre, vitesse au démarrage normale.... + plus d'erreurs à la fermeture + les 2 mises à jour n'apparaissent plus. Un grand merci pour votre aide Je mets donc "résolu" sur mon 1er post" Sylwya

Bonsoir j'ai donc désormais framework 1.1 - 2.0 - 3.0 - 3.5 - 4 Après désactivation des extensions et réinstallation Firefox semble fonctionner normalement, ai rebooté plusieurs sans erreur, je vais surveiller sur les prochains jours et vous tiendrez informé Merci

Bonjour Leminou Pour les Framework, il n'existe pas un moyen de "réparer", car j'ai vérifié et je n'ai pas la version 1.0, cela commence à 2.0 ?? Pour Avira, je n'ai pas mis la mise à jour en Auto, je préfère le faire manuellement car cela ralenti énormément le PC à l'ouverture, je fais la mise à jour quotidiennement à un moment où je n'utilise pas le PC, peut être que l'erreur avira se situe là ! Pour Firefox, je n'ai pas installé tous les modules car beaucoup ne m'intéressent pas, peut-être ai-je raté un module important, je vais tester sans module et voir....... je reviens vers vous Merci de votre aide

Donc voilà.... Installation Framework 4.0 effectué, je n'ai plus de mises à jour à la fermeture Mais j'ai toujours des erreurs, j'ai éteins 3 fois le PC, et j'ai eu 2 fois erreur sur Firefox et 1 fois sur Avira Mon bureau semble ne plus changer de couleur de contour et mes raccourcis ne bougent plus de place. Dois-je vérifier autre chose ?? ou est-ce les framework antérieurs qui doivent-être désinstallés ?? Merci de votre aide