lmanson

Bonjour mon sauveur. Lors de mon dernier souci avec mon PC, vous avez su m'aider brillamment. Je reviens donc vers vous cette fois ci pour un bon netoyage. Mon ordi est lent, plante parfois (l'écran se fige), il met longtemps à s'allumer etc etc j'ai essayé d'utiliser Malware Bytes Anti-Malware, mais il plante systématiquement au milieu de l'analyse. Mon pauvre antivirus (Avast Free) ne doit pas suffit. HELP. Merci d'avance

Bonjour, Depuis peu, alors que je n'ai fait aucune modifs sur mon PC HP (Vista), sur Firefox, certaines pages internet comme fACEBOOK ou Allociné ne se charge pas. je rentre l'adresse, je fais 'entrer", je viens bien que la page charge (les petits points qui tournent en rond, signe de chargement de page) mais au final les éléments de la page n'apparaissent jamais, et la page reste blanche. L'intitulé de la fenêtre (ex: Bienvenue sur Facebook) apparait bien quand à elle. Ce problème n'a lieu que sur certain sites J'ai essayé la meme manip sur Opera, C'est le même problème, sauf que, PARFOIS, au final (au bout de très longtemps) la page fini par se charger, et les éléments apparaissent (mais vraiment très lentement, au début juste les éléments de texte. et encore aprfois l'intégralité de la page ne se charge pas, les éléments de texte apparaissent juste les un en dessous des autre, déformant ainsi toute la page. Que faire? j'ai essayé de supprimer les fichier temporaire, cookies etc... cela ne change rien Merci par avance pour votre aide.

Citation AAAH, et je viens de découvrir que depuis que j'ai fait vos manip, quand j'utilise internet explorer pour par exemple mes mail, ca me dit systématiquement: la connexion que vous allez utiliser n'est pas sécurisée, d'autres utilisateurs du web pourront désormais accéder aux informations que vous envoyez!! Vois dans les options Internet => onglet "Sécurité" et cliquer sur "Rétablir toutes les zones au niveau par défaut". En tout cas je te conseille d'utiliser Firefox (ou Opera) pour ta navigation normale et réserver IE juste pour les mises à jour et/ ou les cas bien spécifiques J'ai fait cette manip, et cela me dis toujours la meme chose....

Oula, nous sommes dans plusieurs étapes différentes en même temps. j'ai bien réussi a installé Java. J'en suis a modifié les parametre du compte utilisateur. je l'ai tout d'abord réactivé, car je l'avait désactivé. Seulement, quand je clic sur compte utilisateur, il n'y a pas "Modifier les paramètres de contrôle de compte utilisateur." j'ai seulement cette image Ou dois-je aller pour régler le curseur? D'autre part, pour la fenetre de la page internet qui s'ouvre toute seule, voici une capture d'écran. c'est étrange car cette fenetre apparait en meme temps que msn messenger, et dans la barre des tache, à le logo d'msn, mais le titre de la fenetre est bien "internet explorer". voici la cap j'attends votre avis pour lancer Hijack, et je voudrais avant de le faire régler le problème du compte utilisateur.

Si Si j'y vais bien via Internet Explorer, et je n'ai pas les nombres. est-ce le premier lien (19mb) ou bien le 2ème (15,3mb)? AAAH, et je viens de découvrir que depuis que j'ai fait vos manip, quand j'utilise internet explorer pour par exemple mes mail, ca me dit systématiquement: la connexion que vous allez utiliser n'est pas sécurisée, d'autres utilisateurs du web pourront désormais accéder aux informations que vous envoyez!! ca c'est embetant... De plus, ce qui n'a pas changé depuis que j'ai fait toutes les analyses, au démarage du pc, une petite fenêtre d'internet explorer s'ouvre toujours en me disant (à peu près): la page web qui tente de s'ouvrir contient un risque pour votre ordinateur, voulez vous continuer? (alors que je n'ai rien ouvert)

concernant la mist à jour de Java, comment savoir si je suis en 32bit ou 64bit (il me semble 32 mais je suis pas sur) De plus dans le lien que vous me donnez, pour la version 32 ou 64, les chiffre 32 et 64 n'apparaissent comme dans votre capture d'écran. moi j'ai juste: Windows 7/XP/Vista/2000/2003/2008 En ligne taille du fichier : ~ 10 MB * ou bien Windows 7/XP/Vista/2000/2003/2008 Hors ligne taille du fichier : 15.3 MB Laquelle choisir?

OTL logfile created on: 28/12/2010 15:10:03 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\thias\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 286,10 Gb Total Space | 73,14 Gb Free Space | 25,56% Space Free | Partition Type: NTFS Drive D: | 11,99 Gb Total Space | 2,12 Gb Free Space | 17,69% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 230,81 Gb Free Space | 49,56% Space Free | Partition Type: NTFS Drive G: | 465,64 Gb Total Space | 10,35 Gb Free Space | 2,22% Space Free | Partition Type: FAT32 Computer Name: PC-DE-THIAS | User Name: thias | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/12/28 14:31:15 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\thias\Desktop\OTL.exe PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/05/06 21:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/03/17 17:23:43 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009/04/11 07:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2007/09/15 09:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe PRC - [2007/09/05 12:09:54 | 001,620,520 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe PRC - [2007/09/05 12:09:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2007/07/25 07:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2007/02/06 16:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe ========== Modules (SafeList) ========== MOD - [2010/12/28 14:31:15 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\thias\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2007/09/05 12:09:22 | 000,208,896 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtMmHook.dll MOD - [2007/09/05 12:03:06 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll MOD - [2007/02/06 16:45:14 | 000,092,960 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll ========== Win32 Services (SafeList) ========== SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/11/19 18:23:16 | 000,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08) SRV - [2008/10/09 21:02:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/03/25 20:27:36 | 000,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc) SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/07/25 07:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel® SRV - [2007/03/05 09:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) SRV - [2007/02/06 16:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2007/02/06 16:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe -- (LVPrcSrv) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive) DRV - [2010/05/06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/05/06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/05/06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/05/06 21:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/05/06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/10/03 05:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2008/11/19 08:41:08 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudioDevice_383.sys -- (WsAudioDevice_383) DRV - [2007/09/30 18:34:02 | 000,039,408 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\HP\QuickPlay\000.fcl -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) DRV - [2007/09/18 14:12:28 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2007/09/18 14:12:28 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2007/09/18 14:12:28 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007/09/18 00:17:36 | 000,098,816 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007/09/15 09:50:56 | 000,191,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007/08/22 19:44:18 | 001,950,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/07/13 05:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2007/07/11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007/06/28 16:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel® DRV - [2007/06/18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007/03/21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/02/24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/02/06 16:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2007/02/06 16:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv) DRV - [2007/02/06 16:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap) DRV - [2007/02/03 09:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007/02/03 09:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl) DRV - [2007/01/23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007/01/17 14:38:52 | 000,983,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2006/11/02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2006/11/02 08:41:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2006/11/02 08:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/10/19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A 35 24 78 28 AB CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Live Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - prefs.js..extensions.enabledItems: [email protected]:1.12.0.36605 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: unplug@compunach:2.028 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/24 20:18:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/24 20:18:00 | 000,000,000 | ---D | M] [2009/05/21 15:06:37 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Extensions [2009/05/21 15:06:37 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Extensions\[email protected] [2010/12/28 13:40:23 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions [2010/04/28 09:56:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/08/01 12:40:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010/06/04 00:56:42 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\[email protected] [2010/06/04 00:56:42 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\[email protected] [2010/08/05 18:06:19 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\unplug@compunach [2010/12/28 13:40:23 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/07/17 11:08:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/08 12:36:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/07 23:32:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/10/22 08:45:28 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/10/22 08:45:28 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/10/22 08:45:28 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2008/12/18 11:55:22 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2010/10/22 08:45:28 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/10/22 08:45:28 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2010/12/28 14:54:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found. O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Programmes\Alwil Software\Avast5\AvastUI.exe File not found O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [uCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated) O4 - Startup: C:\Users\thias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\thias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\thias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] http in Trusted sites) O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites) O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\thias\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\thias\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/11/27 03:42:33 | 000,000,074 | ---- | M] () - C:\autoexec.000 -- [ NTFS ] O32 - AutoRun File - [2009/10/06 15:19:06 | 000,000,118 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O32 - AutoRun File - [2002/10/17 09:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2006/02/09 14:59:36 | 000,000,000 | RH-D | M] - G:\autorun -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel® Corporation) Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel® Corporation) Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2010/12/28 15:04:21 | 000,000,000 | ---D | C] -- C:\Users\thias\AppData\Local\temp [2010/12/28 14:55:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010/12/28 14:34:04 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010/12/28 14:34:04 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010/12/28 14:34:04 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010/12/28 14:33:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010/12/28 14:33:55 | 000,000,000 | ---D | C] -- C:\ComboFix [2010/12/28 14:33:10 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/12/28 14:32:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010/12/28 14:31:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\thias\Desktop\OTL.exe [2010/12/28 12:51:50 | 000,000,000 | ---D | C] -- C:\Users\thias\Documents\Mes enregistrements de webcam [2010/12/28 12:50:39 | 000,000,000 | ---D | C] -- C:\Users\thias\Documents\Dossier Bluetooth Exchange [2010/12/27 18:46:27 | 000,000,000 | ---D | C] -- C:\Users\thias\AppData\Roaming\Malwarebytes [2010/12/27 18:46:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/27 18:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/12/27 18:46:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/27 18:46:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/12/25 15:38:54 | 000,000,000 | ---D | C] -- C:\Users\thias\AppData\Roaming\PCFix [2010/12/24 20:22:17 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/12/24 20:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/12/24 20:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/12/24 20:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\MessengerDiscovery 2 [2010/12/15 16:15:11 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010/12/15 16:15:10 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010/12/15 16:15:10 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010/12/15 16:15:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/12/15 16:14:56 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/12/15 16:14:55 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/12/15 16:14:55 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/12/15 16:14:55 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/12/15 16:14:55 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/12/15 16:14:55 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/12/15 16:14:55 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/12/15 16:14:55 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/12/15 16:14:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/12/15 16:14:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/12/15 16:14:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/12/15 16:14:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/12/15 16:14:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/12/15 16:14:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/12/15 16:14:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/12/15 16:14:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/12/15 16:14:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/12/15 16:10:23 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/12/15 16:09:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010/12/15 16:09:47 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/12/15 16:09:47 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/12/15 16:09:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/12/14 14:32:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010/11/29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx [2010/11/29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Users\thias\Documents\*.tmp files -> C:\Users\thias\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/12/28 15:10:27 | 000,681,798 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/12/28 15:10:27 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/12/28 15:10:27 | 000,127,504 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/12/28 15:10:27 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/12/28 14:55:46 | 000,418,432 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010/12/28 14:54:58 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/12/28 14:54:42 | 000,418,432 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010/12/28 14:54:18 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/12/28 14:54:18 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/12/28 14:54:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/28 14:52:59 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/12/28 14:31:34 | 000,015,796 | ---- | M] () -- C:\Users\thias\Desktop\Bonjour.docx [2010/12/28 14:31:34 | 000,000,162 | -H-- | M] () -- C:\Users\thias\Desktop\~$onjour.docx [2010/12/28 14:31:15 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\thias\Desktop\OTL.exe [2010/12/28 14:30:49 | 003,998,686 | R--- | M] () -- C:\Users\thias\Desktop\ComboFix.exe [2010/12/28 14:28:37 | 000,083,968 | ---- | M] () -- C:\Users\thias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/28 14:02:56 | 000,013,220 | ---- | M] () -- C:\Users\thias\Documents\Belkin.jpg [2010/12/28 13:06:17 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{92F34DC7-E7DF-4FAF-A4EF-402552E1D649}.job [2010/12/27 18:52:44 | 000,000,162 | -H-- | M] () -- C:\Users\thias\Desktop\~$ès Important.docx [2010/12/27 13:32:44 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.INI [2010/12/26 18:02:18 | 336,898,655 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/12/24 23:00:43 | 000,001,664 | ---- | M] () -- C:\Users\thias\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk [2010/12/22 19:45:26 | 1694,853,838 | ---- | M] () -- C:\Users\thias\Documents\Les insurgés.mp4 [2010/12/22 14:50:20 | 000,000,100 | ---- | M] () -- C:\Users\thias\AppData\Roaming\Movies2iPhone.ini [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/17 01:20:18 | 000,403,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/07 16:24:11 | 000,013,277 | ---- | M] () -- C:\Users\thias\Documents\compte.xlsx [2010/12/02 00:12:38 | 000,136,604 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat [2010/11/29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx [2010/11/29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts [2010/11/29 17:00:40 | 000,025,473 | ---- | M] () -- C:\Users\thias\Documents\fb.jpg [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Users\thias\Documents\*.tmp files -> C:\Users\thias\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/12/28 14:34:04 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010/12/28 14:34:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010/12/28 14:34:04 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2010/12/28 14:34:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010/12/28 14:34:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010/12/28 14:31:34 | 000,000,162 | -H-- | C] () -- C:\Users\thias\Desktop\~$onjour.docx [2010/12/28 14:31:33 | 000,015,796 | ---- | C] () -- C:\Users\thias\Desktop\Bonjour.docx [2010/12/28 14:30:41 | 003,998,686 | R--- | C] () -- C:\Users\thias\Desktop\ComboFix.exe [2010/12/28 14:02:56 | 000,013,220 | ---- | C] () -- C:\Users\thias\Documents\Belkin.jpg [2010/12/27 18:52:44 | 000,000,162 | -H-- | C] () -- C:\Users\thias\Desktop\~$ès Important.docx [2010/12/26 18:02:18 | 336,898,655 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/12/24 23:00:43 | 000,001,664 | ---- | C] () -- C:\Users\thias\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk [2010/12/22 14:02:18 | 1694,853,838 | ---- | C] () -- C:\Users\thias\Documents\Les insurgés.mp4 [2010/12/07 23:27:14 | 000,000,100 | ---- | C] () -- C:\Users\thias\AppData\Roaming\Movies2iPhone.ini [2010/12/02 00:12:38 | 000,136,604 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010/11/29 17:00:40 | 000,025,473 | ---- | C] () -- C:\Users\thias\Documents\fb.jpg [2010/04/15 15:35:58 | 000,000,604 | ---- | C] () -- C:\Windows\Sof2.INI [2009/12/05 20:53:18 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL [2009/12/05 20:53:15 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2009/12/04 16:01:46 | 000,418,432 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009/12/04 16:01:44 | 000,418,432 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009/11/16 23:04:43 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll [2009/11/09 19:16:55 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2009/11/01 22:45:36 | 000,000,098 | ---- | C] () -- C:\Users\thias\AppData\Roaming\wklnhst.dat [2009/10/20 19:15:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/01/20 20:38:33 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI [2008/11/04 09:58:53 | 000,000,600 | ---- | C] () -- C:\Users\thias\AppData\Roaming\winscp.rnd [2008/10/28 10:43:37 | 000,000,680 | ---- | C] () -- C:\Users\thias\AppData\Local\d3d9caps.dat [2008/10/24 12:34:34 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2008/10/04 00:15:47 | 000,000,000 | ---- | C] () -- C:\Users\thias\AppData\Local\FnF4.txt [2008/09/23 21:35:52 | 000,003,148 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2008/07/24 22:05:16 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI [2008/07/20 00:48:56 | 000,000,970 | ---- | C] () -- C:\Windows\cdplayer.ini [2008/06/29 17:07:44 | 000,000,536 | ---- | C] () -- C:\Windows\_delis32.ini [2008/06/29 10:59:22 | 000,129,667 | ---- | C] () -- C:\Users\thias\AppData\Roaming\nvModes.001 [2008/06/29 06:23:14 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008/06/29 06:23:12 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/06/29 06:23:12 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008/06/29 06:23:12 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2008/06/29 06:23:11 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2008/06/29 06:12:29 | 000,129,667 | ---- | C] () -- C:\Users\thias\AppData\Roaming\nvModes.dat [2008/06/26 21:08:50 | 000,083,968 | ---- | C] () -- C:\Users\thias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/06/26 19:59:28 | 000,000,000 | ---- | C] () -- C:\Users\thias\AppData\Local\QSwitch.txt [2008/06/26 19:59:28 | 000,000,000 | ---- | C] () -- C:\Users\thias\AppData\Local\DSwitch.txt [2008/06/26 19:59:28 | 000,000,000 | ---- | C] () -- C:\Users\thias\AppData\Local\AtStart.txt [2008/05/19 23:29:10 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007/09/05 11:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2007/02/06 16:45:04 | 000,025,632 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2007/02/06 16:42:40 | 001,691,808 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys [2007/02/03 07:59:04 | 000,050,127 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/09 23:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2004/11/02 21:25:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\System32\indounin.dll [1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2007/11/27 03:42:33 | 000,000,074 | ---- | M] () -- C:\autoexec.000 [2009/10/06 15:19:06 | 000,000,118 | ---- | M] () -- C:\autoexec.bat [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2010/12/28 15:04:19 | 000,020,635 | ---- | M] () -- C:\ComboFix.txt [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2008/10/21 16:39:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007/11/27 03:18:29 | 000,000,360 | -H-- | M] () -- C:\IPH.PH [2008/06/29 17:18:02 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log [2008/12/10 18:03:10 | 000,004,547 | ---- | M] () -- C:\MDL 2.0 Debug.txt [2008/10/21 16:39:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/06/29 17:27:12 | 000,530,616 | ---- | M] () -- C:\MSIInstall.log [2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp [2010/12/28 14:53:57 | 3533,172,736 | -HS- | M] () -- C:\pagefile.sys [2008/09/21 12:25:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2008/09/21 12:25:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2010/12/27 19:03:50 | 000,062,982 | ---- | M] () -- C:\TDSSKiller.2.4.12.0_27.12.2010_19.01.48_log.txt [2008/10/19 19:45:42 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll [4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys < End of report > OTL Extras logfile created on: 28/12/2010 15:10:03 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\thias\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 286,10 Gb Total Space | 73,14 Gb Free Space | 25,56% Space Free | Partition Type: NTFS Drive D: | 11,99 Gb Total Space | 2,12 Gb Free Space | 17,69% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 230,81 Gb Free Space | 49,56% Space Free | Partition Type: NTFS Drive G: | 465,64 Gb Total Space | 10,35 Gb Free Space | 2,22% Space Free | Partition Type: FAT32 Computer Name: PC-DE-THIAS | User Name: thias | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01727C03-0FFD-432B-AE02-902C928053B4}" = lport=10243 | protocol=6 | dir=in | app=system | "{086458A8-6565-4394-A78A-CECE994F00CC}" = rport=137 | protocol=17 | dir=out | app=system | "{13C1415C-5B70-43AB-8B3E-5A5D72C81E93}" = lport=2869 | protocol=6 | dir=in | app=system | "{17D5D38E-14C8-4929-9046-991A70ADCA2C}" = rport=10243 | protocol=6 | dir=out | app=system | "{1A2E79D1-5F2E-44BE-BDD3-01FF2338C42A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{2F4E00B9-4C0D-4BF2-9D5A-61E2CBBDB5BB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{358DF8E0-153D-445C-87D7-8E16E7AC63A4}" = lport=445 | protocol=6 | dir=in | app=system | "{3693C6C5-21BA-4B2A-9E33-2A58C814A5D6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{422EC452-1BC9-4F26-88E1-EFD679801282}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4FF406FF-18EF-4991-A091-265E9F850196}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{5A616220-837E-4098-A3EB-DDE246D57001}" = rport=138 | protocol=17 | dir=out | app=system | "{652E3D9F-A74D-4752-931B-E677E3568657}" = rport=445 | protocol=6 | dir=out | app=system | "{7FCA4E27-BF90-4CC3-88BB-A988891904F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{94335595-7A69-420F-8BA5-C0EE62804E15}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{967DF2E5-AACE-420B-AFC5-2F52AE96A9E7}" = lport=139 | protocol=6 | dir=in | app=system | "{C641458D-F799-4F34-B0C9-0E6911846594}" = lport=137 | protocol=17 | dir=in | app=system | "{CA85758D-FBFB-44B4-9BB9-EFBB79FD60BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DCAAAD4C-A2C9-4D18-97E9-DA5C80C00649}" = lport=138 | protocol=17 | dir=in | app=system | "{E524CA89-0AA6-426F-9606-72DD657158DB}" = lport=2869 | protocol=6 | dir=in | app=system | "{E76457EA-9185-4878-86DD-622B0AA984A1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FA21DEFF-CF10-48B5-BE4C-A448136D6ADA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{FE13D414-A361-44E1-B285-15C9E263FC69}" = rport=139 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03DADA03-1C55-4FA7-A398-9522757EB65C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{0417A6A6-F70F-4D44-B1B2-7AEEEBFC40E1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{060D820E-6A05-4455-867C-C0B5E0013342}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{0618C7F8-E880-4328-8999-1B9C69759C16}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | "{07A3C71A-7019-400D-B28C-023DBCF01D5C}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{0F9B4A5C-8F04-460C-A5D4-AA85291CA2C7}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{1046EB69-B373-468D-A1B8-3B71F6C4FCA4}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{12BA57E6-D49D-4706-A9F4-424EB9D8EC06}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{14ED1C49-4D39-4BE9-A7FE-9735EC781C75}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{14FF9B8E-F414-4934-9BF6-E59858A0A10F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{17AA7EFE-F60E-44C5-BC5B-432299E14D55}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{193DAF2B-E008-4B37-9039-EA1C687DD5E5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{19CF97CF-1700-43E1-ACE0-1F0156F0A54B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{19F71F54-C7D6-4D6E-955B-E211C45F6CA0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{1CCFEACA-64D0-46B0-9727-EDBAC846F3B3}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{1E0C0424-8876-4C81-BEE3-B8C2159DA1A3}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{1FD82B81-19E3-4A78-B0AF-2B50BC3C4C57}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{20F6A139-B2BC-456F-93C7-EB1F9BD0A0C0}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{2180754A-8340-4C05-98B1-AB7018D4016A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2332238C-4975-43F4-B657-B995871979E1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2359BD3C-AE01-4698-BA1D-20754B25DF8B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{23CA00E9-1D13-4F99-8108-721AA34A4B9D}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{2A757894-B878-471B-AA8E-F1D7C722AA5B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{2E7851F6-135A-4CE6-9284-C4857352CC74}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2EBE69A7-E72B-4705-A64A-6204EE99DFA1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{329E36AD-B665-4719-A959-B31D9CB24952}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3804EF51-AF0F-4A00-99FF-05D7CCBBE21B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{3AB39A56-C6B4-461F-8741-615E76AC3837}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{4033EA1F-7FE4-401F-9B46-2135414FC723}" = protocol=6 | dir=out | app=system | "{4069C321-9342-4166-92B4-51DF9A7EA10F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{40AC49DE-93E8-4137-85E6-415F36CEE17B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{42EDD9A2-A59F-4AC2-9522-AD3E10567B63}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{49D1B5FB-6272-4BDD-B112-5DCC982C2301}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{4A57F09A-407D-4A01-ADB6-07D4DB8CA66C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{4B949449-BBC7-4A70-B89E-D7807D85B7BE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4C0C6133-4B16-4247-8130-7B2D8F974F23}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{51063319-AA6C-4651-AAAF-CE16BBC90FB4}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5272FC5E-9924-4FD2-8382-EB8286850AEE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{53423797-5825-49D4-AEE0-3B08649CFD9B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{53E352C5-2A66-4BD8-8A15-93B921B09A3D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{58DA72AE-6DEA-494F-81D4-54CA3FAB1C0F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5A322E12-5977-44A1-A6EE-61CD9ED1669F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5D86D390-15FD-418E-A39D-76D1F0CCD45C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5FCE979F-AC1F-47A0-B7B6-2837DAD9BA87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6377009C-A49D-49DA-A870-10A6DEF57D2B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{65CC9572-EB32-4D4D-8EED-2690ABC133BB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{65D1F26B-BA4F-45DF-8BCD-D5FEBB1545D8}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | "{668B74B0-6BAE-487E-9B7E-A5FDC7C8DA12}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{67A2E1A7-B43B-4197-B81C-1A8AFA2BB9C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{67F352BD-8156-48C7-890D-40AF9D75F949}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6B59EE11-BE37-4E8A-994F-C8A58B8CD710}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6CC52E28-7DA4-4D6D-989A-977725EDE7BA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{6E6B0A07-DD22-41C7-9BE9-0553DE8FCEF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{6F6207A6-15FA-4472-BE32-4CFB60988151}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{72533CE8-EB64-4E5C-A9FC-FABB1F619DC0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{73F2310B-45C3-44BF-B5AD-76E981BA849C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{743E9110-E6DF-413C-86CC-28EFFFD0D5B3}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{7639D90E-03A5-4B4A-AB8A-698E495C71F6}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{7BD8C5B0-9677-4E5D-A8B6-444E0DA14790}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{7BDABB77-97B7-4B97-BD32-2A94AD41BAEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{7D137B9A-1AE3-4157-BCEF-ADDE84FBC5D2}" = protocol=58 | dir=in | [email protected],-28545 | "{82A02FB0-C780-47E8-B2B0-F8E2DFD2E173}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{83B154DC-7FB0-4FA7-8A75-12423FE4D49E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{86A092D5-07C0-4374-BF6B-FD3BE1D34A70}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{88BA9636-33E2-4913-B70A-A8004659E58D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8AF78A1E-CF0A-4CE4-89BA-C1072DD76E54}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8B605482-A703-41DA-92B7-3186A11304BF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8B98325A-C920-4AE8-AF83-29CAF1F30E36}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8EBD4438-664E-4B07-9B8E-BC209BF0CB03}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{90D1DD4D-DB5F-41D0-A0E1-7BD914EE4BE5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{92BAB78A-2539-467B-9767-ADF9B7FAFAA0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{959F3549-67F3-4399-B121-F6D02A2BF7F2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9D52AC95-3DD0-48A6-866B-7E37E2B508F9}" = protocol=1 | dir=in | [email protected],-28543 | "{9E1C6313-CE36-4A39-AE29-6AF7EDDB4A7C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9EB8382A-F334-4369-9122-2C5EF709E2B9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9FAB61D8-42D9-4F00-8ADA-3B3DA759DA18}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A000783B-BEA3-4DDE-9A80-6BC3BBC4C5F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A0C16120-8AF1-4852-B0B5-8E011EA47532}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A836BA78-1BA7-4134-941A-521ECACE3E5C}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{A9681A32-EE17-4A52-94B0-A494607F17DD}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{AA3DE0EC-427E-466A-9D2B-4CF036AA6F67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AB75D94D-5D26-4FF8-8723-A9F125909C00}" = protocol=1 | dir=out | [email protected],-28544 | "{ACCF5AD3-F1BF-493B-84EA-3CF19A3EF47F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{AEF3DC29-8296-4800-A57F-3CC082537A0B}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{B05DBE3B-3B51-470E-976C-260507064F8D}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{B3444873-BDBD-47BC-AC78-476185CBCB59}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B5CA2DB5-8D3C-4196-8A51-1DFB4A5A280F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B5D0F7EB-18B6-4E32-B9AE-F4E4C9B4CA45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B7303020-43C5-45D1-9B4A-19BF1B132C4C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B8A95CF8-52FE-4BBA-8A1A-5433A4E38F45}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | "{BD046E90-F042-4ADF-98F0-49D0BF91FFDA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{BDDEC121-2AB4-495F-BE22-55258DF600A3}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BE848C43-8B80-4B82-A57A-9EED80AB97F5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BF02186D-EAFD-47D6-84C1-07AA9459B6BB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{C2E4969D-B353-4848-ADAE-2FA617CC0984}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | "{C63A2891-5F8F-4A36-B92C-2F21F1CFF236}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{CCE02EC7-AE2F-4649-B5DF-BFD2F0D6AA5B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D0758E3F-BA7E-4A69-B71C-1D7A7F53A926}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D362324F-D902-43DB-ABAB-7D018D887F0C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D4F283DA-A2F9-4185-BE92-C9AD297614C9}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{D50D052A-C85F-4DC0-B423-D9BCB6639FCE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D99603C3-EECD-4256-93B7-EBF02F546C54}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{DA6B7BDB-4541-4649-9C9F-B96A344BA221}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{DA82AC17-3335-491D-87B1-B6BBF55858E9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{DF71427D-6406-4DFD-ABD8-1A5066BACD93}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E4E6A902-671F-4F2B-A366-69AB3C3954C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E4F0BAD0-6648-41AD-A27D-B9C49D3F3D56}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E74D5612-D89E-482C-90FC-54ECFCCCBB1A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EF4CC983-3C23-4708-8BCA-E34CBC70D174}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F00F5E9D-9A7A-4C68-8D8F-E08D78CBF2E0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F17138ED-DC0B-4292-B063-4CC68810FB62}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F24E8F7D-DFEE-44E8-AFBB-B65523D7C855}" = protocol=58 | dir=out | [email protected],-28546 | "{F30B09E2-ACB9-42EC-B4B3-AE6D5DD6DD87}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F4813A50-0F38-4BD0-94E3-7BF70DBA801B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F573F7B8-1BCF-44F8-B662-624F8B0C24D6}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{F7B056D2-0143-498D-8B62-7BCCDA1ABEC4}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{F7D45AC0-ED5F-4C36-B2CE-F814273668F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{03C06C11-73AA-4481-B9BE-F2F199CA008C}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=6 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe | "TCP Query User{20854614-A201-4EDE-B427-C957760CA7C5}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "TCP Query User{260E2582-A1BE-40CF-BB52-014311A81106}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe | "TCP Query User{273ACC75-4BFC-45C7-9824-5398F6826800}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe | "TCP Query User{337CA225-DF2D-4823-B898-47F844B2F9AA}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{375AED80-BC7D-4D07-BC1C-DD0951E15082}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{3EE7F299-3A41-46E3-B8E5-EF97F092D77E}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=6 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe | "TCP Query User{49A37F83-2E3A-41A7-8BA4-E32A2DCF595B}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{4D8BE58C-0AB1-44DC-BB99-112C40FB63CE}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{4E860074-2AF5-4179-9D63-264EBE10ADAF}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{9721D7A9-2116-44A6-AFF8-78D2ED9E3AA6}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | "TCP Query User{B751D311-18CA-4E85-AF21-2BF5935EDEEB}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{BB67D6A3-3C8C-4F3D-8DAD-C042BE49F80A}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe | "TCP Query User{C1C00619-4D55-4DC9-BFAA-7A0E6EF04FD2}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "TCP Query User{F1878EAB-999A-4AD3-A1BE-E905DF854B5E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{F20D8D60-5741-433B-B989-10FC405EEE84}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe | "UDP Query User{15635BCA-0E95-4154-B5DB-3BEB427C5447}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{25074E53-F5B1-41F4-A24D-4ACB557A2D9F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{3C468211-2679-4F6C-BBC1-373D1EB4B944}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | "UDP Query User{52E21A83-F7DD-4F93-A082-63BC94174CD2}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "UDP Query User{53DE6D9B-F822-49C9-AABE-7F6248E5A1A3}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{655E3D8B-DC7E-4CBF-B1B6-785E667D145C}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe | "UDP Query User{95BC456B-B41B-4C3C-8B75-6AB38F196BF5}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=17 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe | "UDP Query User{A710B3D7-6179-4E90-BDC8-6D7A1117F83E}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=17 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe | "UDP Query User{A94A1E12-2E35-45EB-8001-7BBA16813081}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe | "UDP Query User{C1A2451D-0DBE-4206-A6ED-62B1659C6BDF}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe | "UDP Query User{E2DF1E78-F176-48E0-9531-BE8F9B2124CF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{E50F0341-0E40-439B-84FC-8440319CE24B}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe | "UDP Query User{EFBE9FA9-A565-4C23-BA59-7D63FB1A3E85}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{F40FA067-0873-4ED8-AF0B-28316EB5F44B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{F9CC21CA-8F6A-455A-8775-673A89D212F7}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Assistant de connexion Windows Live ID "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2 "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1 "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 22 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1 "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6 "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3 "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D49757C-367A-4333-BDB3-68966162B14E}" = HP User Guides 0087 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 "{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7 "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E12D9F6-E86A-4EE3-BA5A-965FDBC6687F}" = O2InstV3Win7UpdateV1 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0 "{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam "{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4 "{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iPhone Explorer 2.005 "{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! Deluxe "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch "{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.6 - Français "{AD3FDC40-BCF4-476D-A2D6-C4B154DD9DF5}" = ESU for Microsoft Vista "{AEBBFC67-7A03-4DF3-9E71-BA5C9EB4FBEF}" = MobileMe Control Panel "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0 "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements "{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3 "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C716522C-3731-4667-8579-40B098294500}" = Toolbox "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D2E18162-47FB-4216-8AB3-F420C1AF75A4}" = Adobe Setup "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{D61524CF-93FE-4193-91AD-C6E21FEEAA5A}" = Logitech Harmony Remote Software 7 "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport "{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E60B8506-DDC7-433d-AF9E-999D0F543C4A}" = 2570_Help "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext "{E87F5651-CE15-493F-AE99-3B670E25A54E}" = MSCU for Microsoft Vista "{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0 "{EA7FE7AB-34AE-4e14-84C5-187E6EC0AB9B}" = 2570 "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F66D5732-C2A6-4f88-B8FE-AEDA10355FBD}" = 2570Trb "{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "8461-7759-5462-8226" = Vuze "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_ad19d2ae8332572b119cf35fd0a30d8" = Adobe Dreamweaver CS3 "avast5" = avast! Free Antivirus "AviSynth" = AviSynth 2.5 "CamStudio 2.0 Fr_is1" = CamStudio 2.0 Fr "CopyTrans Suite" = CopyTrans Suite Remove Only "DivXG400" = DivXG400 "eMule" = eMule "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free DVD Video Burner_is1" = Free DVD Video Burner version 2.1 "Free Easy Burner_is1" = Free Easy Burner V 4.1 "Free Studio_is1" = Free Studio version 4.9.12 "Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.2 "Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8 "Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter "Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149) "HP Imaging Device Functions" = HP Imaging Device Functions 8.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0 "HPExtendedCapabilities" = HP Customer Participation Program 8.0 "HPOCR" = HP OCR Software 8.0 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.9.5 "LimeWire" = LimeWire 5.1.2 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "McAfee Security Scan" = McAfee Security Scan Plus "Messenger Plus! Live" = Messenger Plus! Live "MessengerDiscovery 2.1_is1" = MessengerDiscovery 2.1.79 "MessengerDiscovery Live_is1" = MessengerDiscovery Live 1.5.0700 "MessengerDiscovery_is1" = MessengerDiscovery 2.5.99 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Movies2iPhone" = Movies2iPhone 1.21 beta for Windows "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NVIDIA Drivers" = NVIDIA Drivers "PhotoFiltre" = PhotoFiltre "Picasa2" = Picasa 2 "PROPLUS" = Microsoft Office Professional Plus 2007 "QcDrv" = Programme de gestion Camera de Logitech® "RealPlayer 12.0" = RealPlayer "SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4 "SMSERIAL" = Motorola SM56 Data Fax Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "TightVNC_is1" = TightVNC 1.3.10 "Uninstall_is1" = Uninstall 1.0.0.1 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "VLC media player" = VLC media player 1.0.1 "Wikikou Messenger Cleaner" = Wikikou Messenger Cleaner "WildTangent hp Master Uninstall" = My HP Games "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinLiveSuite" = Windows Live "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Archiveur WinRAR ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent "SparkAngels" = SparkAngels ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 29/03/2010 06:24:29 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:29 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:29 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:29 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 24/12/2010 21:48:16 | Computer Name = PC-de-thias | Source = Bonjour Service | ID = 100 Description = 384: ERROR: read_msg errno 10054 (Une connexion existante a dû être fermée par l'hôte distant.) Error - 25/12/2010 08:34:11 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0 Description = Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à service.service.launch_update() à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 25/12/2010 13:53:22 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0 Description = Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à service.service.launch_update() à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 25/12/2010 21:24:17 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0 Description = Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à service.service.launch_update() à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26/12/2010 07:25:58 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0 Description = Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à service.service.launch_update() à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26/12/2010 11:51:15 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0 Description = Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à service.service.launch_update() à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26/12/2010 13:03:31 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0 Description = Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à service.service.launch_update() à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26/12/2010 16:44:32 | Computer Name = PC-de-thias | Source = Bonjour Service | ID = 100 Description = 404: ERROR: read_msg errno 10054 (Une connexion existante a dû être fermée par l'hôte distant.) Error - 27/12/2010 01:07:34 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0 Description = Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à service.service.launch_update() à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 27/12/2010 06:01:43 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0 Description = Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity) à service.service.launch_update() à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) [ OSession Events ] Error - 15/06/2009 08:32:06 | Computer Name = PC-de-thias | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. Error - 09/07/2009 07:34:03 | Computer Name = PC-de-thias | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash. Error - 16/11/2009 15:58:44 | Computer Name = PC-de-thias | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash. Error - 18/06/2010 07:50:41 | Computer Name = PC-de-thias | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 27/12/2010 13:56:58 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7022 Description = Error - 28/12/2010 07:50:33 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7000 Description = Error - 28/12/2010 07:51:27 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7022 Description = Error - 28/12/2010 09:32:57 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7034 Description = Error - 28/12/2010 09:33:08 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7030 Description = Error - 28/12/2010 09:37:11 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7030 Description = Error - 28/12/2010 09:52:23 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7030 Description = Error - 28/12/2010 09:52:34 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7030 Description = Error - 28/12/2010 09:55:59 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7000 Description = Error - 28/12/2010 09:56:16 | Computer Name = PC-de-thias | Source = Service Control Manager | ID = 7022 Description = < End of report >

Bonjour, voici le rapport de ComboFix ComboFix 10-12-26.01 - thias 28/12/2010 14:37:21.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3069.1654 [GMT 1:00] Lancé depuis: c:\users\thias\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\vlc-0.9.4-win32.exe c:\programdata\vlc-0.9.9-win32.exe c:\programdata\vlc-1.0.2-win32.exe c:\programdata\vlc-1.0.5-win32.exe c:\windows\system32\KBL.LOG c:\windows\system32\logs . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_oUltraf ((((((((((((((((((((((((((((( Fichiers créés du 2010-11-28 au 2010-12-28 )))))))))))))))))))))))))))))))))))) . 2010-12-28 11:57 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{793CB042-EB84-49DD-A60F-99B105589A33}\mpengine.dll 2010-12-27 17:46 . 2010-12-27 17:46 -------- d-----w- c:\users\thias\AppData\Roaming\Malwarebytes 2010-12-27 17:46 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-27 17:46 . 2010-12-27 17:46 -------- d-----w- c:\programdata\Malwarebytes 2010-12-27 17:46 . 2010-12-27 17:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-27 17:46 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-25 14:38 . 2010-12-25 14:42 -------- d-----w- c:\users\thias\AppData\Roaming\PCFix 2010-12-24 19:22 . 2010-12-24 19:22 -------- d-----w- c:\program files\iPod 2010-12-24 19:22 . 2010-12-24 19:24 -------- d-----w- c:\program files\iTunes 2010-12-24 19:08 . 2010-12-24 19:08 -------- d-----w- c:\programdata\MessengerDiscovery 2 2010-12-15 15:15 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll 2010-12-15 15:15 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe 2010-12-15 15:15 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe 2010-12-15 15:15 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll 2010-12-15 15:15 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll 2010-12-15 15:15 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-12-15 15:15 . 2010-11-04 18:55 270336 ----a-w- c:\windows\system32\taskcomp.dll 2010-12-15 15:15 . 2010-11-04 16:34 171520 ----a-w- c:\windows\system32\taskeng.exe 2010-12-15 15:10 . 2010-10-18 13:31 2038272 ----a-w- c:\windows\system32\win32k.sys 2010-12-15 15:09 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe 2010-12-15 15:09 . 2010-10-28 15:44 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-12-15 15:09 . 2010-10-28 13:27 292352 ----a-w- c:\windows\system32\atmfd.dll 2010-12-15 15:09 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll 2010-12-15 15:01 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2010-12-14 13:32 . 2010-12-14 13:32 -------- d-----w- c:\program files\Common Files\Skype 2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-10-19 09:41 . 2009-10-04 19:03 222080 ------w- c:\windows\system32\MpSigStub.exe 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560] "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-17 202256] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-21 47904] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] c:\users\thias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592] McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] 2008-10-09 05:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2007-05-08 14:24 54840 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-07-25 06:02 174616 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2004-07-27 15:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2004-07-27 15:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-12-13 16:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager] 2007-02-07 23:12 488984 ----a-w- c:\program files\Common Files\logishrd\LComMgr\Communications_Helper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2007-02-07 23:13 774168 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2009-10-03 09:40 13826664 ----a-w- c:\windows\System32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2009-10-03 09:40 92776 ----a-w- c:\windows\System32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay] 2007-09-04 11:54 554320 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2008-08-21 01:18 443968 ----a-w- c:\program files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService] 2007-09-30 17:34 181544 ----a-w- c:\program files\Hp\QuickPlay\QPService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-08-17 13:27 4702208 ----a-w- c:\windows\RtHDVCpl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL] 2007-01-17 13:34 634880 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2010-03-17 16:23 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640] S1 aswSP;aswSP; [x] S2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\HP\QuickPlay\000.fcl [2007-09-30 39408] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' 2010-12-28 c:\windows\Tasks\User_Feed_Synchronization-{92F34DC7-E7DF-4FAF-A4EF-402552E1D649}.job - c:\windows\system32\msfeedssync.exe [2010-12-15 04:25] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.mivolo.com mStart Page = hxxp://www.mivolo.com uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Free YouTube Download - c:\users\thias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm IE: Free YouTube to Mp3 Converter - c:\users\thias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm IE: Sauver &fichier media avec Flash and Media Capture - c:\program files\MetaProducts Flash & Media Capture\FMCapt.dll/savemedia.htm IE: Sauver &image avec Flash and Media Capture - c:\program files\MetaProducts Flash & Media Capture\FMCapt.dll/saveimg.htm Trusted Zone: o2.co.uk\*.broadband Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\users\thias\AppData\Roaming\Mozilla\Firefox\Profiles\d83h6bja.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Cooliris: [email protected] - %profile%\extensions\[email protected] FF - Ext: UnPlug: unplug@compunach - %profile%\extensions\unplug@compunach FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} . - - - - ORPHELINS SUPPRIMES - - - - BHO-{5E1A0E46-1F27-4ED7-83F8-1EC7F908CC67} - c:\windows\system32\AuxiliaryDisplayDriverLi.dll MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe MSConfigStartUp-O2 - c:\program files\O2\bin\sprtcmd.exe MSConfigStartUp-QlbCtrl - %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ************************************************************************** Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}] "ImagePath"="\??\c:\program files\HP\QuickPlay\000.fcl" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(11072) c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll c:\windows\system32\btmmhook.dll c:\windows\system32\btncopy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe c:\windows\system32\nvvsvc.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conime.exe c:\program files\Alwil Software\Avast5\AvastUI.exe c:\program files\Synaptics\SynTP\SynTPEnh.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Hewlett-Packard\Shared\HpqToaster.exe c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2010-12-28 15:04:18 - La machine a redémarré ComboFix-quarantined-files.txt 2010-12-28 14:04 Avant-CF: 78 369 611 776 octets libres Après-CF: 78 392 193 024 octets libres Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11 - - End Of File - - 6D8CF4FA58405F4D466941348E0653B1

Bonjour, Mon ordinateur semble fonctionner à nouveau correctement. Dois-je tout de même effectuer ces dernières analyses par sécurité? Cordialement.

et le dernier rapport. la procédure est terminé? le problème a-t-il été résolu? Merci pour votre réactivité Results of screen317's Security Check version 0.99.8 Windows Vista Service Pack 2 (UAC is disabled!) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus McAfee Security Scan Plus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Wikikou Messenger Cleaner Java 6 Update 22 Java 6 Update 2 Java 6 Update 5 Java 6 Update 7 Out of date Java installed! Adobe Flash Player 10.1.102.64 Adobe Reader 8.1.6 - Français Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe ``````````End of Log````````````

Voici le rapport de TDSS KILLER 2010/12/27 19:01:48.0122 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46 2010/12/27 19:01:48.0122 ================================================================================ 2010/12/27 19:01:48.0122 SystemInfo: 2010/12/27 19:01:48.0122 2010/12/27 19:01:48.0122 OS Version: 6.0.6002 ServicePack: 2.0 2010/12/27 19:01:48.0122 Product type: Workstation 2010/12/27 19:01:48.0123 ComputerName: PC-DE-THIAS 2010/12/27 19:01:48.0123 UserName: thias 2010/12/27 19:01:48.0123 Windows directory: C:\Windows 2010/12/27 19:01:48.0123 System windows directory: C:\Windows 2010/12/27 19:01:48.0123 Processor architecture: Intel x86 2010/12/27 19:01:48.0123 Number of processors: 2 2010/12/27 19:01:48.0123 Page size: 0x1000 2010/12/27 19:01:48.0123 Boot type: Normal boot 2010/12/27 19:01:48.0123 ================================================================================ 2010/12/27 19:01:48.0527 Initialize success 2010/12/27 19:02:11.0267 ================================================================================ 2010/12/27 19:02:11.0267 Scan started 2010/12/27 19:02:11.0267 Mode: Manual; 2010/12/27 19:02:11.0267 ================================================================================ 2010/12/27 19:02:11.0960 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2010/12/27 19:02:12.0184 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2010/12/27 19:02:12.0233 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2010/12/27 19:02:13.0069 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2010/12/27 19:02:13.0114 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2010/12/27 19:02:13.0917 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2010/12/27 19:02:14.0005 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 2010/12/27 19:02:14.0825 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2010/12/27 19:02:14.0909 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 2010/12/27 19:02:14.0947 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 2010/12/27 19:02:14.0975 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 2010/12/27 19:02:15.0013 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2010/12/27 19:02:15.0064 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2010/12/27 19:02:15.0135 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2010/12/27 19:02:15.0188 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2010/12/27 19:02:15.0257 aswFsBlk (1b6ed99291ddf5d2501554cc5757aab6) C:\Windows\system32\drivers\aswFsBlk.sys 2010/12/27 19:02:16.0088 aswMonFlt (58254e06b36b984e33ae314c0ea8f1a5) C:\Windows\system32\drivers\aswMonFlt.sys 2010/12/27 19:02:17.0132 aswRdr (3e2b6112d2766f87eda8466fde86a986) C:\Windows\system32\drivers\aswRdr.sys 2010/12/27 19:02:17.0230 aswSP (d78b644816db540e103d0b0766fd9967) C:\Windows\system32\drivers\aswSP.sys 2010/12/27 19:02:17.0428 aswTdi (606d731008d98b6ef946730c597c1642) C:\Windows\system32\drivers\aswTdi.sys 2010/12/27 19:02:18.0136 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/12/27 19:02:18.0408 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2010/12/27 19:02:18.0771 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys 2010/12/27 19:02:18.0939 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2010/12/27 19:02:19.0215 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2010/12/27 19:02:19.0283 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2010/12/27 19:02:19.0317 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2010/12/27 19:02:19.0348 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2010/12/27 19:02:19.0375 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2010/12/27 19:02:19.0422 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2010/12/27 19:02:19.0447 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2010/12/27 19:02:19.0509 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2010/12/27 19:02:19.0577 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys 2010/12/27 19:02:19.0641 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2010/12/27 19:02:19.0711 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 2010/12/27 19:02:19.0785 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 2010/12/27 19:02:19.0862 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys 2010/12/27 19:02:19.0933 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys 2010/12/27 19:02:19.0966 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys 2010/12/27 19:02:20.0057 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\Windows\system32\DRIVERS\Camdrl.sys 2010/12/27 19:02:20.0146 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2010/12/27 19:02:20.0212 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2010/12/27 19:02:20.0320 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2010/12/27 19:02:20.0530 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2010/12/27 19:02:20.0643 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2010/12/27 19:02:20.0699 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 2010/12/27 19:02:20.0754 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2010/12/27 19:02:20.0785 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2010/12/27 19:02:20.0824 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2010/12/27 19:02:20.0917 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2010/12/27 19:02:21.0001 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2010/12/27 19:02:21.0082 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2010/12/27 19:02:21.0117 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2010/12/27 19:02:21.0147 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2010/12/27 19:02:21.0204 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2010/12/27 19:02:21.0284 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2010/12/27 19:02:21.0355 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys 2010/12/27 19:02:21.0415 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2010/12/27 19:02:21.0496 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2010/12/27 19:02:21.0544 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2010/12/27 19:02:21.0661 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2010/12/27 19:02:21.0704 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2010/12/27 19:02:21.0750 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2010/12/27 19:02:21.0828 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2010/12/27 19:02:21.0874 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2010/12/27 19:02:21.0938 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/12/27 19:02:21.0993 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2010/12/27 19:02:22.0068 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2010/12/27 19:02:22.0097 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2010/12/27 19:02:22.0172 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2010/12/27 19:02:22.0242 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2010/12/27 19:02:22.0294 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/12/27 19:02:22.0334 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2010/12/27 19:02:22.0366 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2010/12/27 19:02:22.0417 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2010/12/27 19:02:22.0490 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2010/12/27 19:02:22.0558 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 2010/12/27 19:02:22.0583 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys 2010/12/27 19:02:22.0642 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 2010/12/27 19:02:22.0695 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 2010/12/27 19:02:22.0789 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2010/12/27 19:02:22.0836 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2010/12/27 19:02:22.0894 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/12/27 19:02:22.0993 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys 2010/12/27 19:02:23.0081 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\DRIVERS\iaStor.sys 2010/12/27 19:02:23.0123 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2010/12/27 19:02:23.0179 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2010/12/27 19:02:23.0325 IntcAzAudAddService (9f5898ebd3bbe82eadf2efa595f02a72) C:\Windows\system32\drivers\RTKVHDA.sys 2010/12/27 19:02:23.0514 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2010/12/27 19:02:23.0712 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2010/12/27 19:02:23.0849 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/12/27 19:02:23.0934 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2010/12/27 19:02:23.0991 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2010/12/27 19:02:24.0094 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2010/12/27 19:02:24.0144 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 2010/12/27 19:02:24.0218 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/12/27 19:02:24.0295 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2010/12/27 19:02:24.0350 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2010/12/27 19:02:24.0402 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/12/27 19:02:24.0482 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/12/27 19:02:24.0544 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2010/12/27 19:02:24.0623 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2010/12/27 19:02:24.0683 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2010/12/27 19:02:24.0746 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2010/12/27 19:02:24.0786 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2010/12/27 19:02:24.0842 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2010/12/27 19:02:24.0956 LVcKap (9a3d4fc6b86e7e36473079ab76ac703d) C:\Windows\system32\DRIVERS\LVcKap.sys 2010/12/27 19:02:25.0123 LVMVDrv (0acbc11f19320af6c19f2e20013d9095) C:\Windows\system32\DRIVERS\LVMVDrv.sys 2010/12/27 19:02:25.0198 LVPr2Mon (12866641284ebb41e627bb53c04da959) C:\Windows\system32\DRIVERS\LVPr2Mon.sys 2010/12/27 19:02:25.0281 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\Windows\system32\drivers\LVUSBSta.sys 2010/12/27 19:02:25.0480 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2010/12/27 19:02:25.0536 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2010/12/27 19:02:25.0586 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2010/12/27 19:02:25.0812 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2010/12/27 19:02:25.0942 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2010/12/27 19:02:26.0014 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2010/12/27 19:02:26.0092 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2010/12/27 19:02:26.0151 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2010/12/27 19:02:26.0179 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2010/12/27 19:02:26.0236 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2010/12/27 19:02:26.0289 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/12/27 19:02:26.0321 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/12/27 19:02:26.0351 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/12/27 19:02:26.0381 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 2010/12/27 19:02:26.0423 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2010/12/27 19:02:26.0465 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2010/12/27 19:02:26.0520 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2010/12/27 19:02:26.0598 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2010/12/27 19:02:26.0674 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/12/27 19:02:26.0712 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2010/12/27 19:02:26.0785 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2010/12/27 19:02:26.0835 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/12/27 19:02:26.0935 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2010/12/27 19:02:27.0003 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2010/12/27 19:02:27.0105 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2010/12/27 19:02:27.0172 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2010/12/27 19:02:27.0221 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/12/27 19:02:27.0297 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/12/27 19:02:27.0342 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/12/27 19:02:27.0395 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2010/12/27 19:02:27.0501 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2010/12/27 19:02:27.0563 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2010/12/27 19:02:27.0688 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys 2010/12/27 19:02:27.0946 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2010/12/27 19:02:28.0122 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2010/12/27 19:02:28.0188 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2010/12/27 19:02:28.0261 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2010/12/27 19:02:28.0338 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2010/12/27 19:02:28.0389 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2010/12/27 19:02:28.0734 nvlddmkm (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2010/12/27 19:02:28.0918 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2010/12/27 19:02:28.0972 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2010/12/27 19:02:29.0036 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 2010/12/27 19:02:29.0173 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/12/27 19:02:29.0526 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2010/12/27 19:02:29.0750 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2010/12/27 19:02:29.0850 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2010/12/27 19:02:29.0939 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2010/12/27 19:02:29.0974 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys 2010/12/27 19:02:30.0025 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2010/12/27 19:02:30.0132 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2010/12/27 19:02:30.0404 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2010/12/27 19:02:30.0486 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2010/12/27 19:02:30.0567 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2010/12/27 19:02:30.0616 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys 2010/12/27 19:02:30.0754 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2010/12/27 19:02:30.0819 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2010/12/27 19:02:30.0897 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2010/12/27 19:02:30.0962 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2010/12/27 19:02:31.0022 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/12/27 19:02:31.0092 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/12/27 19:02:31.0130 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2010/12/27 19:02:31.0218 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2010/12/27 19:02:31.0269 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/12/27 19:02:31.0324 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 2010/12/27 19:02:31.0361 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2010/12/27 19:02:31.0409 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2010/12/27 19:02:31.0467 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2010/12/27 19:02:31.0522 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys 2010/12/27 19:02:31.0538 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys 2010/12/27 19:02:31.0628 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys 2010/12/27 19:02:31.0811 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2010/12/27 19:02:31.0954 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys 2010/12/27 19:02:32.0186 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2010/12/27 19:02:32.0250 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 2010/12/27 19:02:32.0283 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2010/12/27 19:02:32.0335 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2010/12/27 19:02:32.0374 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2010/12/27 19:02:32.0443 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2010/12/27 19:02:32.0556 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 2010/12/27 19:02:32.0621 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 2010/12/27 19:02:32.0657 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 2010/12/27 19:02:32.0696 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys 2010/12/27 19:02:32.0737 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 2010/12/27 19:02:32.0759 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2010/12/27 19:02:32.0789 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2010/12/27 19:02:32.0841 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2010/12/27 19:02:32.0949 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys 2010/12/27 19:02:33.0041 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2010/12/27 19:02:33.0129 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys 2010/12/27 19:02:33.0184 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys 2010/12/27 19:02:33.0217 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys 2010/12/27 19:02:33.0305 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2010/12/27 19:02:34.0097 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2010/12/27 19:02:35.0113 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2010/12/27 19:02:35.0203 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2010/12/27 19:02:35.0248 SynTP (3d6316279c3540aa268bf025f4621ef3) C:\Windows\system32\DRIVERS\SynTP.sys 2010/12/27 19:02:35.0336 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2010/12/27 19:02:35.0417 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2010/12/27 19:02:36.0115 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2010/12/27 19:02:36.0166 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2010/12/27 19:02:36.0233 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2010/12/27 19:02:36.0304 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2010/12/27 19:02:36.0342 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2010/12/27 19:02:36.0407 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/12/27 19:02:36.0495 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2010/12/27 19:02:36.0535 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2010/12/27 19:02:36.0572 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2010/12/27 19:02:36.0643 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2010/12/27 19:02:36.0682 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 2010/12/27 19:02:36.0723 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2010/12/27 19:02:36.0760 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2010/12/27 19:02:36.0787 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2010/12/27 19:02:36.0871 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2010/12/27 19:02:36.0919 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys 2010/12/27 19:02:36.0984 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 2010/12/27 19:02:37.0039 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/12/27 19:02:37.0078 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2010/12/27 19:02:37.0120 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2010/12/27 19:02:37.0170 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2010/12/27 19:02:37.0201 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2010/12/27 19:02:37.0241 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2010/12/27 19:02:37.0285 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2010/12/27 19:02:37.0325 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/12/27 19:02:37.0368 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/12/27 19:02:37.0438 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2010/12/27 19:02:37.0487 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/12/27 19:02:37.0518 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2010/12/27 19:02:37.0564 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 2010/12/27 19:02:37.0589 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2010/12/27 19:02:37.0622 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 2010/12/27 19:02:37.0665 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2010/12/27 19:02:37.0717 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2010/12/27 19:02:37.0769 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2010/12/27 19:02:37.0813 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2010/12/27 19:02:37.0865 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2010/12/27 19:02:37.0954 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/12/27 19:02:37.0965 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/12/27 19:02:38.0017 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2010/12/27 19:02:38.0070 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2010/12/27 19:02:38.0135 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 2010/12/27 19:02:38.0452 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2010/12/27 19:02:38.0595 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2010/12/27 19:02:38.0649 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2010/12/27 19:02:38.0710 WsAudioDevice_383 (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\WsAudioDevice_383.sys 2010/12/27 19:02:38.0781 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/12/27 19:02:38.0866 {22D78859-9CE9-4B77-BF18-AC83E81A9263} (8903c6979ea677a9af3d36e0d3709203) C:\Program Files\HP\QuickPlay\000.fcl 2010/12/27 19:02:38.0922 ================================================================================ 2010/12/27 19:02:38.0922 Scan finished 2010/12/27 19:02:38.0922 ================================================================================

voici le rapport de MBAM Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5404 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 27/12/2010 18:52:20 mbam-log-2010-12-27 (18-52-20).txt Type d'examen: Examen rapide Elément(s) analysé(s): 156134 Temps écoulé: 4 minute(s), 19 seconde(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 7 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 8 Processus mémoire infecté(s): c:\program files\installpedia\lnetworker.exe (Adware.InstallPedia) -> 2772 -> Unloaded process successfully. Module(s) mémoire infecté(s): c:\Users\thias\AppData\Local\assembly\dl3\0J2NW5P8.70E\832LX7H2.DKA\370d9396\00d34a37_f353cb01\Utils.DLL (Adware.InstallPedia) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\I.P services (Adware.InstallPedia) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\IP Network (Adware.InstallPedia) -> Value: IP Network -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Value: bf -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Value: bk -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Value: iu -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Value: mu -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): c:\program files\installpedia (Adware.InstallPedia) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\program files\installpedia\lnetworker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully. c:\Users\thias\AppData\Local\assembly\dl3\0J2NW5P8.70E\832LX7H2.DKA\370d9396\00d34a37_f353cb01\Utils.DLL (Adware.InstallPedia) -> Delete on reboot. c:\program files\installpedia\service.exe (Adware.InstallPedia) -> Quarantined and deleted successfully. c:\Windows\System32\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully. c:\program files\installpedia\networker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully. c:\program files\installpedia\pref_updater.exe (Adware.InstallPedia) -> Quarantined and deleted successfully. c:\program files\installpedia\ionic.zip.reduced.dll (Adware.InstallPedia) -> Quarantined and deleted successfully. c:\program files\installpedia\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.

RESOLU Bonjour, Je poste ici car on m'a dit que des pro répondent personnelement à chaque problème, je m'en remet donc à vous. Je suis sur Windows Vista, et depuis un certains temps, internet s'ouvre régulièrement tout seul (sans que je l'utilise puisque je suis sur Firefox)pour s'ouvrir sur des pages diverses (poker, vente en ligne, site de rencontre...) J'ai vu plusieurs postes sur le même problème, mais on m'as dit que chaque problème était unique et donc se résolvait différemment. De plus je ne suis pas une tête en informatique, même si je connais les bases, et je comprends pas toujours tout aux explications données (ligne de code etc) Pour mon antivirus j'utilise la version free de Avast. De plus, je ne sais pas si c'est à cause du même problème, mais mon ordi que j'ai depuis deux ans mais qui a toujours super bien marché (hp pavillon dv6000) commence a ramer notamment kan je suis sur le net (pour Firefox). Quelqu'un peut-il m'expliquer une procédure sans risque pour résoudre le problème? car j'ai vu des explications qui impliquait de supprimer des ligne, et des avis très défavorable sur cette solution qui risque une "crash" de l'ordi. Merci par avance. Mathias