jdhog

Bonjour les pc tuto il y en avait 2 dont un update et le Cspep.0 on ete desinstaller et j'ai lancer otl avec ton script li y eu le redamarrage les trois icone qui avait sur le bureau on disparu et la bonne nouvelle pas de pub merci All processes killed ========== OTL ========== No active process named pctuto.exe was found! No active process named cspep.exe was found! Folder C:\Program Files (x86)\cspep\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PCTuto deleted successfully. C:\Program Files (x86)\PCTuto\pctuto.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\cspep.exe not found. File C:\Program Files (x86)\cspep\cspep.exe not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 deleted successfully. C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager deleted successfully. C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast5 deleted successfully. File move failed. C:\Program Files\Alwil Software\Avast5\avastUI.exe scheduled to be moved on reboot. C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk moved successfully. C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe moved successfully. C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WkCalRem.LNK moved successfully. C:\Program Files (x86)\Microsoft Works\WkCalRem.exe moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== File\Folder C:\Users\GEANT\AppData\Roaming\PCtuto not found. C:\ProgramData\Lavasoft\License folder moved successfully. C:\ProgramData\Lavasoft folder moved successfully. C:\Program Files (x86)\PCTuto folder moved successfully. File\Folder C:\Program Files (x86)\cspep not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Classic .NET AppPool ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: GEANT ->Temp folder emptied: 3061751 bytes ->Temporary Internet Files folder emptied: 23184232 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Opera cache emptied: 609853 bytes ->Flash cache emptied: 642 bytes User: Invité ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: photogaphe didier User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6688 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 1118 bytes Total Files Cleaned = 26,00 mb [EMPTYFLASH] User: All Users User: Classic .NET AppPool ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: GEANT ->Flash cache emptied: 0 bytes User: Invité ->Flash cache emptied: 0 bytes User: photogaphe didier User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.20.2 log created on 01222011_100858 Files\Folders moved on Reboot... File move failed. C:\Program Files\Alwil Software\Avast5\avastUI.exe scheduled to be moved on reboot. C:\Users\GEANT\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Windows\temp\_avast5_\Webshlock.txt not found! Registry entries deleted on Reboot...

pour la page fantome ? je pense que tu parle de la page ads regiepub sa fonctionne comme une redirection tu 1° url qui s'affiche en ads regie pub soit adstream regie pub ou ave adstream soit sa par 1 ou 2 de ces url avant d'affiche la page de pub avec url reel du site ou defois la page est avec adstream je ne sais comment on fait les captures d'ecran sur le clavier pour te l'envoyer

OTL logfile created on: 21/01/2011 18:06:57 - Run 5 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\GEANT\Desktop\anti virus 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 157,77 Gb Total Space | 29,66 Gb Free Space | 18,80% Space Free | Partition Type: NTFS Drive D: | 128,22 Gb Total Space | 12,22 Gb Free Space | 9,53% Space Free | Partition Type: NTFS Computer Name: DIDIER-PC | User Name: GEANT | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/20 12:56:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GEANT\Desktop\anti virus\OTL.exe PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/12/27 10:53:51 | 000,629,336 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe PRC - [2010/12/27 10:53:38 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe PRC - [2010/12/09 10:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\cspep\cspep.exe PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010/08/24 10:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2010/08/04 16:18:56 | 000,966,656 | ---- | M] (PCTUTO) -- C:\Program Files (x86)\PCTuto\pctuto.exe PRC - [2009/11/03 05:22:51 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/10/29 12:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009/10/22 03:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe PRC - [2009/10/13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/09/10 14:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009/08/18 10:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009/08/04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2009/06/18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe PRC - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2007/06/20 22:04:22 | 000,046,432 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\WkCalRem.exe ========== Modules (SafeList) ========== MOD - [2011/01/20 12:56:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GEANT\Desktop\anti virus\OTL.exe MOD - [2011/01/20 10:08:16 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010/10/13 11:41:06 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:64bit: - [2010/10/13 11:41:04 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:64bit: - [2010/01/19 16:49:16 | 000,055,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc) SRV:64bit: - [2009/10/29 20:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 02:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp) SRV:64bit: - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2009/09/10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2009/07/14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2009/07/14 02:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp) SRV - [2009/06/18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc) SRV - [2009/06/18 02:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2010/10/05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2010/04/03 09:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150) DRV:64bit: - [2009/11/13 09:47:38 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009/10/13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/09/22 00:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2009/09/02 17:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/08/21 10:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 01:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) Protocole RMCAST (multidiffusion fiable) DRV:64bit: - [2009/06/18 13:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/06/15 12:45:35 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2009/06/15 12:45:35 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake) DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009/06/02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009/06/02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2007/02/16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV - [2009/09/02 02:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009/03/26 04:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: "" FF - prefs.js..network.proxy.no_proxies_on: "" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/15 10:00:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/15 10:00:42 | 000,000,000 | ---D | M] [2010/12/07 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Extensions [2010/12/07 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011/01/20 21:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Firefox\Profiles\h80luezw.default\extensions [2011/01/21 17:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/05/25 12:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/17 00:55:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/27 03:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\GEANT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H80LUEZW.DEFAULT\EXTENSIONS\REDUCBARRE@REDUCBARRE.COM [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/06/12 02:05:49 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml [2010/06/12 02:05:49 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/06/12 02:05:49 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml [2010/06/12 02:05:49 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/06/12 02:05:49 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/21 11:01:37 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation) O4 - HKLM..\Run: [PCTuto] C:\Program Files (x86)\PCTuto\pctuto.exe (PCTUTO) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [bamboo Dock] C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe () O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe () O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WkCalRem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/01/20 21:14:18 | 000,000,000 | ---D | C] -- C:\_OTL [2011/01/20 01:02:42 | 000,000,000 | ---D | C] -- C:\Users\GEANT\Desktop\anti virus [2011/01/19 23:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/01/18 18:43:56 | 000,000,000 | ---D | C] -- C:\Users\GEANT\ZHP [2011/01/17 19:03:21 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011/01/17 19:01:57 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Local\Sunbelt Software [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011/01/15 22:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\ZHP [2011/01/15 22:09:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/01/15 17:07:53 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Malwarebytes [2011/01/15 17:07:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Malwarebytes' Anti-Malware [2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/15 17:07:44 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/01/15 17:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/01/14 18:14:11 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/01/13 19:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Galaxy 2 Demo 64-bit [2011/01/13 19:33:39 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\ThePluginSite [2011/01/13 19:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\PluginGalaxy2Demo_64bit [2011/01/13 19:23:26 | 000,304,640 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imgman32.dll [2011/01/13 19:23:26 | 000,067,072 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31jpg.dil [2011/01/13 19:23:26 | 000,059,392 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imhost32.dll [2011/01/13 19:23:26 | 000,035,840 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31bmp.dil [2011/01/13 19:23:26 | 000,032,256 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31xbmp.del [2011/01/13 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Commander Light [2011/01/13 19:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plugin Commander Light [2011/01/12 22:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Auto FX Software [2011/01/12 22:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto FX Software [2011/01/11 19:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\cspep [2011/01/09 11:53:03 | 000,000,000 | ---D | C] -- C:\Windows\fr [2011/01/09 11:52:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Windows Live [2011/01/09 00:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2011/01/06 16:46:38 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1 [2011/01/06 13:38:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo [2010/12/29 14:18:17 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wtablet [2010/12/27 11:23:30 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Bamboo Explore [2010/12/27 11:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Explore [2010/12/27 10:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom [2010/12/27 10:53:49 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 [2010/12/27 10:53:46 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Wacom [2010/12/27 10:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo Dock [2010/12/27 10:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock [2010/12/27 10:51:51 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll [2010/12/27 10:51:51 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll [2010/12/27 10:51:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2010/12/27 10:51:05 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys [2010/12/27 10:50:58 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys [2010/12/27 10:50:56 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys [2010/12/27 10:50:52 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll [2010/12/27 10:50:51 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll [2010/12/27 10:50:51 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll [2010/12/27 10:50:50 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll [2010/12/27 10:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet [2009/11/03 05:04:33 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2011/01/21 18:11:18 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/21 18:11:18 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/21 18:04:19 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/21 18:03:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/21 18:03:52 | 3166,154,752 | -HS- | M] () -- C:\hiberfil.sys [2011/01/21 18:00:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/21 11:01:37 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2011/01/21 10:45:42 | 002,103,956 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/21 10:45:42 | 000,913,350 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/01/21 10:45:42 | 000,805,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/21 10:45:42 | 000,209,296 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/01/21 10:45:42 | 000,173,428 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/20 10:37:26 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [2011/01/19 23:10:40 | 000,144,945 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011 [2011/01/18 17:03:05 | 000,143,246 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport [2011/01/17 19:03:21 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011/01/15 22:33:30 | 000,001,214 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Gestion Commerciale.lnk [2011/01/15 22:33:30 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Gestion Commerciale.lnk [2011/01/14 18:14:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011/01/13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/01/13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011/01/13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011/01/13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011/01/13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011/01/12 23:26:08 | 004,922,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/01/12 22:14:55 | 000,000,081 | ---- | M] () -- C:\Windows\s01on [2011/01/10 13:45:45 | 000,405,078 | ---- | M] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg [2011/01/10 13:45:45 | 000,001,456 | ---- | M] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2011/01/10 13:38:44 | 000,442,478 | ---- | M] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg [2011/01/10 13:25:15 | 000,461,063 | ---- | M] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg [2011/01/10 13:23:25 | 000,000,821 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2011/01/10 13:15:39 | 000,171,743 | ---- | M] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg [2011/01/08 19:03:57 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT [2011/01/06 19:46:44 | 000,078,684 | ---- | M] () -- C:\Users\GEANT\Documents\Backup.tabletprefs [2010/12/29 19:20:49 | 730,086,228 | ---- | M] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd ========== Files Created - No Company Name ========== [2011/01/19 23:10:40 | 000,144,945 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011 [2011/01/18 17:03:05 | 000,143,246 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport [2011/01/13 19:23:26 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll [2011/01/12 20:18:09 | 000,000,081 | ---- | C] () -- C:\Windows\s01on [2011/01/10 13:45:45 | 000,405,078 | ---- | C] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg [2011/01/10 13:38:44 | 000,442,478 | ---- | C] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg [2011/01/10 13:25:14 | 000,461,063 | ---- | C] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg [2011/01/10 13:15:38 | 000,171,743 | ---- | C] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg [2011/01/08 15:22:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/01/06 19:46:44 | 000,078,684 | ---- | C] () -- C:\Users\GEANT\Documents\Backup.tabletprefs [2010/12/29 19:18:26 | 730,086,228 | ---- | C] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd [2010/12/27 10:52:49 | 000,000,002 | ---- | C] () -- C:\Users\GEANT\.bdockinstall.log [2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml [2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml [2010/11/03 10:30:43 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI [2010/10/30 23:41:44 | 000,004,912 | ---- | C] () -- C:\ProgramData\mnjemahv.gza [2010/10/30 23:32:17 | 000,004,948 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik [2010/10/30 23:32:17 | 000,004,923 | ---- | C] () -- C:\ProgramData\drctchbl.xvi [2010/10/07 09:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Workflows [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Work - Home [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\filter [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\docInfo [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\deskjet [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\business-inkjet [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Ambient [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Alerts [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Action [2010/06/11 16:54:34 | 002,082,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/06/03 15:23:31 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini [2010/05/17 17:51:07 | 000,000,017 | ---- | C] () -- C:\Users\GEANT\AppData\Local\resmon.resmoncfg [2010/05/17 13:00:58 | 000,001,456 | ---- | C] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/05/14 17:28:40 | 000,000,132 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\Préfs Filtre IllExportation Adobe CS5 [2010/03/09 11:43:18 | 000,005,120 | ---- | C] () -- C:\Users\GEANT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/05 23:58:39 | 000,000,858 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\wklnhst.dat [2009/12/15 01:42:44 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2009/12/15 01:42:44 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009/12/05 17:09:38 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009/12/05 17:09:38 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2009/11/03 05:32:49 | 000,008,415 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log [2009/11/03 05:04:12 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2010/03/16 22:29:03 | 000,000,000 | -HSD | M] -- C:\Users\GEANT\AppData\Roaming\.# [2010/03/05 17:42:10 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\ACD Systems [2010/12/27 11:38:18 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Bamboo Explore [2010/05/14 21:33:42 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010/11/30 12:29:36 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2011/01/06 16:46:41 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1 [2010/11/20 11:35:53 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\DxO Labs [2010/03/09 21:09:36 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\eSobi [2011/01/19 22:27:00 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\FileZilla [2010/03/06 00:03:10 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\GameConsole [2010/05/21 11:00:00 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\inkscape [2010/10/30 23:41:45 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Need4Video [2010/10/28 17:12:29 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Nikon [2010/08/03 22:34:41 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\OpenCandy [2010/05/25 12:40:38 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\OpenOffice.org [2010/05/14 17:31:58 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Opera [2010/11/20 11:30:22 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PACE Anti-Piracy [2010/11/17 15:45:48 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PCtuto [2010/03/11 17:59:06 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PlayFirst [2010/05/14 17:27:33 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010/05/21 13:45:09 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Subversion [2010/03/09 21:07:39 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Template [2011/01/13 19:33:39 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\ThePluginSite [2010/12/07 20:51:56 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\TomTom [2010/09/20 13:33:53 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\UDC Profiles [2010/05/22 00:58:42 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\VTC Preferences Folder [2010/12/27 10:53:46 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Wacom [2010/12/27 10:53:49 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 [2010/04/01 19:35:13 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Windows Live Writer [2010/11/17 08:52:12 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\XnView [2011/01/05 11:37:05 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >

je viens de la faire,j'en est fait une aussi avec OTL dit si tu la veut merci Results of screen317's Security Check version 0.99.8 Windows 7 (UAC is disabled!) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 18 Java 6 Update 23 Out of date Java installed! Adobe Flash Player 10.1.53.64 Adobe Reader 9.4.1 MUI Out of date Adobe Reader installed! Mozilla Firefox (3.6.6) ```````````````````````````````` Process Check: objlist.exe by Laurent GEANT Desktop anti virus SecurityCheck.exe Alwil Software Avast5 AvastUI.exe Alwil Software Avast5 AvastSvc.exe ``````````End of Log````````````

j'ai verifier securitycheck.exe il n'y a plus que malwarebyte et avast

j'ai desinstaller ad ware et redemarrer le pc et copie le script dans otl au bout d'une minute windows a redemarrer au redemmarrage je n'ai pas le rapport sur le bureau et toujour l'ouverture automatique internet exploreur avec la fenetre ads regiepub et pub pour les sonnerie de portable j'ai essaye trois fois le script avec otl le resultat reste inchanger par contre les trois icone 2 desktop.ini et 1 thumbs.db ils avaient disparu lors du script precedent

oui je parle d'internet exploreur quand j'allume le PC la connection a la livebox ce fait automatiquement en wifi pendant le demarrage de windows cela a recommancer au bout quelque minute sur le bureau j'ai la page d'internet exploreur qui s'ouvre avec au debut dans l'url ads regiepub passe aussi tot un site de jeu ,cadeau,rencontre,la redoute avant que ce probleme pour naviguer sur internet je cliquai sur licone d'internet exploreur j'ai pas trouver la desinstallation de AD WARE donc le fait sur SPYBOT il a utilitaire de desinstallation appriorie j'ai du mal faire je l'ai vu aussi dans le rapport je m'en occupe apres je fait le script que tu vien de mettre par contre question quand je vais sur le systeme 32 il y DRVSTORE QUI EST EN SURBRILLANCE BLEU ET DEUX FICHIERS AUSSI EN BRILLANCE

OTL logfile created on: 21/01/2011 13:01:10 - Run 4 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\GEANT\Desktop\anti virus 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 157,77 Gb Total Space | 29,25 Gb Free Space | 18,54% Space Free | Partition Type: NTFS Drive D: | 128,22 Gb Total Space | 12,22 Gb Free Space | 9,53% Space Free | Partition Type: NTFS Computer Name: DIDIER-PC | User Name: GEANT | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/20 12:56:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GEANT\Desktop\anti virus\OTL.exe PRC - [2011/01/17 19:07:43 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011/01/17 19:07:42 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/12/27 10:53:51 | 000,629,336 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe PRC - [2010/12/27 10:53:38 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe PRC - [2010/12/09 10:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\cspep\cspep.exe PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010/08/24 10:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2010/08/04 16:18:56 | 000,966,656 | ---- | M] (PCTUTO) -- C:\Program Files (x86)\PCTuto\pctuto.exe PRC - [2009/11/03 05:22:51 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/10/29 12:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009/10/22 03:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe PRC - [2009/10/13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/09/10 14:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009/08/18 10:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009/08/04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2009/06/18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe PRC - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2007/06/20 22:04:22 | 000,046,432 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\WkCalRem.exe ========== Modules (SafeList) ========== MOD - [2011/01/20 12:56:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GEANT\Desktop\anti virus\OTL.exe MOD - [2011/01/20 10:08:16 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010/10/13 11:41:06 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:64bit: - [2010/10/13 11:41:04 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:64bit: - [2010/01/19 16:49:16 | 000,055,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc) SRV:64bit: - [2009/10/29 20:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 02:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp) SRV:64bit: - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2011/01/17 19:07:42 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2009/09/10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2009/07/14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2009/07/14 02:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp) SRV - [2009/06/18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc) SRV - [2009/06/18 02:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2010/11/22 09:50:19 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:64bit: - [2010/10/05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2010/04/03 09:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150) DRV:64bit: - [2009/11/13 09:47:38 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009/10/13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/09/22 00:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2009/09/02 17:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/08/21 10:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 01:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) Protocole RMCAST (multidiffusion fiable) DRV:64bit: - [2009/06/18 13:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/06/15 12:45:35 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2009/06/15 12:45:35 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake) DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009/06/02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009/06/02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2007/02/16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV - [2010/11/22 09:50:21 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2009/09/02 02:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009/03/26 04:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: reducbarre@reducbarre.com:1.1 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/15 10:00:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/15 10:00:42 | 000,000,000 | ---D | M] [2010/12/07 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Extensions [2010/12/07 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011/01/20 21:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Firefox\Profiles\h80luezw.default\extensions [2011/01/06 12:59:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/05/25 12:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/17 00:55:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/27 03:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/01/06 12:59:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\GEANT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H80LUEZW.DEFAULT\EXTENSIONS\REDUCBARRE@REDUCBARRE.COM [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/06/12 02:05:49 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml [2010/06/12 02:05:49 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/06/12 02:05:49 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml [2010/06/12 02:05:49 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/06/12 02:05:49 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/21 11:01:37 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation) O4 - HKLM..\Run: [PCTuto] C:\Program Files (x86)\PCTuto\pctuto.exe (PCTUTO) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [bamboo Dock] C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe () O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe () O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WkCalRem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: jingoo.com ([www] http in Sites de confiance) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/01/20 21:14:18 | 000,000,000 | ---D | C] -- C:\_OTL [2011/01/20 01:02:42 | 000,000,000 | ---D | C] -- C:\Users\GEANT\Desktop\anti virus [2011/01/19 23:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/01/18 18:43:56 | 000,000,000 | ---D | C] -- C:\Users\GEANT\ZHP [2011/01/17 19:03:24 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2011/01/17 19:03:21 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011/01/17 19:01:57 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Local\Sunbelt Software [2011/01/17 19:01:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D} [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Lavasoft [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2011/01/15 22:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\ZHP [2011/01/15 22:09:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/01/15 17:07:53 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Malwarebytes [2011/01/15 17:07:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Malwarebytes' Anti-Malware [2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/15 17:07:44 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/01/15 17:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/01/14 18:14:11 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/01/13 19:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Galaxy 2 Demo 64-bit [2011/01/13 19:33:39 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\ThePluginSite [2011/01/13 19:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\PluginGalaxy2Demo_64bit [2011/01/13 19:23:26 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVBVM50.DLL [2011/01/13 19:23:26 | 000,304,640 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imgman32.dll [2011/01/13 19:23:26 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Comdlg32.ocx [2011/01/13 19:23:26 | 000,067,072 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31jpg.dil [2011/01/13 19:23:26 | 000,059,392 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imhost32.dll [2011/01/13 19:23:26 | 000,035,840 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31bmp.dil [2011/01/13 19:23:26 | 000,032,256 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31xbmp.del [2011/01/13 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Commander Light [2011/01/13 19:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plugin Commander Light [2011/01/12 22:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Auto FX Software [2011/01/12 22:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto FX Software [2011/01/12 11:12:43 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011/01/12 11:12:43 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011/01/12 11:12:43 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011/01/12 11:12:43 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011/01/12 11:12:43 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011/01/12 11:12:43 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/01/12 11:12:42 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011/01/12 11:12:42 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011/01/12 11:12:42 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/01/12 11:12:42 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/01/12 11:12:42 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011/01/12 11:12:42 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/01/12 11:12:41 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011/01/12 11:12:41 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011/01/12 11:12:41 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011/01/12 11:12:41 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011/01/12 11:12:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011/01/12 11:12:41 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011/01/12 11:12:41 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011/01/12 11:12:41 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011/01/12 11:12:34 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011/01/12 11:12:34 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011/01/11 19:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\cspep [2011/01/09 11:53:03 | 000,000,000 | ---D | C] -- C:\Windows\fr [2011/01/09 11:52:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Windows Live [2011/01/09 11:50:38 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2011/01/09 11:50:38 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2011/01/09 11:50:37 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2011/01/09 11:50:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2011/01/09 00:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2011/01/06 16:46:38 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1 [2011/01/06 13:38:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo [2011/01/06 12:59:13 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/01/06 12:59:13 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/01/06 12:59:13 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010/12/29 14:18:17 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wtablet [2010/12/27 11:23:30 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Bamboo Explore [2010/12/27 11:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Explore [2010/12/27 10:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom [2010/12/27 10:53:49 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 [2010/12/27 10:53:46 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Wacom [2010/12/27 10:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo Dock [2010/12/27 10:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock [2010/12/27 10:51:51 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll [2010/12/27 10:51:51 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll [2010/12/27 10:51:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2010/12/27 10:51:05 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys [2010/12/27 10:50:58 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys [2010/12/27 10:50:56 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys [2010/12/27 10:50:52 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll [2010/12/27 10:50:51 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll [2010/12/27 10:50:51 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll [2010/12/27 10:50:50 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll [2010/12/27 10:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet [2009/11/03 05:04:33 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2011/01/21 13:00:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/21 12:51:03 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/21 12:51:03 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/21 12:45:55 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011/01/21 12:42:07 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/21 12:41:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/21 12:41:46 | 3166,154,752 | -HS- | M] () -- C:\hiberfil.sys [2011/01/21 11:01:37 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2011/01/21 10:45:42 | 002,103,956 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/21 10:45:42 | 000,913,350 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/01/21 10:45:42 | 000,805,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/21 10:45:42 | 000,209,296 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/01/21 10:45:42 | 000,173,428 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/20 10:37:26 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [2011/01/19 23:10:40 | 000,144,945 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011 [2011/01/18 17:03:05 | 000,143,246 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport [2011/01/17 19:07:59 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe [2011/01/17 19:03:21 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011/01/17 19:01:21 | 000,001,142 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/01/15 22:33:30 | 000,001,214 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Gestion Commerciale.lnk [2011/01/15 22:33:30 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Gestion Commerciale.lnk [2011/01/14 18:14:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011/01/13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/01/13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011/01/13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011/01/13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011/01/13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011/01/12 23:26:08 | 004,922,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/01/12 22:14:55 | 000,000,081 | ---- | M] () -- C:\Windows\s01on [2011/01/10 13:45:45 | 000,405,078 | ---- | M] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg [2011/01/10 13:45:45 | 000,001,456 | ---- | M] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2011/01/10 13:38:44 | 000,442,478 | ---- | M] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg [2011/01/10 13:25:15 | 000,461,063 | ---- | M] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg [2011/01/10 13:23:25 | 000,000,821 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2011/01/10 13:15:39 | 000,171,743 | ---- | M] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg [2011/01/08 19:03:57 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT [2011/01/06 19:46:44 | 000,078,684 | ---- | M] () -- C:\Users\GEANT\Documents\Backup.tabletprefs [2010/12/29 19:20:49 | 730,086,228 | ---- | M] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd ========== Files Created - No Company Name ========== [2011/01/21 12:45:55 | 000,000,396 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011/01/19 23:10:40 | 000,144,945 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011 [2011/01/18 17:03:05 | 000,143,246 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport [2011/01/17 23:51:09 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2011/01/17 19:01:21 | 000,001,142 | ---- | C] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/01/13 19:23:26 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll [2011/01/12 20:18:09 | 000,000,081 | ---- | C] () -- C:\Windows\s01on [2011/01/10 13:45:45 | 000,405,078 | ---- | C] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg [2011/01/10 13:38:44 | 000,442,478 | ---- | C] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg [2011/01/10 13:25:14 | 000,461,063 | ---- | C] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg [2011/01/10 13:15:38 | 000,171,743 | ---- | C] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg [2011/01/08 15:22:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/01/06 19:46:44 | 000,078,684 | ---- | C] () -- C:\Users\GEANT\Documents\Backup.tabletprefs [2010/12/29 19:18:26 | 730,086,228 | ---- | C] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd [2010/12/27 10:52:49 | 000,000,002 | ---- | C] () -- C:\Users\GEANT\.bdockinstall.log [2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml [2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml [2010/11/03 10:30:43 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI [2010/10/30 23:41:44 | 000,004,912 | ---- | C] () -- C:\ProgramData\mnjemahv.gza [2010/10/30 23:32:17 | 000,004,948 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik [2010/10/30 23:32:17 | 000,004,923 | ---- | C] () -- C:\ProgramData\drctchbl.xvi [2010/10/07 09:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Workflows [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Work - Home [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\filter [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\docInfo [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\deskjet [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\business-inkjet [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Ambient [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Alerts [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Action [2010/06/11 16:54:34 | 002,082,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/06/03 15:23:31 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini [2010/05/17 17:51:07 | 000,000,017 | ---- | C] () -- C:\Users\GEANT\AppData\Local\resmon.resmoncfg [2010/05/17 13:00:58 | 000,001,456 | ---- | C] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/05/14 17:28:40 | 000,000,132 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\Préfs Filtre IllExportation Adobe CS5 [2010/03/09 11:43:18 | 000,005,120 | ---- | C] () -- C:\Users\GEANT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/05 23:58:39 | 000,000,858 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\wklnhst.dat [2009/12/15 01:42:44 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2009/12/15 01:42:44 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009/12/05 17:09:38 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009/12/05 17:09:38 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2009/11/03 05:32:49 | 000,008,415 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log [2009/11/03 05:04:12 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll < End of report >

la je viens de le rallumer la pub n'est pas arriver sans que me connecte a exploreur par contre dés que je me suis connecter la deuxieme page cet ouverte url commence adsregiepub cela ne s'affiche pas passe a url Vérificateur d'orthographe la premiere je n'arrive pas la choper elle en instantaner je fais le scanne A+

J'ai relancer le script ce coup la il y abien eu la demande de redammarage et le bloc note quand ça à rebooter la page de regiepub est revenu All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{22e03916-85c5-44b0-8dc9-1830c11238d9} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found. File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b80f591e-fe9a-46cf-a13e-180377240586} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b80f591e-fe9a-46cf-a13e-180377240586}\ not found. File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c44f9e21-d93f-490c-b41c-b3548bdd19fc} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found. File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{22e03916-85c5-44b0-8dc9-1830c11238d9} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found. File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b80f591e-fe9a-46cf-a13e-180377240586} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b80f591e-fe9a-46cf-a13e-180377240586}\ not found. File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c44f9e21-d93f-490c-b41c-b3548bdd19fc} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found. File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found. File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{357ADA38-B41F-4432-9F10-5638FA4A75AD}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{357ADA38-B41F-4432-9F10-5638FA4A75AD}\ not found. File C:\Program Files (x86)\ReducBarre\ReducBarre.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b80f591e-fe9a-46cf-a13e-180377240586}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b80f591e-fe9a-46cf-a13e-180377240586}\ not found. File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found. File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1660B308-BECB-4062-890D-396B2FBBC8CA} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1660B308-BECB-4062-890D-396B2FBBC8CA}\ not found. File C:\Program Files (x86)\ReducBarre\ReducBarre.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{22e03916-85c5-44b0-8dc9-1830c11238d9} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found. File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b80f591e-fe9a-46cf-a13e-180377240586} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b80f591e-fe9a-46cf-a13e-180377240586}\ not found. File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c44f9e21-d93f-490c-b41c-b3548bdd19fc} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found. File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1660B308-BECB-4062-890D-396B2FBBC8CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1660B308-BECB-4062-890D-396B2FBBC8CA}\ not found. File C:\Program Files (x86)\ReducBarre\ReducBarre.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{22E03916-85C5-44B0-8DC9-1830C11238D9} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22E03916-85C5-44B0-8DC9-1830C11238D9}\ not found. File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B80F591E-FE9A-46CF-A13E-180377240586} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B80F591E-FE9A-46CF-A13E-180377240586}\ not found. File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C44F9E21-D93F-490C-B41C-B3548BDD19FC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}\ not found. File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BEWINTERNET-FR-DMGP-V2SessionManager deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found. File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found. File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found. File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\ deleted successfully. C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82d2c6ca-9f00-11df-9649-00262293df2f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82d2c6ca-9f00-11df-9649-00262293df2f}\ not found. File F:\AutoRunCardDetector.exe not found. ADS C:\ProgramData\Temp:AB689DEA deleted successfully. ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully. ADS C:\ProgramData\Temp:4D066AD2 deleted successfully. ADS C:\ProgramData\Temp:93DE1838 deleted successfully. ADS C:\ProgramData\Temp:370EF5E8 deleted successfully. ADS C:\ProgramData\Temp:0B9176C0 deleted successfully. ADS C:\ProgramData\Temp:E3C56885 deleted successfully. ADS C:\ProgramData\Temp:E1F04E8D deleted successfully. ADS C:\ProgramData\Temp:ABE89FFE deleted successfully. ADS C:\ProgramData\Temp:4CF61E54 deleted successfully. ADS C:\ProgramData\Microsoft:ksIB5GmrV8jrJpMwDeXHwNDJXLcN deleted successfully. ADS C:\ProgramData\Microsoft:ry6tCUwWVnZbcmjP4Aa82DiYZUUjf deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== File\Folder C:\Program Files (x86)\Productivity_2.1 not found. C:\Program Files (x86)\Elf_1.13 folder moved successfully. C:\Program Files (x86)\ConduitEngine folder moved successfully. File\Folder C:\Program Files (x86)\Elf_1 not found. C:\Users\GEANT\AppData\Local\Conduit\CT2857573 folder moved successfully. C:\Users\GEANT\AppData\Local\Conduit folder moved successfully. C:\jre-6u22-windows-i586-iftw-rv.exe moved successfully. C:\QuickTimeInstaller.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Classic .NET AppPool ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41620 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33472 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: GEANT ->Temp folder emptied: 12109485 bytes ->Temporary Internet Files folder emptied: 356862313 bytes ->Java cache emptied: 3049592 bytes ->FireFox cache emptied: 42952363 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 102665 bytes User: Invité ->Temp folder emptied: 3275145 bytes ->Temporary Internet Files folder emptied: 31590069 bytes ->Java cache emptied: 9341 bytes ->FireFox cache emptied: 65784681 bytes ->Flash cache emptied: 23456 bytes User: photogaphe didier User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1738097 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67910 bytes RecycleBin emptied: 12352163655 bytes Total Files Cleaned = 12 274,00 mb [EMPTYFLASH] User: All Users User: Classic .NET AppPool ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: GEANT ->Flash cache emptied: 0 bytes User: Invité ->Flash cache emptied: 0 bytes User: photogaphe didier User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.2 log created on 01212011_105935 Files\Folders moved on Reboot... C:\Users\GEANT\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Windows\temp\_avast5_\Webshlock.txt not found! Registry entries deleted on Reboot...

Bonjour quand j'ai allumer mon PC ce matin il y a regiepub qui ces ouvert avant de me connecter a exploreur et quand ouvert la page d'acceuil d'orange pas de probleme mais quand j'ai clicquer sur la messagerie ma mis un message d'alerte qui logiciel mal veillant dysfonctionnement j'attend ta reponse pour relancer le script

j'ai suivi t'ai instruction pour le dernier reducbarre je ne l'ai pas trouvé sur supprimer des programe j'ai une recherche sur tous les programme et quand je l'ai desinstaller avast a envoyer un message de bloquage suite a ton script le PC a redemarre et sur le burau 3 nouveau fichiers 2 desktop.ini et thumbs.db je te remercie de ton attention Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/15 21:57:25 | 000,001,029 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts 01 - Hosts: 127.0.0.1 O1 - Hosts: 127.0.0.1 O1 - Hosts: 127.0.0.1 adstream.com O1 - Hosts: 127.0.0.1 adstream.every.com O1 - Hosts: O1 - Hosts: Listen 12.34.56.78:80 O1 - Hosts: Listen 80 O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1660B308-BECB-4062-890D-396B2FBBC8CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [bEWINTERNET-FR-DMGP-V2SessionManager] File not found O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation) O4 - HKLM..\Run: [PCTuto] C:\Program Files (x86)\PCTuto\pctuto.exe (PCTUTO) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [bamboo Dock] C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe () O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe () O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WkCalRem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: jingoo.com ([www] http in Sites de confiance) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\Shell - "" = AutoRun O33 - MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/01/20 21:14:18 | 000,000,000 | ---D | C] -- C:\_OTL [2011/01/20 01:02:42 | 000,000,000 | ---D | C] -- C:\Users\GEANT\Desktop\anti virus [2011/01/19 23:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/01/18 18:43:56 | 000,000,000 | ---D | C] -- C:\Users\GEANT\ZHP [2011/01/17 19:03:24 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2011/01/17 19:03:21 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011/01/17 19:01:57 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Local\Sunbelt Software [2011/01/17 19:01:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D} [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Lavasoft [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2011/01/15 22:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\ZHP [2011/01/15 22:09:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/01/15 17:07:53 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Malwarebytes [2011/01/15 17:07:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Malwarebytes' Anti-Malware [2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/15 17:07:44 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/01/15 17:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/01/14 18:14:11 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/01/13 19:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Galaxy 2 Demo 64-bit [2011/01/13 19:33:39 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\ThePluginSite [2011/01/13 19:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\PluginGalaxy2Demo_64bit [2011/01/13 19:23:26 | 000,304,640 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imgman32.dll [2011/01/13 19:23:26 | 000,067,072 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31jpg.dil [2011/01/13 19:23:26 | 000,059,392 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imhost32.dll [2011/01/13 19:23:26 | 000,035,840 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31bmp.dil [2011/01/13 19:23:26 | 000,032,256 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31xbmp.del [2011/01/13 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Commander Light [2011/01/13 19:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plugin Commander Light [2011/01/12 22:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Auto FX Software [2011/01/12 22:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto FX Software [2011/01/12 13:58:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elf_1.13 [2011/01/11 19:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\cspep [2011/01/09 20:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine [2011/01/09 20:47:55 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Local\Conduit [2011/01/09 11:53:03 | 000,000,000 | ---D | C] -- C:\Windows\fr [2011/01/09 11:52:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Windows Live [2011/01/09 00:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2011/01/06 16:46:38 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1 [2011/01/06 13:38:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo [2010/12/29 14:18:17 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wtablet [2010/12/27 11:23:30 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Bamboo Explore [2010/12/27 11:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Explore [2010/12/27 10:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom [2010/12/27 10:53:49 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 [2010/12/27 10:53:46 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Wacom [2010/12/27 10:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo Dock [2010/12/27 10:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock [2010/12/27 10:51:51 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll [2010/12/27 10:51:51 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll [2010/12/27 10:51:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2010/12/27 10:51:05 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys [2010/12/27 10:50:58 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys [2010/12/27 10:50:56 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys [2010/12/27 10:50:52 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll [2010/12/27 10:50:51 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll [2010/12/27 10:50:51 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll [2010/12/27 10:50:50 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll [2010/12/27 10:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet [2010/12/22 11:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\iTunes [2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2009/11/03 05:04:33 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2011/01/20 21:16:15 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/20 21:00:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/20 20:57:05 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/20 20:57:05 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/20 20:49:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/20 20:49:10 | 3166,154,752 | -HS- | M] () -- C:\hiberfil.sys [2011/01/20 10:37:26 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [2011/01/19 23:10:40 | 000,144,945 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011 [2011/01/18 23:49:57 | 002,103,956 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/18 23:49:57 | 000,913,350 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/01/18 23:49:57 | 000,805,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/18 23:49:57 | 000,209,296 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/01/18 23:49:57 | 000,173,428 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/18 17:03:05 | 000,143,246 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport [2011/01/17 19:07:59 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe [2011/01/17 19:03:21 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011/01/17 19:01:21 | 000,001,142 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/01/15 22:33:30 | 000,001,214 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Gestion Commerciale.lnk [2011/01/15 22:33:30 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Gestion Commerciale.lnk [2011/01/14 18:14:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011/01/13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/01/13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011/01/13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011/01/13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011/01/13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011/01/12 23:26:08 | 004,922,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/01/12 22:14:55 | 000,000,081 | ---- | M] () -- C:\Windows\s01on [2011/01/10 13:45:45 | 000,405,078 | ---- | M] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg [2011/01/10 13:45:45 | 000,001,456 | ---- | M] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2011/01/10 13:38:44 | 000,442,478 | ---- | M] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg [2011/01/10 13:25:15 | 000,461,063 | ---- | M] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg [2011/01/10 13:23:25 | 000,000,821 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2011/01/10 13:15:39 | 000,171,743 | ---- | M] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg [2011/01/08 19:03:57 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT [2011/01/06 19:46:44 | 000,078,684 | ---- | M] () -- C:\Users\GEANT\Documents\Backup.tabletprefs [2010/12/29 19:20:49 | 730,086,228 | ---- | M] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd ========== Files Created - No Company Name ========== [2011/01/19 23:10:40 | 000,144,945 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011 [2011/01/18 17:03:05 | 000,143,246 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport [2011/01/17 23:51:09 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2011/01/17 19:01:21 | 000,001,142 | ---- | C] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/01/13 19:23:26 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll [2011/01/12 20:18:09 | 000,000,081 | ---- | C] () -- C:\Windows\s01on [2011/01/10 13:45:45 | 000,405,078 | ---- | C] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg [2011/01/10 13:38:44 | 000,442,478 | ---- | C] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg [2011/01/10 13:25:14 | 000,461,063 | ---- | C] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg [2011/01/10 13:15:38 | 000,171,743 | ---- | C] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg [2011/01/08 15:22:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/01/06 19:46:44 | 000,078,684 | ---- | C] () -- C:\Users\GEANT\Documents\Backup.tabletprefs [2010/12/29 19:18:26 | 730,086,228 | ---- | C] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd [2010/12/27 10:52:49 | 000,000,002 | ---- | C] () -- C:\Users\GEANT\.bdockinstall.log [2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml [2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml [2010/11/03 10:30:43 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI [2010/10/30 23:41:44 | 000,004,912 | ---- | C] () -- C:\ProgramData\mnjemahv.gza [2010/10/30 23:32:17 | 000,004,948 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik [2010/10/30 23:32:17 | 000,004,923 | ---- | C] () -- C:\ProgramData\drctchbl.xvi [2010/10/07 09:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Workflows [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Work - Home [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\filter [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\docInfo [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\deskjet [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\business-inkjet [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Ambient [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Alerts [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Action [2010/06/11 16:54:34 | 002,082,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/06/03 15:23:31 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini [2010/05/17 17:51:07 | 000,000,017 | ---- | C] () -- C:\Users\GEANT\AppData\Local\resmon.resmoncfg [2010/05/17 13:00:58 | 000,001,456 | ---- | C] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/05/14 17:28:40 | 000,000,132 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\Préfs Filtre IllExportation Adobe CS5 [2010/03/09 11:43:18 | 000,005,120 | ---- | C] () -- C:\Users\GEANT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/05 23:58:39 | 000,000,858 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\wklnhst.dat [2009/12/15 01:42:44 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2009/12/15 01:42:44 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009/12/05 17:09:38 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009/12/05 17:09:38 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2009/11/03 05:32:49 | 000,008,415 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log [2009/11/03 05:04:12 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2010/03/16 22:29:03 | 000,000,000 | -HSD | M] -- C:\Users\GEANT\AppData\Roaming\.# [2010/03/05 17:42:10 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\ACD Systems [2010/12/27 11:38:18 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Bamboo Explore [2010/05/14 21:33:42 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010/11/30 12:29:36 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2011/01/06 16:46:41 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1 [2010/11/20 11:35:53 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\DxO Labs [2010/03/09 21:09:36 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\eSobi [2011/01/19 22:27:00 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\FileZilla [2010/03/06 00:03:10 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\GameConsole [2010/05/21 11:00:00 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\inkscape [2010/10/30 23:41:45 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Need4Video [2010/10/28 17:12:29 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Nikon [2010/08/03 22:34:41 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\OpenCandy [2010/05/25 12:40:38 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\OpenOffice.org [2010/05/14 17:31:58 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Opera [2010/11/20 11:30:22 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PACE Anti-Piracy [2010/11/17 15:45:48 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PCtuto [2010/03/11 17:59:06 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PlayFirst [2010/05/14 17:27:33 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010/05/21 13:45:09 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Subversion [2010/03/09 21:07:39 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Template [2011/01/13 19:33:39 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\ThePluginSite [2010/12/07 20:51:56 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\TomTom [2010/09/20 13:33:53 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\UDC Profiles [2010/05/22 00:58:42 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\VTC Preferences Folder [2010/12/27 10:53:46 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Wacom [2010/12/27 10:53:49 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 [2010/04/01 19:35:13 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Windows Live Writer [2010/11/17 08:52:12 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\XnView [2011/01/05 11:37:05 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838 @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:370EF5E8 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0 @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54 @Alternate Data Stream - 1160 bytes -> C:\ProgramData\Microsoft:ksIB5GmrV8jrJpMwDeXHwNDJXLcN @Alternate Data Stream - 1038 bytes -> C:\ProgramData\Microsoft:ry6tCUwWVnZbcmjP4Aa82DiYZUUjf < End of report >

Comme tu a pu le voir j'ai essaye de faire passer sur l host les 2 adstream qui n'arretais de s'ouvrir sa revient quand memes avec un d'erreur si ça peut aide l'onglet de qui s'ouvre tous seul cela ce produit uniquement a l'allumage du PC cordiaOTL Extras logfile created on: 20/01/2011 13:02:10 - Run 1 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\GEANT\Desktop\anti virus 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 157,77 Gb Total Space | 21,92 Gb Free Space | 13,90% Space Free | Partition Type: NTFS Drive D: | 128,22 Gb Total Space | 11,00 Gb Free Space | 8,58% Space Free | Partition Type: NTFS Computer Name: DIDIER-PC | User Name: GEANT | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\PROGRAM FILES (X86)\OPERA\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\PROGRAM FILES (X86)\OPERA\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [ACDSee Pro 2.5.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe" "%1" (ACD Systems) Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" File not found Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Parcourir avec XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee Pro 2.5.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe" "%1" (ACD Systems) Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Parcourir avec XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02412CEB-47C0-4157-80DE-6E96AAE67604}" = MySQL Server 5.1 "{08ECC740-2B3E-45D7-860C-59B511386286}" = Microsoft SQL Server 2008 Management Objects "{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool "{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit "{15330009-F590-4069-A5A6-B11145E6B7CB}" = SQL Server 2008 R2 Database Engine Shared "{19BDC40F-C6F0-4333-9838-1907EB4E7192}" = Gestionnaire de bases de données IIS "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit) "{2D57CBA4-B412-4471-BAB8-C9708336DE4D}" = Application Warm-Up 1.0 for IIS 7.5 "{2D766E70-7670-41A8-B370-1E09084ABA5D}" = SQL Server System CLR Types "{307C0B73-3CCD-37A7-AE65-AD296CC28ECB}" = Microsoft Help Viewer 1.0 Language Pack - FRA "{308350C4-5DA5-4035-A69B-12600021C9FA}" = Fichiers de support d'installation de Microsoft SQL Server 2008 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 Common Files "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{4F11656E-9861-4A97-B224-CFF2996998C6}" = Microsoft External Cache Version 1 for IIS 7 "{58749A25-6D67-41A2-9B55-E4DD26B0676F}" = IIS Advanced Logging 1.0 "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{74AF6D20-B0B5-4DA0-9857-57CA74261170}" = Microsoft SQL Server VSS Writer "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support "{9B9DBB81-1F48-48B0-8CB3-051311DC73F7}" = Adobe Photoshop Lightroom 2.7 64-bit "{A00D565A-A0CA-4634-AD48-8D266F00AA6A}" = Microsoft Web Farm Framework Version 1 for IIS 7 "{A05A03B9-CCDC-4F13-B819-2C9B16A527D0}" = SQL Server 2008 R2 Database Engine Services "{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 Database Engine Shared "{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{B02539D8-7AAB-4661-AF72-46AF0657CA67}" = Microsoft SQL Server 2008 R2 Native Client "{B4EACFB2-33AB-47E5-B395-1EBCBB29C097}" = Mystical Demo "{B67C01B3-8502-4BE7-AEAB-BBDE910AD3EE}" = Microsoft Web Platform Installer 2.0 "{BB57A765-FFFE-498B-8C1E-6C9CE2AB92BA}" = Microsoft SQL Server 2008 R2 RsFx Driver "{BC5929D3-9D88-4B35-8E37-CD1F2849292C}" = IIS Search Engine Optimization Toolkit 1.0 "{BC7A7F2D-0E85-491A-AA6C-B894B32281FA}" = Installation de Microsoft SQL Server 2008 R2 (Français) "{BE40A626-2967-40F3-9D6B-810511AF76BE}" = Microsoft Dynamic IP Restrictions for IIS 7 - Beta "{C066EDB1-1056-40D5-A893-E808DFAC367D}" = SQL Server 2008 R2 Common Files "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour "{E8596950-75C6-4A5D-970D-7A6BCF4455C8}" = Microsoft Application Request Routing Version 2 for IIS 7 "{EB675D0A-2C95-405B-BEE8-B42A65D23E11}" = IIS URL Rewrite Module 2 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program "{F48F43AA-721D-335F-9CA2-01D910104560}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - FRA "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 Database Engine Services "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "FA0E92D326D8A9086CFF1B06B2D2BED0E336D61A" = Package de pilotes Windows - Dai Nippon Printing DS40 (03/18/2010 3.1.0.0) "HDMI" = Intel® Graphics Media Accelerator Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft Help Viewer 1.0 Language Pack - FRA" = Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64 bits) "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64 bits) "Pen Tablet Driver" = Bamboo "Plugin Galaxy 2.01 Demo 64-bit Plugin_is1" = Plugin Galaxy 2.01 Demo 64-bit Plugin "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works "{0266CCBE-BBD8-416C-A48F-7FC47C6DB566}" = Microsoft SQL Server System CLR Types "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E6503AD-E0C8-4FCF-B920-BB9EAD506A11}" = Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools - FRA "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{1141FF5B-5750-4583-AB0A-F893B1D90364}" = Microsoft SQL Server Browser "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{15A60757-91A9-8875-17C4-7E5C4A7E17AF}" = Livebrush Mini "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1BF38C77-E678-49AF-885A-BBD10AED2FF3}" = ACDSee RAW Image Decoder Plug-In Update 4.0 "{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2 "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{25C11A11-C6AE-C717-41CA-3DA699F2A7B8}" = Bamboo Dock "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java 6 Update 18 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 23 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}" = ACDSee Pro 2.5 "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3BA7E387-9401-3371-9464-5E224D243FC5}" = Outils Microsoft Visual Studio 2010 ADO.NET Entity Framework "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3F92C742-08BE-9C7A-DF0C-3E1CD06C46C2}" = Sumo Paint Bamboo 2.2 "{3FF37A38-3781-493E-8EBF-BB143C843796}" = Microsoft Silverlight 3 SDK - Français "{41C9F369-7CA7-3013-A56E-4501CAF7B158}" = Microsoft Visual Web Developer 2010 Express - FRA "{42457D35-3946-4E5A-8D03-41F590999EB3}" = Microsoft SQL Server Driver for PHP 1.1 "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4EE72E74-53A6-4E82-905E-C2D19311287E}" = Microsoft ASP.NET MVC 2 - FRA "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5BDFAB82-060E-438B-AB4F-A2331B2294C0}" = Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools "{5FD88490-011C-4DF1-B886-F298D955171B}" = MySQL Connector Net 6.2.3 "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69B040CC-E9B1-4769-950E-87786C9E16AD}" = OpenOffice.org 3.2 "{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 "{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam "{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0 "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11028247}" = Cubis Gold 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console "{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92042FD5-5588-43A1-A2A7-DDF1979829D6}" = Windows Cache Extension 1.0 for PHP 5.2 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A73D6EC1-6FE9-4AA0-9AF5-6FB162E14431}" = PHP 5.2.13 "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.1 MUI "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4 "{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2 "{B01A7AFC-0356-43AF-A333-C65912AEA8DC}" = Objets de gestion Microsoft SQL Server 2008 R2 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B64A9435-8F83-41DF-891D-D82550A7C431}" = Mystical "{B66F0ED3-AE53-0771-AF8E-B04F29BE0BCC}" = MoodTuner "{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0 "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5 "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}" = Nikon File Uploader 2 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DA1B174B-4297-467C-9EF8-0AB8D4D5171E}" = Adobe After Effects CS5 "{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2 "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0 "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE531675-A09C-51DD-F356-ECA9D6857039}" = Adobe Community Help "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F967C307-F5BF-4EDA-9634-8CF514180881}" = DxO Optics Pro 6 "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "avast5" = avast! Free Antivirus "AVS Update Manager_is1" = AVS Update Manager 1.0 "Bamboo Dock" = Bamboo Dock 3.3 "Bamboo Explore" = Bamboo Explore "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.gugga.radiomini" = MoodTuner "com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1" = Livebrush Mini "com.sumopaint.bamboo.E63110E28E55D139F7D67D94E57B73BDB07BA618.1" = Sumo Paint Bamboo 2.2 "conduitEngine" = Conduit Engine "cspep_is1" = cspep.0 "Elf_1 Toolbar" = Elf 1 Toolbar "Elf_1.13 Toolbar" = Elf 1.13 Toolbar "GridVista" = Acer GridVista "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Identity Card" = Identity Card "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft Visual Web Developer 2010 Express - FRA" = Microsoft Visual Web Developer 2010 Express - Français "Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6) "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "pctuto_is1" = Tuto Photoshop1.0.0.0 "Pen Tablet Driver" = Bamboo "Picasa 3" = Picasa 3 "Plugin Commander Light 1.61_is1" = Plugin Commander Light 1.61 "Productivity_2.1 Toolbar" = Productivity 2.1 Toolbar "ReducBarre" = BuyObaB "TomTom HOME" = TomTom HOME 2.7.6.2056 "UpdatePCTuto_is1" = UpdatePCTuto 1.0 "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin "wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock "WinLiveSuite" = Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR "XnView_is1" = XnView 1.97.3 "ZHPDiag_is1" = ZHPDiag 1.27 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.3.5.1 "WINSCOP_GC" = WINSCOP_GC ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 05/10/2010 07:45:33 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:25 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:25 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:25 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:25 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:25 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:26 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:26 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:26 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . Error - 05/10/2010 09:57:26 | Computer Name = DIDIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . [ Media Center Events ] Error - 07/08/2010 12:30:48 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 18:30:47 - Erreur de connexion à Internet. 18:30:47 - Impossible de contacter le service.. Error - 07/08/2010 12:31:07 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 18:30:54 - Erreur de connexion à Internet. 18:30:54 - Impossible de contacter le service.. Error - 07/08/2010 13:31:48 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 19:31:48 - Erreur de connexion à Internet. 19:31:48 - Impossible de contacter le service.. Error - 07/08/2010 13:31:57 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 19:31:53 - Erreur de connexion à Internet. 19:31:53 - Impossible de contacter le service.. Error - 08/08/2010 09:24:19 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 15:24:19 - Erreur de connexion à Internet. 15:24:19 - Impossible de contacter le service.. Error - 08/08/2010 09:24:30 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 15:24:24 - Erreur de connexion à Internet. 15:24:24 - Impossible de contacter le service.. Error - 14/11/2010 05:30:55 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 10:30:54 - Erreur de connexion à Internet. 10:30:55 - Impossible de contacter le service.. Error - 14/11/2010 06:35:27 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 11:35:27 - Erreur de connexion à Internet. 11:35:27 - Impossible de contacter le service.. Error - 14/11/2010 07:36:02 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 12:36:02 - Erreur de connexion à Internet. 12:36:02 - Impossible de contacter le service.. Error - 14/11/2010 08:36:54 | Computer Name = DIDIER-PC | Source = MCUpdate | ID = 0 Description = 13:36:54 - Erreur de connexion à Internet. 13:36:54 - Impossible de contacter le service.. [ System Events ] Error - 19/01/2011 17:19:39 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0. Error - 19/01/2011 17:19:48 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0. Error - 19/01/2011 17:19:56 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0. Error - 19/01/2011 17:20:05 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0. Error - 19/01/2011 17:20:14 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0. Error - 19/01/2011 17:20:22 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0. Error - 19/01/2011 17:20:31 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0. Error - 19/01/2011 17:20:38 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 19/01/2011 17:20:45 | Computer Name = DIDIER-PC | Source = cdrom | ID = 262151 Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux. Error - 19/01/2011 18:07:58 | Computer Name = DIDIER-PC | Source = Application Popup | ID = 1060 Description = Le chargement de \??\C:\Users\GEANT\AppData\Local\Temp\mbr.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. < End of report > lement

OTL logfile created on: 20/01/2011 13:31:17 - Run 1 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\GEANT\Desktop\anti virus 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 157,77 Gb Total Space | 21,92 Gb Free Space | 13,90% Space Free | Partition Type: NTFS Drive D: | 128,22 Gb Total Space | 11,00 Gb Free Space | 8,58% Space Free | Partition Type: NTFS Computer Name: DIDIER-PC | User Name: GEANT | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/20 12:56:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GEANT\Desktop\anti virus\OTL.exe PRC - [2011/01/17 19:07:43 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011/01/17 19:07:42 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/12/27 10:53:51 | 000,629,336 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe PRC - [2010/12/27 10:53:38 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe PRC - [2010/12/09 10:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\cspep\cspep.exe PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010/08/24 10:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2010/08/04 16:18:56 | 000,966,656 | ---- | M] (PCTUTO) -- C:\Program Files (x86)\PCTuto\pctuto.exe PRC - [2009/11/03 05:22:51 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/10/29 12:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009/10/22 03:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe PRC - [2009/10/13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/09/10 14:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009/08/18 10:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009/08/04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2009/06/18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2007/06/20 22:04:22 | 000,046,432 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\WkCalRem.exe ========== Modules (SafeList) ========== MOD - [2011/01/20 12:56:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GEANT\Desktop\anti virus\OTL.exe MOD - [2011/01/20 10:08:16 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010/10/13 11:41:06 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:64bit: - [2010/10/13 11:41:04 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:64bit: - [2010/01/19 16:49:16 | 000,055,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc) SRV:64bit: - [2009/10/29 20:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 02:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp) SRV:64bit: - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2011/01/17 19:07:42 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2009/09/10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2009/07/14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2009/07/14 02:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp) SRV - [2009/06/18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc) SRV - [2009/06/18 02:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2010/11/22 09:50:19 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:64bit: - [2010/10/05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2010/04/03 09:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150) DRV:64bit: - [2009/11/13 09:47:38 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009/10/13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/09/22 00:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2009/09/02 17:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/08/21 10:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 01:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) Protocole RMCAST (multidiffusion fiable) DRV:64bit: - [2009/06/18 13:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/06/15 12:45:35 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2009/06/15 12:45:35 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake) DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009/06/02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009/06/02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2007/02/16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV - [2010/11/22 09:50:21 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2009/09/02 02:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009/03/26 04:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE - HKLM\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKCU\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: reducbarre@reducbarre.com:1.1 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/15 10:00:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/15 10:00:42 | 000,000,000 | ---D | M] [2010/12/07 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Extensions [2010/12/07 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2010/10/30 23:30:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Firefox\Profiles\h80luezw.default\extensions [2010/08/03 22:34:51 | 000,000,000 | ---D | M] (BuyObaB) -- C:\Users\GEANT\AppData\Roaming\mozilla\Firefox\Profiles\h80luezw.default\extensions\reducbarre@reducbarre.com [2011/01/06 12:59:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/05/25 12:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/17 00:55:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/27 03:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/01/06 12:59:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/06/12 02:05:49 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml [2010/06/12 02:05:49 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/06/12 02:05:49 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml [2010/06/12 02:05:49 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/06/12 02:05:49 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/15 21:57:25 | 000,001,029 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: O1 - Hosts: O1 - Hosts: 127.0.0.1 adstream.com O1 - Hosts: 127.0.0.1 adstream.every.com O1 - Hosts: O1 - Hosts: Listen 12.34.56.78:80 O1 - Hosts: Listen 80 O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2 - BHO: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (ReducBarreHelper Class) - {357ADA38-B41F-4432-9F10-5638FA4A75AD} - C:\Program Files (x86)\ReducBarre\ReducBarre.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (Elf 1.13 Toolbar) - {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.) O2 - BHO: (Productivity 2.1 Toolbar) - {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (BuyObaB) - {1660B308-BECB-4062-890D-396B2FBBC8CA} - C:\Program Files (x86)\ReducBarre\ReducBarre.dll () O3 - HKLM\..\Toolbar: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Elf 1.13 Toolbar) - {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Productivity 2.1 Toolbar) - {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (BuyObaB) - {1660B308-BECB-4062-890D-396B2FBBC8CA} - C:\Program Files (x86)\ReducBarre\ReducBarre.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Elf 1 Toolbar) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Elf 1.13 Toolbar) - {B80F591E-FE9A-46CF-A13E-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Productivity 2.1 Toolbar) - {C44F9E21-D93F-490C-B41C-B3548BDD19FC} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [bEWINTERNET-FR-DMGP-V2SessionManager] File not found O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation) O4 - HKLM..\Run: [PCTuto] C:\Program Files (x86)\PCTuto\pctuto.exe (PCTUTO) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [bamboo Dock] C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe () O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe () O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WkCalRem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: jingoo.com ([www] http in Sites de confiance) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\Shell - "" = AutoRun O33 - MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: VIDC.ACDV - File not found Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: VIDC.ACDV - ACDV.dll File not found Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.dvsd - pdvcodec.dll File not found Drivers32: vidc.i420 - i420vfw.dll File not found Drivers32: vidc.yv12 - yv12vfw.dll File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/01/20 01:02:42 | 000,000,000 | ---D | C] -- C:\Users\GEANT\Desktop\anti virus [2011/01/19 23:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2011/01/19 02:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Spybot - Search & Destroy [2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/01/18 18:43:56 | 000,000,000 | ---D | C] -- C:\Users\GEANT\ZHP [2011/01/17 19:03:24 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2011/01/17 19:03:21 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011/01/17 19:01:57 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Local\Sunbelt Software [2011/01/17 19:01:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D} [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Lavasoft [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2011/01/15 22:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\ZHP [2011/01/15 22:09:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/01/15 17:07:53 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Malwarebytes [2011/01/15 17:07:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Malwarebytes' Anti-Malware [2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/15 17:07:44 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/01/15 17:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/01/14 18:14:11 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/01/13 19:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Galaxy 2 Demo 64-bit [2011/01/13 19:33:39 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\ThePluginSite [2011/01/13 19:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\PluginGalaxy2Demo_64bit [2011/01/13 19:23:26 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVBVM50.DLL [2011/01/13 19:23:26 | 000,304,640 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imgman32.dll [2011/01/13 19:23:26 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Comdlg32.ocx [2011/01/13 19:23:26 | 000,067,072 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31jpg.dil [2011/01/13 19:23:26 | 000,059,392 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imhost32.dll [2011/01/13 19:23:26 | 000,035,840 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31bmp.dil [2011/01/13 19:23:26 | 000,032,256 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31xbmp.del [2011/01/13 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Commander Light [2011/01/13 19:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plugin Commander Light [2011/01/12 22:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Auto FX Software [2011/01/12 22:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto FX Software [2011/01/12 14:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Productivity_2.1 [2011/01/12 13:58:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elf_1.13 [2011/01/12 11:12:43 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011/01/12 11:12:43 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011/01/12 11:12:43 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011/01/12 11:12:43 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011/01/12 11:12:43 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011/01/12 11:12:43 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/01/12 11:12:42 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011/01/12 11:12:42 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011/01/12 11:12:42 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/01/12 11:12:42 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/01/12 11:12:42 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011/01/12 11:12:42 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/01/12 11:12:41 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011/01/12 11:12:41 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011/01/12 11:12:41 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011/01/12 11:12:41 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011/01/12 11:12:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011/01/12 11:12:41 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011/01/12 11:12:41 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011/01/12 11:12:41 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011/01/12 11:12:34 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011/01/12 11:12:34 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011/01/11 19:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\cspep [2011/01/09 20:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine [2011/01/09 20:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elf_1 [2011/01/09 20:47:55 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Local\Conduit [2011/01/09 11:53:03 | 000,000,000 | ---D | C] -- C:\Windows\fr [2011/01/09 11:52:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Windows Live [2011/01/09 11:50:38 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2011/01/09 11:50:38 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2011/01/09 11:50:37 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2011/01/09 11:50:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2011/01/09 00:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2011/01/06 16:46:38 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1 [2011/01/06 13:38:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo [2011/01/06 12:59:13 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/01/06 12:59:13 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/01/06 12:59:13 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010/12/29 14:18:17 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wtablet [2010/12/27 11:23:30 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Bamboo Explore [2010/12/27 11:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Explore [2010/12/27 10:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom [2010/12/27 10:53:49 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 [2010/12/27 10:53:46 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Wacom [2010/12/27 10:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo Dock [2010/12/27 10:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock [2010/12/27 10:51:51 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll [2010/12/27 10:51:51 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll [2010/12/27 10:51:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2010/12/27 10:51:05 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys [2010/12/27 10:50:58 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys [2010/12/27 10:50:56 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys [2010/12/27 10:50:52 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll [2010/12/27 10:50:51 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll [2010/12/27 10:50:51 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll [2010/12/27 10:50:50 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll [2010/12/27 10:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet [2010/12/22 11:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\iTunes [2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2009/11/03 05:04:33 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2011/01/20 13:00:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/20 12:04:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/20 12:04:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/20 11:55:20 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/20 11:54:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/20 11:54:57 | 3166,154,752 | -HS- | M] () -- C:\hiberfil.sys [2011/01/20 10:37:26 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [2011/01/19 23:10:40 | 000,144,945 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011 [2011/01/19 02:16:17 | 000,001,250 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/01/18 23:49:57 | 002,103,956 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/18 23:49:57 | 000,913,350 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/01/18 23:49:57 | 000,805,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/18 23:49:57 | 000,209,296 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/01/18 23:49:57 | 000,173,428 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/18 17:03:05 | 000,143,246 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport [2011/01/17 19:07:59 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe [2011/01/17 19:03:21 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011/01/17 19:01:21 | 000,001,142 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/01/15 22:33:30 | 000,001,214 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Gestion Commerciale.lnk [2011/01/15 22:33:30 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Gestion Commerciale.lnk [2011/01/14 18:14:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011/01/13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011/01/13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011/01/13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011/01/13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011/01/13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011/01/12 23:26:08 | 004,922,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/01/12 22:14:55 | 000,000,081 | ---- | M] () -- C:\Windows\s01on [2011/01/10 13:45:45 | 000,405,078 | ---- | M] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg [2011/01/10 13:45:45 | 000,001,456 | ---- | M] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2011/01/10 13:38:44 | 000,442,478 | ---- | M] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg [2011/01/10 13:25:15 | 000,461,063 | ---- | M] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg [2011/01/10 13:23:25 | 000,000,821 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2011/01/10 13:15:39 | 000,171,743 | ---- | M] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg [2011/01/08 19:03:57 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT [2011/01/06 19:46:44 | 000,078,684 | ---- | M] () -- C:\Users\GEANT\Documents\Backup.tabletprefs [2010/12/29 19:20:49 | 730,086,228 | ---- | M] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd ========== Files Created - No Company Name ========== [2011/01/19 23:10:40 | 000,144,945 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011 [2011/01/19 02:16:17 | 000,001,250 | ---- | C] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/01/18 17:03:05 | 000,143,246 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport [2011/01/17 23:51:09 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2011/01/17 19:01:21 | 000,001,142 | ---- | C] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/01/13 19:23:26 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll [2011/01/12 20:18:09 | 000,000,081 | ---- | C] () -- C:\Windows\s01on [2011/01/10 13:45:45 | 000,405,078 | ---- | C] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg [2011/01/10 13:38:44 | 000,442,478 | ---- | C] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg [2011/01/10 13:25:14 | 000,461,063 | ---- | C] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg [2011/01/10 13:15:38 | 000,171,743 | ---- | C] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg [2011/01/08 15:22:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/01/06 19:46:44 | 000,078,684 | ---- | C] () -- C:\Users\GEANT\Documents\Backup.tabletprefs [2010/12/29 19:18:26 | 730,086,228 | ---- | C] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd [2010/12/27 10:52:49 | 000,000,002 | ---- | C] () -- C:\Users\GEANT\.bdockinstall.log [2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml [2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml [2010/11/03 10:30:43 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI [2010/10/30 23:41:44 | 000,004,912 | ---- | C] () -- C:\ProgramData\mnjemahv.gza [2010/10/30 23:32:17 | 000,004,948 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik [2010/10/30 23:32:17 | 000,004,923 | ---- | C] () -- C:\ProgramData\drctchbl.xvi [2010/10/07 09:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Workflows [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Work - Home [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\filter [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\docInfo [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\deskjet [2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\business-inkjet [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT [2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Ambient [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Alerts [2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Action [2010/06/11 16:54:34 | 002,082,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/06/03 15:23:31 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini [2010/05/17 17:51:07 | 000,000,017 | ---- | C] () -- C:\Users\GEANT\AppData\Local\resmon.resmoncfg [2010/05/17 13:00:58 | 000,001,456 | ---- | C] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/05/14 17:28:40 | 000,000,132 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\Préfs Filtre IllExportation Adobe CS5 [2010/03/09 11:43:18 | 000,005,120 | ---- | C] () -- C:\Users\GEANT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/05 23:58:39 | 000,000,858 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\wklnhst.dat [2009/12/15 01:42:44 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2009/12/15 01:42:44 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009/12/05 17:09:38 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009/12/05 17:09:38 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2009/11/03 05:32:49 | 000,008,415 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log [2009/11/03 05:04:12 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/01/20 11:54:55 | 000,004,389 | ---- | M] () -- C:\aaw7boot.log [2009/11/03 04:45:59 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011/01/20 11:54:57 | 3166,154,752 | -HS- | M] () -- C:\hiberfil.sys [2010/11/27 03:11:33 | 000,875,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\jre-6u22-windows-i586-iftw-rv.exe [2011/01/20 11:54:57 | 4221,542,400 | -HS- | M] () -- C:\pagefile.sys [2010/06/01 22:21:28 | 032,494,896 | ---- | M] (Apple Inc.) -- C:\QuickTimeInstaller.exe [2009/11/03 04:59:49 | 000,002,881 | ---- | M] () -- C:\RHDSetup.log [2010/06/03 15:17:44 | 000,000,090 | ---- | M] () -- C:\Setup.log [2011/01/19 23:19:41 | 000,063,488 | ---- | M] () -- C:\TDSSKiller.2.4.14.0_19.01.2011_23.18.44_log.txt [2011/01/19 23:25:18 | 000,063,488 | ---- | M] () -- C:\TDSSKiller.2.4.14.0_19.01.2011_23.24.22_log.txt [2011/01/19 23:37:09 | 000,063,488 | ---- | M] () -- C:\TDSSKiller.2.4.14.0_19.01.2011_23.35.57_log.txt [2011/01/19 23:45:51 | 000,063,488 | ---- | M] () -- C:\TDSSKiller.2.4.14.0_19.01.2011_23.41.38_log.txt [2011/01/20 10:27:43 | 000,063,488 | ---- | M] () -- C:\TDSSKiller.2.4.14.0_20.01.2011_10.27.00_log.txt [2011/01/20 10:28:45 | 000,002,176 | ---- | M] () -- C:\TDSSKiller.2.4.14.0_20.01.2011_10.28.28_log.txt < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838 @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:370EF5E8 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0 @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54 @Alternate Data Stream - 1160 bytes -> C:\ProgramData\Microsoft:ksIB5GmrV8jrJpMwDeXHwNDJXLcN @Alternate Data Stream - 1038 bytes -> C:\ProgramData\Microsoft:ry6tCUwWVnZbcmjP4Aa82DiYZUUjf < End of report >

J'ai trouvé le premier rapport d'hier de TDSSKILLER comme tu m'a indiqué je fait le reste de la procedure je te tiens au courant merci 2011/01/19 23:18:44.0244 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51 2011/01/19 23:18:44.0244 ================================================================================ 2011/01/19 23:18:44.0244 SystemInfo: 2011/01/19 23:18:44.0244 2011/01/19 23:18:44.0244 OS Version: 6.1.7600 ServicePack: 0.0 2011/01/19 23:18:44.0244 Product type: Workstation 2011/01/19 23:18:44.0244 ComputerName: DIDIER-PC 2011/01/19 23:18:44.0264 UserName: GEANT 2011/01/19 23:18:44.0264 Windows directory: C:\Windows 2011/01/19 23:18:44.0264 System windows directory: C:\Windows 2011/01/19 23:18:44.0264 Running under WOW64 2011/01/19 23:18:44.0264 Processor architecture: Intel x64 2011/01/19 23:18:44.0264 Number of processors: 2 2011/01/19 23:18:44.0264 Page size: 0x1000 2011/01/19 23:18:44.0264 Boot type: Normal boot 2011/01/19 23:18:44.0264 ================================================================================ 2011/01/19 23:18:44.0264 Utility is running under WOW64 2011/01/19 23:18:44.0614 Initialize success 2011/01/19 23:18:47.0315 ================================================================================ 2011/01/19 23:18:47.0315 Scan started 2011/01/19 23:18:47.0315 Mode: Manual; 2011/01/19 23:18:47.0315 ================================================================================ 2011/01/19 23:18:48.0825 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/01/19 23:18:48.0948 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/01/19 23:18:49.0056 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/01/19 23:18:49.0209 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/01/19 23:18:49.0317 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/01/19 23:18:49.0423 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/01/19 23:18:49.0534 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/01/19 23:18:49.0637 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/01/19 23:18:49.0751 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/01/19 23:18:49.0779 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/01/19 23:18:49.0810 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/01/19 23:18:49.0831 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/01/19 23:18:49.0864 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2011/01/19 23:18:49.0921 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/01/19 23:18:49.0953 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2011/01/19 23:18:50.0075 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/01/19 23:18:50.0261 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/01/19 23:18:50.0285 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/01/19 23:18:50.0454 aswFsBlk (6923740db573b46fdda13e1df412c577) C:\Windows\system32\drivers\aswFsBlk.sys 2011/01/19 23:18:50.0570 aswMonFlt (de001b988b58bfd453f667842655b22e) C:\Windows\system32\drivers\aswMonFlt.sys 2011/01/19 23:18:50.0625 aswRdr (e0d1002d7fa65dd023788b17f714e682) C:\Windows\system32\drivers\aswRdr.sys 2011/01/19 23:18:50.0661 aswSP (c3eafdc0f533425614430a112ba71e9a) C:\Windows\system32\drivers\aswSP.sys 2011/01/19 23:18:50.0694 aswTdi (0226ffbc420d8fb67ba3b9dbdd1f2dca) C:\Windows\system32\drivers\aswTdi.sys 2011/01/19 23:18:50.0739 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/19 23:18:50.0793 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/01/19 23:18:50.0886 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 2011/01/19 23:18:51.0051 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/01/19 23:18:51.0114 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/01/19 23:18:51.0241 BCM43XX (b44879610f2dc4a046b14befa3ae72de) C:\Windows\system32\DRIVERS\bcmwl664.sys 2011/01/19 23:18:51.0309 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/01/19 23:18:51.0379 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/01/19 23:18:51.0429 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/19 23:18:51.0463 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/01/19 23:18:51.0479 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/01/19 23:18:51.0531 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/01/19 23:18:51.0549 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/01/19 23:18:51.0573 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/01/19 23:18:51.0593 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/01/19 23:18:51.0616 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/01/19 23:18:51.0689 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/19 23:18:51.0727 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/19 23:18:51.0758 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/01/19 23:18:51.0824 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/01/19 23:18:51.0924 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/19 23:18:51.0944 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/01/19 23:18:51.0994 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/01/19 23:18:52.0054 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/19 23:18:52.0114 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/01/19 23:18:52.0154 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/01/19 23:18:52.0404 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/01/19 23:18:52.0464 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/01/19 23:18:52.0514 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/01/19 23:18:52.0594 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys 2011/01/19 23:18:52.0744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/01/19 23:18:52.0824 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/19 23:18:53.0011 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/01/19 23:18:53.0109 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/01/19 23:18:53.0142 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/01/19 23:18:53.0195 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/01/19 23:18:53.0232 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/01/19 23:18:53.0270 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/19 23:18:53.0309 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/01/19 23:18:53.0337 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/01/19 23:18:53.0377 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/19 23:18:53.0411 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/01/19 23:18:53.0454 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/01/19 23:18:53.0480 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/19 23:18:53.0528 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/01/19 23:18:53.0559 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/01/19 23:18:53.0646 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/01/19 23:18:53.0734 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/01/19 23:18:53.0786 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/01/19 23:18:53.0825 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/19 23:18:53.0861 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/01/19 23:18:53.0878 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/01/19 23:18:53.0900 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/01/19 23:18:53.0950 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/19 23:18:54.0017 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/01/19 23:18:54.0090 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/01/19 23:18:54.0203 hwdatacard (4b5c07db91a0099272faae732e1152bd) C:\Windows\system32\DRIVERS\ewusbmdm.sys 2011/01/19 23:18:54.0239 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/01/19 23:18:54.0319 hwusbfake (1f24cf1f7db6d4461ac65a86db8e4bc2) C:\Windows\system32\DRIVERS\ewusbfake.sys 2011/01/19 23:18:54.0364 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/19 23:18:54.0445 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\DRIVERS\iaStor.sys 2011/01/19 23:18:54.0491 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/01/19 23:18:54.0759 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/01/19 23:18:54.0824 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/01/19 23:18:54.0933 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys 2011/01/19 23:18:54.0980 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/01/19 23:18:55.0030 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/19 23:18:55.0065 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/19 23:18:55.0095 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/01/19 23:18:55.0150 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/01/19 23:18:55.0210 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/01/19 23:18:55.0245 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/01/19 23:18:55.0270 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/19 23:18:55.0335 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/19 23:18:55.0370 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/19 23:18:55.0405 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/19 23:18:55.0450 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2011/01/19 23:18:55.0480 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/01/19 23:18:55.0540 L1C (9c46a5421de9d116c47155317cabb522) C:\Windows\system32\DRIVERS\L1C62x64.sys 2011/01/19 23:18:55.0710 Lavasoft Kernexplorer (ad134c8802355be1b24606fca8a4a50d) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys 2011/01/19 23:18:55.0815 Lbd (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys 2011/01/19 23:18:55.0875 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/19 23:18:55.0925 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/01/19 23:18:55.0945 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/01/19 23:18:55.0965 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/01/19 23:18:56.0005 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/01/19 23:18:56.0053 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/01/19 23:18:56.0078 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/01/19 23:18:56.0119 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/01/19 23:18:56.0164 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/01/19 23:18:56.0203 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/19 23:18:56.0239 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/19 23:18:56.0272 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/19 23:18:56.0303 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/01/19 23:18:56.0343 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/01/19 23:18:56.0379 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/19 23:18:56.0415 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/01/19 23:18:56.0453 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/19 23:18:56.0485 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/19 23:18:56.0532 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/19 23:18:56.0560 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/01/19 23:18:56.0593 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/01/19 23:18:56.0639 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/01/19 23:18:56.0663 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/01/19 23:18:56.0693 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/01/19 23:18:56.0746 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/19 23:18:56.0775 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/19 23:18:56.0800 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/01/19 23:18:56.0831 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/01/19 23:18:56.0868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/19 23:18:56.0913 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/01/19 23:18:56.0943 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/01/19 23:18:56.0969 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/01/19 23:18:57.0009 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 2011/01/19 23:18:57.0034 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 2011/01/19 23:18:57.0063 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 2011/01/19 23:18:57.0127 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/19 23:18:57.0183 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/01/19 23:18:57.0280 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/01/19 23:18:57.0325 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/19 23:18:57.0355 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/19 23:18:57.0383 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/19 23:18:57.0406 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/01/19 23:18:57.0444 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/19 23:18:57.0474 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/19 23:18:57.0563 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/01/19 23:18:57.0603 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/01/19 23:18:57.0633 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/19 23:18:57.0696 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/01/19 23:18:57.0775 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 2011/01/19 23:18:57.0812 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/01/19 23:18:57.0840 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/01/19 23:18:57.0859 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2011/01/19 23:18:57.0896 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/01/19 23:18:57.0943 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/19 23:18:58.0005 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/01/19 23:18:58.0053 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/01/19 23:18:58.0094 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/01/19 23:18:58.0134 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/01/19 23:18:58.0164 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/01/19 23:18:58.0204 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/01/19 23:18:58.0244 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/01/19 23:18:58.0374 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/19 23:18:58.0404 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/01/19 23:18:58.0454 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/19 23:18:58.0524 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/01/19 23:18:58.0544 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/01/19 23:18:58.0594 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/19 23:18:58.0604 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/19 23:18:58.0654 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/01/19 23:18:58.0694 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/19 23:18:58.0734 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/19 23:18:58.0764 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/19 23:18:58.0794 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/19 23:18:58.0824 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/01/19 23:18:58.0864 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/19 23:18:58.0894 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/19 23:18:58.0924 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/01/19 23:18:58.0944 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/01/19 23:18:58.0984 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/01/19 23:18:59.0047 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys 2011/01/19 23:18:59.0148 RsFx0150 (eb1c539e621a35a49f7692b0eb565ab9) C:\Windows\system32\DRIVERS\RsFx0150.sys 2011/01/19 23:18:59.0187 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/19 23:18:59.0242 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\System32\Drivers\RtsUStor.sys 2011/01/19 23:18:59.0283 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/01/19 23:18:59.0360 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/01/19 23:18:59.0437 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/01/19 23:18:59.0477 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/01/19 23:18:59.0516 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/01/19 23:18:59.0543 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/01/19 23:18:59.0626 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/01/19 23:18:59.0682 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/01/19 23:18:59.0711 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/01/19 23:18:59.0728 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/01/19 23:18:59.0797 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/01/19 23:18:59.0819 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/01/19 23:18:59.0859 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/01/19 23:18:59.0921 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/01/19 23:19:00.0029 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys 2011/01/19 23:19:00.0095 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/19 23:19:00.0164 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/19 23:19:00.0210 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/01/19 23:19:00.0247 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/19 23:19:00.0340 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys 2011/01/19 23:19:00.0474 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 2011/01/19 23:19:00.0596 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/19 23:19:00.0655 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/19 23:19:00.0694 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/01/19 23:19:00.0711 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/01/19 23:19:00.0750 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/19 23:19:00.0778 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/19 23:19:00.0921 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/19 23:19:00.0965 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/19 23:19:00.0994 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/01/19 23:19:01.0015 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 2011/01/19 23:19:01.0061 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/19 23:19:01.0121 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/01/19 23:19:01.0161 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/19 23:19:01.0181 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/01/19 23:19:01.0221 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/19 23:19:01.0251 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/01/19 23:19:01.0281 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/19 23:19:01.0321 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/19 23:19:01.0351 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/01/19 23:19:01.0391 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/01/19 23:19:01.0421 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/19 23:19:01.0451 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/19 23:19:01.0531 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 2011/01/19 23:19:01.0591 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/01/19 23:19:01.0631 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/19 23:19:01.0661 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/01/19 23:19:01.0681 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/01/19 23:19:01.0701 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/01/19 23:19:01.0741 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/01/19 23:19:01.0781 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/01/19 23:19:01.0811 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/01/19 23:19:01.0851 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/01/19 23:19:01.0891 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/01/19 23:19:01.0911 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/01/19 23:19:01.0941 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 2011/01/19 23:19:02.0041 wacmoumonitor (43ce14e1e17da81ea71dfe686805ed07) C:\Windows\system32\DRIVERS\wacmoumonitor.sys 2011/01/19 23:19:02.0111 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys 2011/01/19 23:19:02.0151 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/01/19 23:19:02.0211 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys 2011/01/19 23:19:02.0261 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/19 23:19:02.0291 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/19 23:19:02.0421 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/01/19 23:19:02.0471 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/19 23:19:02.0601 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/01/19 23:19:02.0621 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/01/19 23:19:02.0731 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/01/19 23:19:02.0831 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/01/19 23:19:02.0891 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/19 23:19:02.0961 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/01/19 23:19:03.0021 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/01/19 23:19:03.0111 ================================================================================ 2011/01/19 23:19:03.0111 Scan finished 2011/01/19 23:19:03.0111 ================================================================================ 2011/01/19 23:19:41.0038 Deinitialize success