jbg13014

Merci pour votre aide, je n'ai pour le moment plus de pb de publicités intempestives!

Rapport OTL, je regarde si ça va mieux.... All processes killed ========== OTL ========== No active process named SoftwareUpdateHP.exe was found! No active process named EoRezo.exe was found! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found. File C:\Program Files\RechercherWeb Toolbar\tbhelper.dll not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\AgenceChromeBHO@eorezo.com not found. File C:\Program Files\eoRezo not found. Folder C:\PROGRAM FILES\EOREZO\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{456632DF-9367-4299-8BA1-3D9CD55FC0CE}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{456632DF-9367-4299-8BA1-3D9CD55FC0CE}\ not found. File C:\Program Files\RechercherWeb Toolbar\tbcore3.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}\ not found. File C:\Program Files\eoRezo\EoRezoBHO.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8FFA7469-654F-423E-84FE-6A583CB1C284} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFA7469-654F-423E-84FE-6A583CB1C284}\ not found. File C:\Program Files\RechercherWeb Toolbar\tbcore3.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FFA7469-654F-423E-84FE-6A583CB1C284} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFA7469-654F-423E-84FE-6A583CB1C284}\ not found. File C:\Program Files\RechercherWeb Toolbar\tbcore3.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eorezo not found. File C:\Program Files\EoRezo\eorezo.exe not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper deleted successfully. File C:\Users\JB Gramaglia\AppData\Roaming\EoRezo\EoRezo\SoftwareUpdateHP.exe not found. E:\autorun.inf moved successfully. Folder C:\Users\JB Gramaglia\AppData\Roaming\FissaSearch\ not found. C:\Users\JB Gramaglia\AppData\Roaming\OfferBox folder moved successfully. C:\Users\JB Gramaglia\AppData\Local\{1FC99423-B975-4EDA-B1A9-7F0EDF230F55} folder moved successfully. C:\Users\JB Gramaglia\AppData\Local\{B16B6B9F-3618-42C0-8064-FE5364EB0A3E} folder moved successfully. C:\Users\JB Gramaglia\AppData\Local\{1FBA6B53-6F09-4142-9ECA-D80B1EBD3E40} folder moved successfully. C:\Users\JB Gramaglia\AppData\Local\{F82FCFE5-90B4-43C5-A549-362E173F55EA} folder moved successfully. C:\Users\JB Gramaglia\AppData\Local\{EE44EF53-93E1-4369-A61D-6C45585D370F} folder moved successfully. C:\Users\JB Gramaglia\AppData\Local\{EBB096C3-0311-4336-A85F-03C088DD3CEA} folder moved successfully. ADS C:\Users\JB Gramaglia\Documents\K-BIS ATHENAIS.tiff:3or4kl4x13tuuug3Byamue2s4b deleted successfully. ADS C:\Users\JB Gramaglia\Documents\fiche insp travail.tiff:3or4kl4x13tuuug3Byamue2s4b deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\EoRezo_is1 not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\RechercherWeb Toolbar not found. ========== FILES ========== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. File\Folder C:\*.sqm not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: JB Gramaglia ->Temp folder emptied: 318640456 bytes ->Temporary Internet Files folder emptied: 75570319 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 50363242 bytes ->Google Chrome cache emptied: 12214948 bytes ->Flash cache emptied: 7616 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 13500894 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 449,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: JB Gramaglia ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 03312011_091807 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

Rapport Check-up.txt Results of screen317's Security Check version 0.99.10 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Java 6 Update 22 Out of date Java installed! Adobe Flash Player Adobe Reader 9.4.2 - Français Out of date Adobe Reader installed! Mozilla Firefox (x86 fr..) ```````````````````````````````` Process Check: objlist.exe by Laurent Common Files Microsoft Shared Windows Live AvastSvc.exe -?- Alwil Software Avast5 AvastUI.exe ``````````End of Log````````````

Voici le contenu dy rapport OTL.txt OTL logfile created on: 30/03/2011 12:02:02 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\JB Gramaglia\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 231,97 Gb Total Space | 200,15 Gb Free Space | 86,28% Space Free | Partition Type: NTFS Drive E: | 991,72 Mb Total Space | 688,38 Mb Free Space | 69,41% Space Free | Partition Type: FAT Computer Name: JBGRAMAGLIA-PC | User Name: JB Gramaglia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/03/30 11:39:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\JB Gramaglia\Desktop\OTL.exe PRC - [2011/02/23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2011/02/16 00:32:31 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011/02/14 12:03:02 | 000,724,992 | ---- | M] (EoRezo) -- C:\Users\JB Gramaglia\AppData\Roaming\EoRezo\EoRezo\SoftwareUpdateHP.exe PRC - [2011/02/11 14:19:54 | 000,684,032 | ---- | M] (EoRezo) -- C:\Program Files\eoRezo\EoRezo.exe PRC - [2011/01/17 20:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2011/01/17 20:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010/10/16 17:10:52 | 002,336,104 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe PRC - [2010/09/15 12:14:36 | 000,057,168 | ---- | M] (UPEK Inc.) -- C:\Program Files\Common Files\SPBA\upeksvr.exe PRC - [2010/09/03 02:28:54 | 000,518,640 | ---- | M] () -- C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe PRC - [2010/05/14 12:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2009/08/26 19:49:00 | 002,691,072 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe ========== Modules (SafeList) ========== MOD - [2011/03/30 11:39:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\JB Gramaglia\Desktop\OTL.exe MOD - [2011/02/23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2011/02/16 00:32:29 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/02/23 19:56:07 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/11/03 17:12:58 | 001,477,632 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService) SRV - [2010/10/16 17:10:52 | 002,336,104 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe -- (TdmService) SRV - [2010/09/04 02:15:22 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010/09/04 02:14:26 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010/07/13 15:02:32 | 001,629,696 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe) SRV - [2009/07/14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011/02/23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/02/23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/02/23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/02/23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/02/23 15:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/02/23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/02/16 00:32:36 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/11/17 01:21:24 | 002,748,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTDVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/07/14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009/07/14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009/07/14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009/07/14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009/07/14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009/06/20 14:34:56 | 000,273,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink DRV - [2009/05/11 12:55:12 | 000,084,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\basp.sys -- (Blfp) DRV - [2008/06/04 14:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\PBADRV.sys -- (PBADRV) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = Moteur de recherche : Web, Photos, Videos, Voyages, Encyclopédie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\RechercherWeb Toolbar\tbhelper.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\AgenceChromeBHO@eorezo.com: C:\Program Files\eoRezo [2011/02/25 18:43:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/03/29 13:55:09 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/29 14:26:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/29 14:26:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JB Gramaglia\AppData\Roaming\mozilla\Extensions [2011/03/29 14:28:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JB Gramaglia\AppData\Roaming\mozilla\Firefox\Profiles\3gaqwvfj.default\extensions [2011/03/29 14:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions File not found (No name found) -- [2011/03/29 13:55:09 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2011/02/25 18:43:55 | 000,000,000 | ---D | M] (URL Analyzer) -- C:\PROGRAM FILES\EOREZO () (No name found) -- C:\USERS\JB GRAMAGLIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3GAQWVFJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011/03/18 19:58:47 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (TBSB01555 Class) - {456632DF-9367-4299-8BA1-3D9CD55FC0CE} - C:\Program Files\RechercherWeb Toolbar\tbcore3.dll () O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll () O2 - BHO: (EOBHO Class) - {C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - C:\Program Files\eoRezo\EoRezoBHO.dll (EoRezo) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll () O3 - HKLM\..\Toolbar: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (RechercherWeb Toolbar) - {8FFA7469-654F-423E-84FE-6A583CB1C284} - C:\Program Files\RechercherWeb Toolbar\tbcore3.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [eorezo] C:\Program Files\EoRezo\eorezo.exe (EoRezo) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe (Realtek Semiconductor Corp.) O4 - HKLM..\RunOnce: [softwareHelper] C:\Users\JB Gramaglia\AppData\Roaming\EoRezo\EoRezo\SoftwareUpdateHP.exe (EoRezo) O4 - Startup: C:\Users\JB Gramaglia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\spba: DllName - C:\Program Files\Common Files\SPBA\homefus2.dll - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011/01/24 10:13:04 | 000,000,472 | ---- | M] () - E:\autorun.inf -- [ FAT ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/03/30 11:39:44 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\JB Gramaglia\Desktop\OTL.exe [2011/03/30 09:26:54 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{B84A9FB7-13C4-4CB6-AC9F-49D73F636BE8} [2011/03/29 17:51:44 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\Documents\Entrepot [2011/03/29 14:26:57 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Roaming\Mozilla [2011/03/29 14:26:57 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\Mozilla [2011/03/29 14:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2011/03/29 13:55:09 | 000,371,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2011/03/29 09:39:36 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{1FC99423-B975-4EDA-B1A9-7F0EDF230F55} [2011/03/28 09:19:53 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{B16B6B9F-3618-42C0-8064-FE5364EB0A3E} [2011/03/25 10:05:53 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{1FBA6B53-6F09-4142-9ECA-D80B1EBD3E40} [2011/03/24 17:58:12 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\Documents\Comités d'Entreprises [2011/03/24 10:43:54 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{F82FCFE5-90B4-43C5-A549-362E173F55EA} [2011/03/23 10:11:40 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{EE44EF53-93E1-4369-A61D-6C45585D370F} [2011/03/22 10:54:48 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{EBB096C3-0311-4336-A85F-03C088DD3CEA} [2011/03/21 17:17:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Quadratus sur BEATRICE [2011/03/21 17:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadratus sur BEATRICE [2011/03/21 17:17:21 | 000,192,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabctl32.ocx [2011/03/21 17:17:21 | 000,097,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscomm32.ocx [2011/03/21 17:17:21 | 000,077,312 | ---- | C] (Quadratus) -- C:\Windows\System32\QScrolls.ocx [2011/03/21 17:17:20 | 000,196,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Richtx32.ocx [2011/03/21 17:17:20 | 000,166,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msmask32.ocx [2011/03/21 17:17:20 | 000,134,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msmapi32.ocx [2011/03/21 17:17:20 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vb5fr.dll [2011/03/21 17:17:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabctfr.dll [2011/03/21 17:17:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Sysinfr.dll [2011/03/21 17:17:19 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\Roboex32.dll [2011/03/21 17:17:19 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddao35.dll [2011/03/21 17:17:19 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Cmctlfr.dll [2011/03/21 17:17:19 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Rdo20fr.dll [2011/03/21 17:17:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Rchtxfr.dll [2011/03/21 17:17:19 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Cmdlgfr.dll [2011/03/21 17:17:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Dblstfr.dll [2011/03/21 17:17:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vbsfr.dll [2011/03/21 17:17:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Cmct2fr.dll [2011/03/21 17:17:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msmskfr.dll [2011/03/21 17:17:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Rdc20fr.dll [2011/03/21 17:17:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscomfr.dll [2011/03/21 17:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\QS [2011/03/21 17:05:49 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Roaming\TeamViewer [2011/03/21 17:05:44 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\temp [2011/03/21 10:58:52 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{33F2937F-15A4-4256-8E33-5530F999AFF8} [2011/03/18 08:27:07 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{CAA40141-A60A-434A-B842-69533175EF58} [2011/03/17 20:26:55 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{90C8BC21-7BFC-4D80-B83E-0E5257295879} [2011/03/17 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\Desktop\Photos pour présentation [2011/03/17 08:26:43 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{FB164AAC-83E0-4436-BF17-BE79DEE5B2D2} [2011/03/16 13:20:04 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{1D85502D-A3E5-4371-9819-CF5AD13E5418} [2011/03/15 11:54:00 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{A07A9471-78DE-4FED-B179-216B0B77E36D} [2011/03/14 10:00:39 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{6445AC71-49FB-49CA-96D5-1054051D4AE9} [2011/03/11 10:10:09 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{AD718BEE-3960-46BB-90B6-5C658E236EA3} [2011/03/10 10:16:26 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{59789AE7-7C3A-4FB5-82E4-F75E09AA2CA5} [2011/03/09 13:43:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2011/03/09 10:13:47 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{22ED6838-ED77-431D-B8FB-3A3707BC1C5B} [2011/03/09 10:13:27 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011/03/09 10:13:27 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011/03/09 10:13:25 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2011/03/09 10:13:25 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2011/03/09 10:13:25 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011/03/09 10:13:24 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011/03/08 10:20:48 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{4BF7B4A7-8788-48EB-B923-379D838DCBF2} [2011/03/07 11:46:07 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{B8588692-612F-4120-B277-F1AC1DDAD475} [2011/03/04 12:56:06 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{689FECDC-8883-4A50-BEE6-369138DDCD45} [2011/03/03 11:50:13 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\Documents\SUDECO [2011/03/03 10:59:57 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{1ED75923-A817-47B3-BA09-5874C24D5042} [2011/03/02 16:59:27 | 000,028,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdimon.dll [2011/03/02 16:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011/03/02 16:58:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2011/03/02 16:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011/03/02 16:52:15 | 000,000,000 | RH-D | C] -- C:\MSOCache [2011/03/02 16:51:00 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Roaming\Roxio Burn [2011/03/02 10:06:32 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{8CDCC960-6D2F-41EF-BD64-F785403C20EF} [2011/03/01 19:13:15 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\CUSTPDF Writer [2011/03/01 19:12:47 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Roaming\FissaSearch [2011/03/01 19:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS [2011/03/01 19:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPDFConverter [2011/03/01 19:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\MyPDFConverter [2011/03/01 19:10:43 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Roaming\OfferBox [2011/03/01 12:03:35 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\Documents\Assurance [2011/03/01 11:49:36 | 000,000,000 | R--D | C] -- C:\Users\JB Gramaglia\Documents\Scanned Documents [2011/03/01 11:49:36 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\Documents\Fax [2011/03/01 10:09:20 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{605FC818-C4B0-40D4-B2AB-B93A7494D794} [2011/03/01 10:09:20 | 000,000,000 | ---D | C] -- C:\Users\JB Gramaglia\AppData\Local\{38949A7B-D6C2-4F58-9292-FC861009C0E7} [2011/02/28 20:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011/02/16 00:26:00 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll ========== Files - Modified Within 30 Days ========== [2011/03/30 12:02:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/03/30 11:41:27 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/03/30 11:41:27 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/03/30 11:41:27 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/03/30 11:41:27 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/03/30 11:40:42 | 000,879,081 | ---- | M] () -- C:\Users\JB Gramaglia\Desktop\SecurityCheck.exe [2011/03/30 11:39:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\JB Gramaglia\Desktop\OTL.exe [2011/03/30 11:39:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/03/30 09:33:01 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/03/30 09:33:01 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/03/30 09:24:46 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/03/30 09:24:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/03/30 09:24:26 | 1582,022,656 | -HS- | M] () -- C:\hiberfil.sys [2011/03/29 14:26:51 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/03/29 13:55:09 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011/03/25 17:58:05 | 000,299,746 | ---- | M] () -- C:\Users\JB Gramaglia\Documents\K-BIS ATHENAIS.tiff [2011/03/22 10:21:06 | 000,364,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/03/21 17:17:32 | 000,092,989 | ---- | M] () -- C:\Windows\QLIGHT.isu [2011/03/21 17:07:09 | 001,925,904 | ---- | M] () -- C:\Users\JB Gramaglia\Desktop\Assistance_Stip.exe [2011/03/10 15:47:02 | 000,097,180 | ---- | M] () -- C:\Users\JB Gramaglia\Documents\fiche insp travail.tiff [2011/03/02 16:59:31 | 000,000,382 | ---- | M] () -- C:\Windows\ODBC.INI [2011/02/28 20:35:45 | 000,002,187 | ---- | M] () -- C:\Users\JB Gramaglia\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/02/28 20:35:21 | 000,002,244 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk ========== Files Created - No Company Name ========== [2011/03/30 12:02:32 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/03/30 11:40:36 | 000,879,081 | ---- | C] () -- C:\Users\JB Gramaglia\Desktop\SecurityCheck.exe [2011/03/29 14:26:51 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011/03/29 14:26:51 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/03/25 17:58:36 | 000,299,746 | ---- | C] () -- C:\Users\JB Gramaglia\Documents\K-BIS ATHENAIS.tiff [2011/03/21 17:17:18 | 000,092,989 | ---- | C] () -- C:\Windows\QLIGHT.isu [2011/03/21 17:07:04 | 001,925,904 | ---- | C] () -- C:\Users\JB Gramaglia\Desktop\Assistance_Stip.exe [2011/03/17 12:17:28 | 001,382,032 | ---- | C] () -- C:\Users\JB Gramaglia\Desktop\Etude Xerfi Parfumerie.pdf [2011/03/10 15:49:18 | 000,097,180 | ---- | C] () -- C:\Users\JB Gramaglia\Documents\fiche insp travail.tiff [2011/03/02 16:59:30 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2011/03/01 19:10:59 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32.dll [2011/02/28 20:35:21 | 000,002,244 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011/02/16 00:26:01 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2011/02/16 00:26:01 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2011/02/16 00:26:01 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2011/02/16 00:26:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2011/02/16 00:25:59 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2011/02/16 00:25:59 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2011/02/15 15:47:16 | 000,080,368 | ---- | C] () -- C:\Windows\System32\pbadrvdll.dll [2010/10/01 16:56:28 | 000,087,040 | ---- | C] () -- C:\Windows\System32\Internationalization_th.dll [2010/10/01 16:56:28 | 000,074,752 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-HK.dll [2010/10/01 16:56:26 | 000,089,088 | ---- | C] () -- C:\Windows\System32\Internationalization_sl.dll [2010/10/01 16:56:24 | 000,089,088 | ---- | C] () -- C:\Windows\System32\Internationalization_sk.dll [2010/10/01 16:56:22 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_hr.dll [2010/10/01 16:56:20 | 000,088,064 | ---- | C] () -- C:\Windows\System32\Internationalization_tr.dll [2010/10/01 16:56:18 | 000,091,648 | ---- | C] () -- C:\Windows\System32\Internationalization_ro.dll [2010/10/01 16:56:18 | 000,091,648 | ---- | C] () -- C:\Windows\System32\Internationalization_pt-BR.dll [2010/10/01 16:56:16 | 000,091,136 | ---- | C] () -- C:\Windows\System32\Internationalization_hu.dll [2010/10/01 16:56:14 | 000,084,480 | ---- | C] () -- C:\Windows\System32\Internationalization_he.dll [2010/10/01 16:56:12 | 000,089,088 | ---- | C] () -- C:\Windows\System32\Internationalization_fi.dll [2010/10/01 16:56:10 | 000,095,744 | ---- | C] () -- C:\Windows\System32\Internationalization_el.dll [2010/10/01 16:56:10 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_cs.dll [2010/10/01 16:56:08 | 000,086,016 | ---- | C] () -- C:\Windows\System32\Internationalization_ar.dll [2010/10/01 16:56:06 | 000,074,752 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHT.dll [2010/10/01 16:56:06 | 000,074,240 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHS.dll [2010/10/01 16:56:04 | 000,090,624 | ---- | C] () -- C:\Windows\System32\Internationalization_sv.dll [2010/10/01 16:56:02 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ru.dll [2010/10/01 16:56:00 | 000,093,184 | ---- | C] () -- C:\Windows\System32\Internationalization_pt.dll [2010/10/01 16:56:00 | 000,092,160 | ---- | C] () -- C:\Windows\System32\Internationalization_pl.dll [2010/10/01 16:55:58 | 000,088,576 | ---- | C] () -- C:\Windows\System32\Internationalization_no.dll [2010/10/01 16:55:56 | 000,096,256 | ---- | C] () -- C:\Windows\System32\Internationalization_nl.dll [2010/10/01 16:55:56 | 000,078,848 | ---- | C] () -- C:\Windows\System32\Internationalization_ko.dll [2010/10/01 16:55:54 | 000,080,384 | ---- | C] () -- C:\Windows\System32\Internationalization_ja.dll [2010/10/01 16:55:52 | 000,093,696 | ---- | C] () -- C:\Windows\System32\Internationalization_it.dll [2010/10/01 16:55:50 | 000,093,696 | ---- | C] () -- C:\Windows\System32\Internationalization_fr.dll [2010/10/01 16:55:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\Internationalization_es.dll [2010/10/01 16:55:46 | 000,094,720 | ---- | C] () -- C:\Windows\System32\Internationalization_de.dll [2010/10/01 16:55:44 | 000,091,648 | ---- | C] () -- C:\Windows\System32\Internationalization_da.dll [2010/09/30 09:49:10 | 000,012,800 | ---- | C] () -- C:\Windows\System32\Wavx_ESC_Logging.dll [2010/08/19 18:18:20 | 001,008,640 | ---- | C] () -- C:\Windows\System32\DemoLicense.dll [2009/07/14 10:39:49 | 000,704,242 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2009/07/14 10:39:49 | 000,130,548 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 06:33:53 | 000,364,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 02:55:09 | 001,332,736 | ---- | C] () -- C:\Windows\System32\hpotiop1.dll [2009/07/14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2008/03/25 10:46:00 | 000,077,536 | ---- | C] () -- C:\Windows\System32\xltZlib.dll [2006/06/30 13:58:44 | 000,176,128 | ---- | C] () -- C:\Windows\System32\bioapi_mds300.dll [2006/06/30 13:58:44 | 000,126,976 | ---- | C] () -- C:\Windows\System32\bioapi100.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2011/02/16 00:33:46 | 000,003,356 | RH-- | M] () -- C:\dell.sdr [2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2011/03/30 09:24:26 | 1582,022,656 | -HS- | M] () -- C:\hiberfil.sys [2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007/11/07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007/11/07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007/11/07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007/11/07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007/11/07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007/11/07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007/11/07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2011/03/30 09:24:28 | 2109,366,272 | -HS- | M] () -- C:\pagefile.sys [2011/03/30 12:02:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007/11/07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007/11/07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/07/14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009/07/14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll [2010/12/18 07:30:07 | 000,599,040 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msfeeds.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > [2011/02/16 00:32:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394ohci.sys [2011/02/23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2011/02/23 15:55:03 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2011/02/23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2011/02/23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2011/02/23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2011/02/23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2011/02/16 00:32:31 | 000,026,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2011/02/03 07:45:07 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2011/02/16 00:32:22 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2011/02/16 00:32:33 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2011/02/16 00:32:28 | 000,133,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2011/02/16 00:32:36 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys [2011/02/16 00:32:36 | 000,221,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys [2011/02/16 00:32:36 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys [2011/02/16 00:32:21 | 000,027,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys [2011/02/16 00:32:29 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys [2011/02/16 00:32:28 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys [2011/02/16 00:32:28 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys [2011/02/16 00:32:28 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys [2011/02/16 00:32:32 | 001,286,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys [2011/02/16 00:32:21 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\udfs.sys [2011/02/16 00:32:22 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccgp.sys [2011/02/16 00:32:22 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbehci.sys [2011/02/16 00:32:22 | 000,258,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbhub.sys [2011/02/16 00:32:22 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2011/02/16 00:32:36 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys [2011/02/16 00:32:22 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFPf.sys [2011/02/16 00:32:22 | 000,132,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFRd.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-29 07:42:09 ========== Alternate Data Streams ========== @Alternate Data Stream - 160 bytes -> C:\Users\JB Gramaglia\Documents\K-BIS ATHENAIS.tiff:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 160 bytes -> C:\Users\JB Gramaglia\Documents\fiche insp travail.tiff:3or4kl4x13tuuug3Byamue2s4b < End of report > Rapport Extra.txt OTL Extras logfile created on: 30/03/2011 12:02:02 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\JB Gramaglia\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 231,97 Gb Total Space | 200,15 Gb Free Space | 86,28% Space Free | Partition Type: NTFS Drive E: | 991,72 Mb Total Space | 688,38 Mb Free Space | 69,41% Space Free | Partition Type: FAT Computer Name: JBGRAMAGLIA-PC | User Name: JB Gramaglia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3 "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software Installer "{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0CCAF47C-E428-48C2-82B2-5F25CE1D67DA}" = Gemalto "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}" = MyPDFConverter "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 22 "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2E98C5B7-D64C-4D7E-BFC3-A7D078569F28}" = Broadcom NetXtreme-I Netlink Driver and Management Installer "{2EECD5EF-5095-467C-B80C-4AB3096EFD60}" = SPBA 5.9 "{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer "{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}" = Fissa "{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}" = Dell Data Protection | Access | Drivers "{4E60E212-3177-4B16-BCB3-616CCC52357D}" = Upek Touchchip Fingerprint Reader "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack "{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6AC87FB3-ACFC-4416-890C-8976D5A9B371}" = Trusted Drive Manager "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter "{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}" = Custom "{75E0B85A-085F-4BA3-B2BF-1995AFD8024D}" = NTRU TCG Software Stack "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}" = Dell Data Protection | Access | Middleware "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{9113040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn "{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}" = BioAPI Framework "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module "{A32F592F-AA0E-49AF-8E85-A0A25AF83314}" = Wave Infrastructure Installer "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7D91856-258D-4C87-8041-B170851CE432}" = Dell Data Protection | Access "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes "{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources "{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.2 - Français "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime "{BD3068DE-D53B-4CE8-B2BC-32E1323441CD}" = PC-CCID "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center "{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter "{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F839C6BD-E92E-48FA-9CE6-7BFAF94F7096}" = DellAccess "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "9512AA21B791B05A54E27065C45BBC417AB282DF" = Package de pilotes Windows - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "avast" = avast! Free Antivirus "EoRezo_is1" = eoRezo 15.0 "Google Chrome" = Google Chrome "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox 4.0 (x86 fr)" = Mozilla Firefox 4.0 (x86 fr) "RechercherWeb Toolbar" = RechercherWeb Toolbar "WinLiveSuite" = Windows Live "WinRAR archiver" = Archiveur WinRAR ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11/03/2011 06:12:29 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : EoRezoBHO.dll_unloaded, version : 0.0.0.0, horodatage : 0x4d53f511 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0475ac20 ID du processus défaillant : 0x5d0 Heure de début de l’application défaillante : 0x01cbdfd4baac233d Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: EoRezoBHO.dll ID de rapport : 11b65809-4bc8-11e0-ab1b-782bcb7ed732 Error - 11/03/2011 06:12:30 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : EoRezoBHO.dll_unloaded, version : 0.0.0.0, horodatage : 0x4d53f511 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0475ac20 ID du processus défaillant : 0x5d0 Heure de début de l’application défaillante : 0x01cbdfd4baac233d Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: EoRezoBHO.dll ID de rapport : 127988df-4bc8-11e0-ab1b-782bcb7ed732 Error - 14/03/2011 08:01:00 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : tbhelper.dll_unloaded, version : 0.0.0.0, horodatage : 0x4cc7d2f9 Code d’exception : 0xc0000005 Décalage d’erreur : 0x03d1ac20 ID du processus défaillant : 0x610 Heure de début de l’application défaillante : 0x01cbe23f56a5113e Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: tbhelper.dll ID de rapport : b9e12a9f-4e32-11e0-9224-782bcb7ed732 Error - 14/03/2011 08:01:03 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : tbhelper.dll_unloaded, version : 0.0.0.0, horodatage : 0x4cc7d2f9 Code d’exception : 0xc0000005 Décalage d’erreur : 0x03d1ac20 ID du processus défaillant : 0x610 Heure de début de l’application défaillante : 0x01cbe23f56a5113e Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: tbhelper.dll ID de rapport : bba7d174-4e32-11e0-9224-782bcb7ed732 Error - 14/03/2011 08:02:48 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : EoRezoBHO.dll_unloaded, version : 0.0.0.0, horodatage : 0x4d53f511 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0481ac20 ID du processus défaillant : 0xfa0 Heure de début de l’application défaillante : 0x01cbe23f7e5cdeff Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: EoRezoBHO.dll ID de rapport : fa21412f-4e32-11e0-9224-782bcb7ed732 Error - 14/03/2011 08:02:50 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : EoRezoBHO.dll_unloaded, version : 0.0.0.0, horodatage : 0x4d53f511 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0481ac20 ID du processus défaillant : 0xfa0 Heure de début de l’application défaillante : 0x01cbe23f7e5cdeff Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: EoRezoBHO.dll ID de rapport : fb56b412-4e32-11e0-9224-782bcb7ed732 Error - 14/03/2011 08:03:18 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : EoRezoBHO.dll_unloaded, version : 0.0.0.0, horodatage : 0x4d53f511 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0595ac20 ID du processus défaillant : 0xedc Heure de début de l’application défaillante : 0x01cbe23fbe049d7c Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: EoRezoBHO.dll ID de rapport : 0c2fb305-4e33-11e0-9224-782bcb7ed732 Error - 14/03/2011 08:03:20 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : EoRezoBHO.dll_unloaded, version : 0.0.0.0, horodatage : 0x4d53f511 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0595ac20 ID du processus défaillant : 0xedc Heure de début de l’application défaillante : 0x01cbe23fbe049d7c Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: EoRezoBHO.dll ID de rapport : 0d521ae6-4e33-11e0-9224-782bcb7ed732 Error - 14/03/2011 14:19:11 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : EoRezoBHO.dll_unloaded, version : 0.0.0.0, horodatage : 0x4d53f511 Code d’exception : 0xc0000005 Décalage d’erreur : 0x02e1ac20 ID du processus défaillant : 0x1628 Heure de début de l’application défaillante : 0x01cbe2742f30e0cf Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: EoRezoBHO.dll ID de rapport : 8e846d10-4e67-11e0-9224-782bcb7ed732 Error - 14/03/2011 14:19:12 | Computer Name = JBGramaglia-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16722, horodatage : 0x4d0c2f29 Nom du module défaillant : EoRezoBHO.dll_unloaded, version : 0.0.0.0, horodatage : 0x4d53f511 Code d’exception : 0xc0000005 Décalage d’erreur : 0x02e1ac20 ID du processus défaillant : 0x1628 Heure de début de l’application défaillante : 0x01cbe2742f30e0cf Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: EoRezoBHO.dll ID de rapport : 8f7276ab-4e67-11e0-9224-782bcb7ed732 [ System Events ] Error - 15/03/2011 05:49:24 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 16/03/2011 07:18:31 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 17/03/2011 02:25:11 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 21/03/2011 04:32:08 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 21/03/2011 11:13:44 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 22/03/2011 04:21:13 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 23/03/2011 04:09:32 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 24/03/2011 04:31:03 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 25/03/2011 04:04:33 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 Error - 28/03/2011 03:18:50 | Computer Name = JBGramaglia-PC | Source = Service Control Manager | ID = 7001 Description = Le service NTRU TSS v1.2.1.34 TCS dépend du service Services de base de module de plateforme sécurisée qui n’a pas pu démarrer en raison de l’erreur : %%0 < End of report >

Bonjour et merci pour votre aide. je viens de recevoir un nouveau pc sous windows 7 et depuis quelques jours, des publicites intempestives s'ouvrent malgres l'activation du blocage de fenetre de ie. Aussi bien lorsque mon pc est inutilisé que lorsque je travaille dessus, des fenetres s'ouvrent. y a t-il un moyen de s'en débarraser ?