Florian_85

Merci bien Lance_yien pour ton aide. Tes explications étaient claires et précises, parfait pour un novice comme moi bonne continuation a toi aussi. Florian

Hello lance_yien, Alors toutes les mises à jour comme demandé ont été faîtes et ca a bien marché. Voilà le dernier rapport OTL comme demandé. L'ordinateur est quasiment comme neuf maintenant All processes killed ========== OTL ========== ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\OfferBox deleted successfully. ========== FILES ========== File\Folder C:\Users\Florian\Desktop\camera\Logiciels\Sony vegas pro9.0\Keygen.exe not found. File\Folder C:\Users\Florian\Desktop\camera\Logiciels\Sony vegas pro9.0\SonyVPRO9MEDICINE.rar not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User User: Florian ->Temp folder emptied: 466321 bytes ->Temporary Internet Files folder emptied: 7264260 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 79734974 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 1406 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 22479 bytes Total Files Cleaned = 83,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Florian ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 04022011_135406 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot...

Alors, voilà le rapport OTL: All processes killed ========== OTL ========== No active process named OfferBox.exe was found! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Prefs.js: offerboxffx@offerbox.com:2.1.3128.64 removed from extensions.enabledItems Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com not found. C:\Program Files\OfferBox\offerboxffx@offerbox.com\components folder moved successfully. C:\Program Files\OfferBox\offerboxffx@offerbox.com folder moved successfully. Folder C:\PROGRAM FILES\OFFERBOX\OFFERBOXFFX@OFFERBOX.COM\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\sfiuf deleted successfully. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b1beccc-9952-11dd-8480-001fc6679a4f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2b1beccc-9952-11dd-8480-001fc6679a4f}\ not found. File WD_Windows_Tools\Setup.exe not found. C:\Users\Florian\AppData\Local\OpenCandy folder moved successfully. C:\Users\Florian\AppData\Roaming\OpenCandy\OpenCandy_4BF4096303894CC3A720FE71143EB089 folder moved successfully. C:\Users\Florian\AppData\Roaming\OpenCandy folder moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\"OfferBox" | OfferBox /E : value set successfully! ========== FILES ========== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. File\Folder C:\*.sqm not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User User: Florian ->Temp folder emptied: 35637102 bytes ->Temporary Internet Files folder emptied: 9163446 bytes ->Java cache emptied: 26899223 bytes ->FireFox cache emptied: 61796050 bytes ->Google Chrome cache emptied: 819568 bytes ->Apple Safari cache emptied: 8327168 bytes ->Flash cache emptied: 73757 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 956091 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 758226 bytes RecycleBin emptied: 3444860 bytes Total Files Cleaned = 141,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Florian ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 04012011_192152 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... Et les resultats du scan: C:\Users\Florian\Desktop\camera\Logiciels\Sony vegas pro9.0\Keygen.exe une variante de Win32/Keygen.AR application C:\Users\Florian\Desktop\camera\Logiciels\Sony vegas pro9.0\SonyVPRO9MEDICINE.rar une variante de Win32/Keygen.AR application C:\_OTL\MovedFiles\04012011_192152\C_Users\Florian\AppData\Roaming\OpenCandy\OpenCandy_4BF4096303894CC3A720FE71143EB089\registrybooster(.exe une variante de Win32/RegistryBooster application sinon pas de problème apparent sur mon PC. merci encore de ton aide

et voilà le fichier Extras: OTL Extras logfile created on: 01/04/2011 16:53:35 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Florian\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 35,97 Gb Free Space | 24,13% Space Free | Partition Type: NTFS Drive D: | 141,23 Gb Total Space | 46,23 Gb Free Space | 32,73% Space Free | Partition Type: NTFS Drive F: | 149,01 Gb Total Space | 9,24 Gb Free Space | 6,20% Space Free | Partition Type: FAT32 Computer Name: PC-DE-FLORIAN | User Name: Florian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 "InternetSettingsDisableNotify" = 1 "AutoUpdateDisableNotify" = 1 "AntiVirusDisableNotify" = 0x00000000 "FirewallDisableNotify" = 0x00000000 "UpdatesDisableNotify" = 0x00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{49C2E27D-66AE-4EBE-865B-85F3C17BD639}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{DD7EF86B-6FF1-48A0-A295-22FB86284C22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{E7A74280-930D-4324-BC81-F0B4C32D1728}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{F776266E-5123-438F-9B40-4A6EAA291A72}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0146C2D4-FB19-4349-A197-9D134CDEB7E2}" = protocol=17 | dir=in | app=c:\program files\crazyloader\crazyloader.exe | "{118709A3-4D19-49A1-A43C-48683FD5BCB0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{28CA4ABE-E73C-4E3A-BE23-57E5C2BF41AB}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{350E0E23-CC57-4A7E-A84C-EA3E79F50032}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "{4553CF00-1BCF-4AD6-9142-1E048AD425F9}" = protocol=17 | dir=in | app=c:\program files\bboxupdate\btliveupdate.exe | "{483457DE-56D0-4D62-8392-3E33CD251FA6}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaws.exe | "{4951048F-5345-4EFD-AC77-BE7F42829941}" = protocol=17 | dir=in | app=e:\data\eskernel.exe | "{4CAAEE6F-4F60-4A49-B0DB-684315F067E1}" = protocol=6 | dir=in | app=c:\program files\adsltv\adsltv.exe | "{56D9B95C-9833-4B29-B2B4-FCC7DD432A6A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{5D062C0C-E9E0-414C-8031-9342B5EB319D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{78A993DA-EB7D-48ED-9A71-D0731564BD7E}" = protocol=6 | dir=in | app=c:\program files\crazyloader\crazyloader.exe | "{7A481351-0950-4CFA-AD1F-79B7EC009E9F}" = protocol=6 | dir=in | app=c:\program files\bboxupdate\btliveupdate.exe | "{7D12028E-E1A7-4012-87D6-CB9356EF9767}" = protocol=6 | dir=in | app=c:\users\florian\downloads\mp4convertersetup.exe | "{7DC39F0F-4AE9-43E2-9747-A17CA322C11A}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe | "{80BE7D82-BF70-422D-AC5B-F556EC1A12AE}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "{8159D9E6-9F0C-47E9-91E4-E7D5A26DC792}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9478A76A-DEDD-4EF8-ABCA-616AE8A0F94F}" = protocol=17 | dir=in | app=c:\program files\adsltv\adsltv.exe | "{A348AA7A-F6B1-4B90-9078-C24E6CCECDB4}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe | "{A4077189-4B5D-43D7-8F28-2376CC617753}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaws.exe | "{B38AEF52-C6DB-44AC-BB0C-ADE6AAA99244}" = protocol=6 | dir=in | app=e:\data\eskernel.exe | "{C7B77861-C24B-4382-BC93-3BA09A40DAFC}" = protocol=17 | dir=in | app=c:\program files\bbox\eskernel.exe | "{D6C766C4-B33D-474E-A0EB-887D35B1FBE2}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe | "{DB0665FA-62BD-4827-ACB7-D48F8627EF0D}" = dir=in | app=c:\program files\itunes\itunes.exe | "{DBCA3711-7946-4EC5-BF64-400361C7725B}" = protocol=17 | dir=in | app=c:\users\florian\downloads\mp4convertersetup.exe | "{DDF95B65-E03B-43A2-8D78-24182A984E08}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe | "{E4893920-E758-4324-8B3A-32E61F56C912}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe | "{F6BFD3F5-51BE-4445-AE6A-C5803C6EDCA7}" = protocol=6 | dir=in | app=c:\program files\bbox\eskernel.exe | "{FBDB32D8-6D6C-4CB6-88C3-91E8C1ADE71F}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe | "TCP Query User{086274AC-497B-43D9-95D4-84AA85167640}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\crazyloader.exe | "TCP Query User{2632CE36-E1D1-48EF-913F-A650945D1F26}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | "TCP Query User{4C0F7B11-D0B1-4A3B-A3E6-4C2A7BF4D8D2}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{4C406BB9-D4F1-4257-838C-5AF6DF175979}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe | "TCP Query User{5855AD97-2A5F-4B2D-AE49-905FC31464F8}C:\users\florian\appdata\local\temp\jdic_0_9_5\ieembed.exe" = protocol=6 | dir=in | app=c:\users\florian\appdata\local\temp\jdic_0_9_5\ieembed.exe | "TCP Query User{6A80A68E-C1B7-4E8A-B2F3-B69FF686223E}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{72B4CE51-849C-486C-8AF4-BA73ABB0D755}C:\program files\webmediaplayer\webmediaplayer.exe" = protocol=6 | dir=in | app=c:\program files\webmediaplayer\webmediaplayer.exe | "TCP Query User{E7011D91-F509-4FE8-8BD2-67049006C990}C:\program files\joost\xulrunner\tvprunner.exe" = protocol=6 | dir=in | app=c:\program files\joost\xulrunner\tvprunner.exe | "UDP Query User{08320F73-27A7-4322-8BAF-8C346030AABD}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | "UDP Query User{0C244C2D-BBFF-4A7B-B0FC-3EA961919B70}C:\program files\joost\xulrunner\tvprunner.exe" = protocol=17 | dir=in | app=c:\program files\joost\xulrunner\tvprunner.exe | "UDP Query User{0FCEDF00-B236-4ACC-B3A8-8A8522A03EB2}C:\users\florian\appdata\local\temp\jdic_0_9_5\ieembed.exe" = protocol=17 | dir=in | app=c:\users\florian\appdata\local\temp\jdic_0_9_5\ieembed.exe | "UDP Query User{51638157-5724-4469-BE81-15858025851F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{553EEB6F-20EF-4843-ACE8-0FB6EDD8C346}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\crazyloader.exe | "UDP Query User{5E304800-81F6-4A64-9D8C-62B404A31999}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{7910ACEF-C7D5-4D4E-9BBD-925A0DD35127}C:\program files\webmediaplayer\webmediaplayer.exe" = protocol=17 | dir=in | app=c:\program files\webmediaplayer\webmediaplayer.exe | "UDP Query User{C1A40715-59D0-401A-A10A-12997337FB84}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0011040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Excel 2000 SR-1 "{0013040C-78E1-11D2-B60F-006097C998E7}" = Microsoft PowerPoint 2000 SR-1 "{0017040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000 SR-1 "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 15 "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 "{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2 "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{65173BC2-60E7-4DE8-A61D-A81FCB96EE93}" = Pinnacle Studio Ultimate Plugins "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pilote vidéo Pinnacle "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme "{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14 "{AC76BA86-7AD7-1036-7B44-A70800000002}" = Adobe Reader 7.0.8 - Français "{AC76BA86-7AD7-1036-7B44-A80000000002}" = Adobe Reader 8 - Français "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.47 (March 12, 2011) version v2011.build.47 "{BC61F51E-8AF7-46B9-AF20-B33B5EE81036}" = Nero 7 Essentials "{C73F2967-062E-48F2-A462-D335B8950183}" = Safari "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0 "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore "7-Zip" = 7-Zip 4.65 "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "ajtfi" = Favorit "Anti-Pub_is1" = Anti-Pub 2003.03 "avast5" = avast! Free Antivirus "Avidemux 2.5" = Avidemux 2.5 "BabylonToolbar" = Babylon toolbar "BboxUpdate" = "Bouygues Telecom - désinstallation Bbox" = "CrazyLoader" = CrazyLoader "Croc Pop Up+" = Croc Pop Up+ "CX4300_5500_DX4400 Manuel" = CX4300_5500_DX4400 Manuel "Google Chrome" = Google Chrome "Image Convert_is1" = Image Convert 1.0 "Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16) "NVIDIA Drivers" = NVIDIA Drivers "OfferBox" = OfferBox "PDFCreator Toolbar" = PDFCreator Toolbar "ProInst" = Intel® PROSet/Wireless Software "Red Giant ToonIt Studio" = Red Giant ToonIt Studio "Revo Uninstaller" = Revo Uninstaller 1.75 "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SMSERIAL" = Motorola SM56 Speakerphone Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam "VLC media player" = VLC media player 1.1.8 "WinLiveSuite" = Windows Live "WinRAR archiver" = WinRAR 4.00 (32 bits) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "TimeAdjuster" = Time Adjuster STANDARD 3.1 ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 20/02/2009 18:04:39 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 28/02/2009 10:44:09 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 09/03/2009 17:48:14 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 12/05/2009 15:29:58 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 27/06/2009 17:59:18 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 20/09/2009 15:15:46 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 25/10/2009 08:50:28 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 27/10/2009 18:08:31 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 26/12/2009 15:31:23 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = Error - 05/02/2010 18:21:21 | Computer Name = PC-de-Florian | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 27/03/2010 15:55:09 | Computer Name = PC-de-Florian | Source = WerSvc | ID = 5007 Description = Error - 28/03/2010 09:48:56 | Computer Name = PC-de-Florian | Source = WerSvc | ID = 5007 Description = Error - 29/03/2010 14:32:03 | Computer Name = PC-de-Florian | Source = WerSvc | ID = 5007 Description = Error - 30/03/2010 14:14:31 | Computer Name = PC-de-Florian | Source = WerSvc | ID = 5007 Description = Error - 30/03/2010 15:05:39 | Computer Name = PC-de-Florian | Source = Application Error | ID = 1000 Description = Application défaillante systrayapp.exe, version 1.0.39.739, horodatage 0x46f94eba, module défaillant systrayapp.exe, version 1.0.39.739, horodatage 0x46f94eba, code d’exception 0xc0000005, décalage d’erreur 0x00001c1c, ID du processus 0xd40, heure de début de l’application 0x01cad0364dc44715. Error - 30/03/2010 15:13:08 | Computer Name = PC-de-Florian | Source = WerSvc | ID = 5007 Description = Error - 30/03/2010 15:34:39 | Computer Name = PC-de-Florian | Source = Application Error | ID = 1000 Description = Application défaillante systrayapp.exe, version 1.0.39.739, horodatage 0x46f94eba, module défaillant systrayapp.exe, version 1.0.39.739, horodatage 0x46f94eba, code d’exception 0xc0000005, décalage d’erreur 0x00001c1c, ID du processus 0x99c, heure de début de l’application 0x01cad03d36d2f844. Error - 31/03/2010 15:17:29 | Computer Name = PC-de-Florian | Source = WerSvc | ID = 5007 Description = Error - 01/04/2010 14:14:37 | Computer Name = PC-de-Florian | Source = WerSvc | ID = 5007 Description = Error - 02/04/2010 13:55:14 | Computer Name = PC-de-Florian | Source = WerSvc | ID = 5007 Description = [ System Events ] Error - 01/04/2011 08:57:25 | Computer Name = PC-de-Florian | Source = DCOM | ID = 10005 Description = Error - 01/04/2011 08:57:57 | Computer Name = PC-de-Florian | Source = Service Control Manager | ID = 7001 Description = Error - 01/04/2011 08:57:57 | Computer Name = PC-de-Florian | Source = Service Control Manager | ID = 7026 Description = Error - 01/04/2011 08:58:04 | Computer Name = PC-de-Florian | Source = DCOM | ID = 10005 Description = Error - 01/04/2011 09:13:39 | Computer Name = PC-de-Florian | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 01/04/2011 09:13:56 | Computer Name = PC-de-Florian | Source = DCOM | ID = 10005 Description = Error - 01/04/2011 09:14:03 | Computer Name = PC-de-Florian | Source = DCOM | ID = 10005 Description = Error - 01/04/2011 09:14:08 | Computer Name = PC-de-Florian | Source = DCOM | ID = 10005 Description = Error - 01/04/2011 09:14:43 | Computer Name = PC-de-Florian | Source = Service Control Manager | ID = 7001 Description = Error - 01/04/2011 09:14:43 | Computer Name = PC-de-Florian | Source = Service Control Manager | ID = 7026 Description = < End of report > Merci de ton aide. Florian

Tout d'abord, merci lance_yien de t'occuper de mon cas. Voilà le fichier OTL: OTL logfile created on: 01/04/2011 16:53:35 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Florian\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 35,97 Gb Free Space | 24,13% Space Free | Partition Type: NTFS Drive D: | 141,23 Gb Total Space | 46,23 Gb Free Space | 32,73% Space Free | Partition Type: NTFS Drive F: | 149,01 Gb Total Space | 9,24 Gb Free Space | 6,20% Space Free | Partition Type: FAT32 Computer Name: PC-DE-FLORIAN | User Name: Florian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/04/01 16:51:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe PRC - [2011/03/26 00:01:48 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/10/08 18:23:30 | 001,963,864 | ---- | M] (Secure Digital Services Limited) -- C:\Program Files\OfferBox\OfferBox.exe PRC - [2010/03/09 13:24:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/03/09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/04/11 08:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/08/06 21:44:26 | 000,103,936 | ---- | M] (TechCity Solutions France) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe PRC - [2008/06/28 11:12:59 | 002,641,920 | ---- | M] (pdfforge http://www.pdfforge.org/) -- C:\Program Files\PDFCreator\PDFCreator.exe PRC - [2008/04/29 15:36:20 | 000,020,480 | ---- | M] (TechCity Solutions France) -- C:\Program Files\BboxUpdate\eSRunService.exe PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe PRC - [2007/11/26 20:30:30 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe PRC - [2007/10/24 04:02:15 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2007/09/26 20:24:12 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe PRC - [2007/09/01 02:38:12 | 000,180,224 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe PRC - [2007/08/27 07:10:19 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2007/08/03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe PRC - [2007/04/19 20:32:08 | 000,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe PRC - [2007/04/17 22:39:42 | 000,077,824 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe PRC - [2007/02/20 11:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe PRC - [2007/02/06 03:13:14 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe PRC - [2007/01/18 04:26:36 | 007,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe PRC - [2006/12/21 08:03:38 | 001,036,288 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2006/12/19 02:26:26 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe ========== Modules (SafeList) ========== MOD - [2011/04/01 16:51:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/03/09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/03/09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/03/09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2008/04/29 15:36:20 | 000,020,480 | ---- | M] (TechCity Solutions France) [Auto | Running] -- C:\Program Files\BboxUpdate\eSRunService.exe -- (eStantLaunchService) SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/10/24 04:02:15 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel® SRV - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007/08/03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2007/02/06 03:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) ========== Driver Services (SafeList) ========== DRV - [2010/03/09 13:12:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/03/09 13:12:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/03/09 13:09:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/03/09 13:08:52 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/03/09 13:08:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/06/24 15:12:28 | 000,020,736 | ---- | M] (ZDC., Inc. (ZDC)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\ZDCndis5.sys -- (ZDCNDIS5) DRV - [2007/12/05 12:17:59 | 008,241,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007/10/31 13:55:59 | 000,046,592 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l160x86.sys -- (AtcL001) DRV - [2007/10/15 09:39:25 | 000,206,336 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etFilter.sys -- (FiltUSBET) DRV - [2007/09/27 00:03:42 | 000,015,416 | ---- | M] (Windows ® Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby) DRV - [2007/09/06 17:45:21 | 000,006,656 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etScan.sys -- (ScanUSBET) DRV - [2007/09/06 10:43:49 | 000,474,624 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etDevice.sys -- (DCamUSBET) DRV - [2007/08/03 06:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2007/07/24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2007/06/20 22:51:27 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel® DRV - [2007/06/17 06:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) DRV - [2007/03/22 07:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/02/24 23:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/01/24 12:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2007/01/24 01:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006/12/14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006/11/28 21:46:22 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50) DRV - [2006/11/28 21:46:20 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50) DRV - [2006/11/24 19:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2006/11/02 11:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2006/11/02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2006/11/02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel® DRV - [2005/09/23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ASUSTeK Computer IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr/firefox?client=firefox-a&rls=org.mozilla:fr:official" FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:2.1.3128.64 FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3 FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=00b8b4ef000000000000001de06311b1&tlver=1.4.19.19&instlRef=sst&affID=17161&q=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@offerbox.com [2010/10/18 22:11:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/31 22:03:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/31 22:03:20 | 000,000,000 | ---D | M] [2008/08/12 18:05:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions [2011/04/01 11:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\dgm0z4yu.default\extensions [2009/09/06 10:16:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\dgm0z4yu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/03/18 16:28:19 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\dgm0z4yu.default\extensions\ffxtlbr@babylon.com [2009/11/15 00:19:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2009/11/15 14:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org [2010/10/18 22:11:53 | 000,000,000 | ---D | M] (OfferBox) -- C:\PROGRAM FILES\OFFERBOX\OFFERBOXFFX@OFFERBOX.COM [2010/03/16 21:35:28 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/03/18 16:28:20 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2010/03/16 21:35:28 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/03/16 21:35:28 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/09 18:20:36 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2010/03/16 21:35:28 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/03/25 22:03:39 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/04/01 12:46:38 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll () O4 - HKLM..\Run: [avast5] File not found O4 - HKLM..\Run: [babylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.) O4 - HKLM..\Run: [bboxUpdate] C:\Program Files\BboxUpdate\eStantAutoRunV.exe (TechCity Solutions France) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [uSBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) O4 - HKCU..\Run: [sfiuf] File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: Deployer http://www.pcthreat.com/autoinstall/shsafeinstall.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Florian\Pictures\2008-08 PANAM\2011-03-28 Pêche a sion\01011047.JPG O24 - Desktop BackupWallPaper: C:\Users\Florian\Pictures\2008-08 PANAM\2011-03-28 Pêche a sion\01011047.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2b1beccc-9952-11dd-8480-001fc6679a4f}\Shell\AutoRun\command - "" = WD_Windows_Tools\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.mjpg - pvmjpg30.dll File not found Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/04/01 16:50:56 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe [2011/04/01 16:30:03 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll [2011/04/01 16:30:03 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll [2011/04/01 16:29:58 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2011/04/01 16:29:58 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll [2011/04/01 16:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5 [2011/04/01 15:04:38 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Malwarebytes [2011/04/01 15:04:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/04/01 15:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/04/01 15:04:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/04/01 15:04:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/04/01 15:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/04/01 14:18:20 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\pb virus [2011/04/01 13:26:42 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Windows Live [2011/04/01 13:25:52 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll [2011/04/01 12:46:16 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe [2011/04/01 12:46:16 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe [2011/04/01 12:46:16 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe [2011/04/01 12:46:16 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe [2011/04/01 12:46:16 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe [2011/04/01 12:46:16 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe [2011/04/01 12:46:16 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe [2011/04/01 12:46:16 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe [2011/04/01 12:46:16 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe [2011/04/01 12:46:16 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\Agent.OMZ.Fix.exe [2011/04/01 12:46:16 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe [2011/04/01 01:52:37 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2011/04/01 01:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2011/04/01 00:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\nLk06511nBiPi06511 [2011/03/31 21:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2011/03/31 21:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2011/03/31 21:57:27 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Real [2011/03/31 21:55:23 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Uniblue [2011/03/31 21:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft [2011/03/31 21:54:30 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\OpenCandy [2011/03/31 21:54:29 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\OpenCandy [2011/03/31 21:54:26 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll [2011/03/31 21:54:24 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax [2011/03/31 21:54:24 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll [2011/03/31 21:54:24 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax [2011/03/31 21:54:24 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax [2011/03/31 21:54:24 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax [2011/03/31 21:54:24 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax [2011/03/31 21:54:24 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll [2011/03/31 21:54:23 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax [2011/03/31 21:54:23 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax [2011/03/31 21:54:23 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax [2011/03/31 21:54:23 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax [2011/03/31 21:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft [2011/03/29 15:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Ultimate Collection [2011/03/29 15:27:44 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Pinnacle [2011/03/29 15:25:07 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2011/03/29 15:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio Plugins [2011/03/29 15:20:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pinnacle [2011/03/29 15:19:49 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Downloaded Installations [2011/03/29 15:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Ultimate [2011/03/29 15:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14 [2011/03/29 15:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pegasus Imaging [2011/03/29 15:11:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Yahoo! [2011/03/29 15:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Studio 14 [2011/03/29 15:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Plus [2011/03/29 15:11:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle [2011/03/29 15:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle [2011/03/29 14:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle [2011/03/29 14:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Studio14Trial [2011/03/27 19:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/03/27 17:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2011/03/27 17:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2011/03/27 16:57:06 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\WinRAR [2011/03/27 16:57:06 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011/03/27 16:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011/03/27 16:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2011/03/25 22:44:08 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011/03/25 22:44:08 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011/03/19 18:39:27 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\widestream [2011/03/19 18:39:23 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\widestream6 Air [2011/03/19 18:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Widestream6 [2011/03/18 19:50:44 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Publish Providers [2011/03/18 19:48:41 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Sony [2011/03/18 19:48:40 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Sony [2011/03/18 19:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2011/03/18 16:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar [2011/03/18 13:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDub-1.9.11 [2011/03/16 22:45:56 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\avidemux [2011/03/16 22:45:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux [2011/03/16 22:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Avidemux 2.5 [2011/03/15 23:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\Haali [2011/03/15 22:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter [2011/03/12 16:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/03/12 16:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/03/12 16:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/03/12 16:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/03/12 00:37:47 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\camera [2011/03/08 21:16:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011/03/08 21:16:58 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2011/03/08 21:16:58 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011/03/08 21:16:58 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll [2007/01/24 12:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/04/01 16:56:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/04/01 16:55:44 | 000,704,332 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/04/01 16:55:44 | 000,618,570 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/04/01 16:55:44 | 000,129,610 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/04/01 16:55:44 | 000,106,570 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/04/01 16:51:23 | 000,028,029 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\nvModes.001 [2011/04/01 16:51:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe [2011/04/01 16:46:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/04/01 15:24:40 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/04/01 15:24:38 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/04/01 15:23:42 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/04/01 15:23:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/04/01 15:23:14 | 3218,374,656 | -HS- | M] () -- C:\hiberfil.sys [2011/04/01 14:50:58 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011/04/01 14:41:17 | 000,443,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/04/01 12:46:41 | 000,002,034 | ---- | M] () -- C:\Windows\System32\tmp.reg [2011/04/01 12:46:41 | 000,000,691 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\GetValue.vbs [2011/04/01 12:46:41 | 000,000,035 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\SetValue.bat [2011/04/01 12:46:38 | 000,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011/03/31 21:54:31 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk [2011/03/31 21:39:07 | 000,215,552 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/03/31 15:03:52 | 000,000,685 | ---- | M] () -- C:\Users\Florian\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau - Raccourci.lnk [2011/03/29 15:16:59 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk [2011/03/27 19:25:52 | 000,002,643 | ---- | M] () -- C:\Users\Florian\Desktop\Microsoft Excel.lnk [2011/03/27 19:10:03 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/03/27 18:25:06 | 000,000,775 | ---- | M] () -- C:\Users\Florian\Desktop\mp4toavi - Raccourci.lnk [2011/03/27 17:42:38 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini [2011/03/27 17:16:01 | 000,001,792 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 9.0.lnk [2011/03/19 12:18:17 | 000,001,755 | ---- | M] () -- C:\Users\Florian\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/03/18 14:02:01 | 000,000,886 | ---- | M] () -- C:\Users\Florian\Desktop\VirtualDub - Raccourci.lnk [2011/03/18 13:15:39 | 000,073,728 | ---- | M] ( ) -- C:\Windows\System\vdremote.dll [2011/03/18 13:15:39 | 000,065,536 | ---- | M] ( ) -- C:\Windows\System\vdsvrlnk.dll [2011/03/16 22:45:42 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Avidemux 2.5.lnk [2011/03/15 22:55:13 | 000,000,951 | ---- | M] () -- C:\Users\Florian\Desktop\Windows Media Player.lnk [2011/03/15 22:52:49 | 000,001,768 | ---- | M] () -- C:\Users\Florian\Desktop\Windows Movie Maker.lnk [2011/03/12 16:44:38 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/03/12 16:35:19 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/04/01 16:56:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/04/01 16:29:58 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2011/04/01 15:23:14 | 3218,374,656 | -HS- | C] () -- C:\hiberfil.sys [2011/04/01 13:29:52 | 000,002,032 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011/04/01 12:46:41 | 000,002,034 | ---- | C] () -- C:\Windows\System32\tmp.reg [2011/04/01 12:46:41 | 000,000,691 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\GetValue.vbs [2011/04/01 12:46:41 | 000,000,035 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\SetValue.bat [2011/04/01 12:46:16 | 000,075,776 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe [2011/04/01 12:46:16 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe [2011/04/01 12:46:16 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe [2011/03/31 21:54:31 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk [2011/03/31 21:54:24 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax [2011/03/31 21:54:24 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax [2011/03/31 21:54:24 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax [2011/03/31 21:54:23 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax [2011/03/31 21:54:23 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax [2011/03/31 21:54:23 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax [2011/03/31 21:54:23 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax [2011/03/31 21:54:23 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax [2011/03/31 15:03:52 | 000,000,685 | ---- | C] () -- C:\Users\Florian\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau - Raccourci.lnk [2011/03/29 15:16:59 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk [2011/03/27 19:10:03 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/03/27 18:25:06 | 000,000,775 | ---- | C] () -- C:\Users\Florian\Desktop\mp4toavi - Raccourci.lnk [2011/03/27 17:16:01 | 000,001,792 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Pro 9.0.lnk [2011/03/19 12:18:17 | 000,001,755 | ---- | C] () -- C:\Users\Florian\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/03/18 13:17:17 | 000,000,886 | ---- | C] () -- C:\Users\Florian\Desktop\VirtualDub - Raccourci.lnk [2011/03/16 22:45:42 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Avidemux 2.5.lnk [2011/03/15 22:55:13 | 000,000,951 | ---- | C] () -- C:\Users\Florian\Desktop\Windows Media Player.lnk [2011/03/15 22:52:49 | 000,001,768 | ---- | C] () -- C:\Users\Florian\Desktop\Windows Movie Maker.lnk [2011/03/12 16:44:38 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/10/16 14:11:59 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010/10/10 12:41:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010/10/10 12:41:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010/08/20 18:45:19 | 000,004,350 | ---- | C] () -- C:\Users\Florian\AppData\Local\sfiuf.dat [2009/09/22 23:33:22 | 000,000,892 | ---- | C] () -- C:\Users\Florian\AppData\Local\cshwfb.exe [2008/07/30 17:50:35 | 000,000,090 | ---- | C] () -- C:\Users\Florian\AppData\Local\ajtfi.bat [2008/07/30 12:14:24 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008/07/11 22:23:33 | 000,000,680 | ---- | C] () -- C:\Users\Florian\AppData\Local\d3d9caps.dat [2008/06/30 11:58:07 | 000,000,493 | ---- | C] () -- C:\Windows\ODBC.INI [2008/06/29 00:25:19 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2008/06/28 22:23:14 | 000,016,384 | ---- | C] () -- C:\Windows\System32\DsrSleep.dll [2008/06/28 22:21:12 | 000,077,824 | ---- | C] () -- C:\Windows\System32\oopmdisp.exe [2008/06/28 22:21:12 | 000,069,632 | ---- | C] () -- C:\Windows\System32\oopmagentts.exe [2008/06/28 22:21:12 | 000,031,232 | ---- | C] () -- C:\Windows\System32\progress.exe [2008/06/28 22:21:06 | 000,026,112 | ---- | C] () -- C:\Windows\System32\oopmpm.dll [2008/06/28 21:16:32 | 000,215,552 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/06/28 21:05:29 | 000,000,865 | ---- | C] () -- C:\Windows\LAROUSSE.INI [2008/06/28 13:34:53 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2008/06/28 13:34:53 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2008/06/28 13:34:53 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2008/06/28 13:34:53 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2008/06/28 13:34:53 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2008/06/28 13:34:53 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2008/06/28 13:34:53 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2008/06/28 13:34:53 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2008/06/28 13:34:53 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2008/06/28 13:34:53 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2008/06/28 13:34:53 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2008/06/28 13:34:53 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2008/06/28 13:34:53 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2008/06/28 13:34:53 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2008/06/28 13:34:53 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2008/06/28 13:34:53 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2008/06/28 13:34:53 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2008/06/28 13:34:53 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2008/06/28 13:34:53 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2008/06/28 13:32:18 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini [2008/06/28 13:30:06 | 000,028,029 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.001 [2008/06/28 10:37:29 | 000,028,029 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.dat [2008/06/27 16:53:41 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008/06/27 16:04:22 | 000,000,546 | ---- | C] () -- C:\Windows\System32\ABM51Sn.DAT [2008/06/27 15:09:29 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe [2008/05/23 00:22:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/05/23 00:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2008/04/09 09:00:40 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe [2008/04/09 09:00:28 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll [2008/04/09 08:30:32 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007/08/06 11:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe [2007/06/01 19:58:40 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2007/04/18 11:09:44 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2007/04/18 11:09:43 | 000,704,332 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2007/04/18 11:09:43 | 000,129,610 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2007/04/18 11:09:43 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2007/04/18 11:06:01 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2007/04/18 10:33:08 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007/03/06 08:39:19 | 000,049,152 | ---- | C] () -- C:\Windows\revdevdll.dll [2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 14:47:37 | 000,443,096 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 12:33:01 | 000,618,570 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 12:33:01 | 000,106,570 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/03/10 12:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2005/04/03 01:29:59 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll [1998/05/06 06:09:59 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2007/04/18 11:26:27 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2007/04/04 06:01:54 | 000,000,019 | ---- | M] () -- C:\CA13.txt [2008/06/27 15:10:58 | 000,412,410 | ---- | M] () -- C:\ciam_uninstall.log [2008/06/27 15:10:52 | 000,016,287 | ---- | M] () -- C:\ciam_uninstall_0627-1510.log [2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2008/04/09 09:13:38 | 000,020,454 | ---- | M] () -- C:\devlist.txt [2008/04/09 09:10:15 | 000,000,009 | ---- | M] () -- C:\Finish.log [2011/04/01 15:23:14 | 3218,374,656 | -HS- | M] () -- C:\hiberfil.sys [2008/06/28 21:05:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007/12/24 06:38:07 | 001,048,576 | ---- | M] () -- C:\M51SnAS.BIN [2008/01/02 05:17:53 | 000,000,014 | ---- | M] () -- C:\M51Sn_Vista.20 [2008/06/28 21:05:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2007/08/07 23:43:02 | 000,000,015 | ---- | M] () -- C:\NERO.LOG [2007/05/17 05:35:24 | 000,000,015 | ---- | M] () -- C:\NIS2007_A.TXT [2007/03/16 01:18:45 | 000,000,025 | ---- | M] () -- C:\OFFICE2007_A.TXT [2011/04/01 15:23:11 | 3534,008,320 | -HS- | M] () -- C:\pagefile.sys [2008/04/08 19:59:11 | 000,000,105 | ---- | M] () -- C:\Pass.txt [2008/01/22 02:22:18 | 000,001,526 | ---- | M] () -- C:\Patch.LOG [2011/04/01 16:56:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2007/05/24 00:43:40 | 000,000,017 | ---- | M] () -- C:\READER_A.TXT [2007/10/15 11:25:26 | 000,000,012 | ---- | M] () -- C:\RECOVERY.DAT [2008/04/09 08:29:20 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log [2011/04/01 15:02:26 | 000,000,467 | ---- | M] () -- C:\rkill.log [2010/05/25 22:02:09 | 000,000,159 | ---- | M] () -- C:\Setup.log [2006/05/16 02:22:24 | 000,000,005 | ---- | M] () -- C:\store.log [2008/04/09 06:58:07 | 000,000,166 | ---- | M] () -- C:\SumHidd.txt [2008/04/09 06:57:12 | 000,000,098 | ---- | M] () -- C:\SumOS.txt [2007/12/06 22:22:16 | 000,000,023 | ---- | M] () -- C:\V54.TXT < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2006/11/02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006/11/02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006/11/02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2011/01/20 18:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys [2011/02/18 17:36:58 | 000,041,984 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-01 11:30:32 < End of report >

Bonjour, Mon PC a été infecté hier soir par MS removal tool. Du coup, j'ai suivi la procédure décrite par lance_yien dans ce topic ci-dessous: http://forum.zebulon.fr/pc-infecte-par-ms-removal-tool-t184217.html La technique marche bien car maintenant je ne trouve plus de trace sur mon PC de ce virus. Mais, est-ce que quelqu'un peut vérifier les logs de Malware et de Security demandés dans la procédure par lance_yien: - celui de Malware: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6235 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 7.0.6002.18005 01/04/2011 15:09:55 mbam-log-2011-04-01 (15-09-55).txt Type d'examen: Examen rapide Elément(s) analysé(s): 151297 Temps écoulé: 3 minute(s), 14 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 87 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 11 Fichier(s) infecté(s): 23 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\nLk06511nBiPi06511 (Trojan.Agent.Gen) -> Value: nLk06511nBiPi06511 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.1.22.0 (Adware.HotBar) -> Value: ShopperReports 3.1.22.0 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E879047EB1765A5530AA93 (Malware.Trace) -> Value: SRS_IT_E879047EB1765A5530AA93 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): c:\Users\Florian\AppData\Roaming\shopperreports3 (Adware.ShopperReports) -> Delete on reboot. c:\program files\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0 (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\shopperreports (Adware.ShopperReports) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\programdata\nlk06511nbipi06511\nlk06511nbipi06511.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\Pltfrm.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\shopperreports.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\mozillaps.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\CmndFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\Users\Florian\local settings\application data\gusuesk_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. c:\Users\Florian\local settings\application data\sfiuf_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. c:\Users\Florian\local settings\application data\sfiuf_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\launchhelp.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\shopperreportsuninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\browserextensionff.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\browserextensionff.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\customer support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully. -Celui de SECURITY: Results of screen317's Security Check version 0.99.7 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 7 Out of date! `````````````````````````````` Antivirus/Firewall Check: Windows Security Center service is not running! This report may not be accurate! avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 15 Java 6 Update 7 Out of date Java installed! Adobe Flash Player 9 (Out of date Flash Player installed!) Adobe Flash Player 10.2.152.32 Adobe Reader 7.0.8 - Français Adobe Reader 8 - Français Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log```````````` Merci d'avance de votre aide. Florian