Aller au contenu

fiber

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    13

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par fiber

  1. fiber
    All processes killed ========== OTL ========== Process ccSvcHst.exe killed successfully! Service PEVSystemStart stopped successfully! Service PEVSystemStart deleted successfully! Service Trufos stopped successfully! Service Trufos deleted successfully! C:\Windows\System32\drivers\Trufos.sys moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{249d74a3-bd19-4657-b6ce-e62f480a20de} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ not found. File C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{249d74a3-bd19-4657-b6ce-e62f480a20de} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ not found. File C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.0.60\coFFNST\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ not found. File C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3}\ deleted successfully. C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{249d74a3-bd19-4657-b6ce-e62f480a20de} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ not found. File C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D}\ deleted successfully. File C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D}\ not found. File C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KMCONFIG deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b61d46d0-0391-11e0-bf84-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b61d46d0-0391-11e0-bf84-806e6f6e6963}\ not found. File C:\Windows\System32\drivers\Trufos.sys not found. ADS C:\Windows:4F3CA095B3EE28F3 deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== < ipconfig /flushdns /c > No captured output from command... C:\Users\cyril\Desktop\cmd.bat deleted successfully. C:\WINDOWS\tasks\00b1eec7-1e66-4af7-89e8-386af6e55bc0.job moved successfully. C:\WINDOWS\tasks\GlaryInitialize.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-952067579-1566468737-2390835133-1000Core.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-952067579-1566468737-2390835133-1000UA.job moved successfully. C:\sqmdata00.sqm moved successfully. C:\sqmdata01.sqm moved successfully. C:\sqmdata02.sqm moved successfully. C:\sqmdata03.sqm moved successfully. C:\sqmnoopt00.sqm moved successfully. C:\sqmnoopt01.sqm moved successfully. C:\sqmnoopt02.sqm moved successfully. C:\sqmnoopt03.sqm moved successfully. C:\WINDOWS\System32\tmpA1DA.tmp moved successfully. C:\WINDOWS\System32\tmpA1DB.tmp moved successfully. C:\WINDOWS\S1CDFF05C.tmp moved successfully. File\Folder C:\Program Files\IncrediMail_MediaBar_Francais_2 not found. File\Folder C:\Program Files\ConduitEngine not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: cyril ->Temp folder emptied: 617344215 bytes ->Temporary Internet Files folder emptied: 27521308 bytes ->Java cache emptied: 18775 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 147290112 bytes ->Flash cache emptied: 470 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: fiber ->Temp folder emptied: 28118838 bytes ->Temporary Internet Files folder emptied: 122508438 bytes ->Java cache emptied: 248850 bytes ->Apple Safari cache emptied: 75463680 bytes ->Flash cache emptied: 1057 bytes User: Invité ->Temp folder emptied: 1524355 bytes ->Temporary Internet Files folder emptied: 111129813 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 653 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 14452816 bytes RecycleBin emptied: 182905507 bytes Total Files Cleaned = 1 267,00 mb [EMPTYFLASH] User: All Users User: cyril ->Flash cache emptied: 0 bytes User: Default User: Default User User: fiber ->Flash cache emptied: 0 bytes User: Invité ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.27.0 log created on 09082011_151622 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... Merci beaucoup pour ton implication.. J'ai toujours cette session qui deconne mais j'ai crée une autre qui fonctionne très bien... grace à toi j'ai découvert de nouveau outils de recherche, de malwares et de virus Ma machine est très propre maintenant. Merci encore et bonne journée Cyril
  2. fiber
    bonjour, je garde avast et voici le rapport merci esults of screen317's Security Check version 0.99.18 Windows 7 Service Pack 1 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner DH Driver Cleaner Professional Edition Duplicate Cleaner 1.4.3 Java 6 Update 26 Adobe Flash Player 10.3.183.5 ```````````````````````````````` Process Check: objlist.exe by Laurent Norton ccSvcHst.exe Malwarebytes' Anti-Malware mbamservice.exe Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe ``````````End of Log````````````
  3. fiber
    voici le bon, OTL logfile created on: 05/09/2011 22:23:02 - Run 2 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\cyril\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 58,04% Memory free 6,00 Gb Paging File | 4,44 Gb Available in Paging File | 74,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 139,73 Gb Total Space | 35,98 Gb Free Space | 25,75% Space Free | Partition Type: NTFS Drive F: | 465,73 Gb Total Space | 22,64 Gb Free Space | 4,86% Space Free | Partition Type: NTFS Drive W: | 48,83 Gb Total Space | 12,94 Gb Free Space | 26,50% Space Free | Partition Type: NTFS Drive Z: | 547,33 Gb Total Space | 270,78 Gb Free Space | 49,47% Space Free | Partition Type: NTFS Computer Name: CYRIL-PC | User Name: cyril | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/09/05 22:21:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\cyril\Desktop\OTL.exe PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2011/06/24 22:56:24 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe PRC - [2011/04/20 04:04:36 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011/04/20 04:04:06 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/09/30 15:16:10 | 002,159,352 | ---- | M] () -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe PRC - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe PRC - [2010/09/08 11:44:50 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe PRC - [2010/09/08 11:42:28 | 005,185,536 | ---- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe PRC - [2010/09/08 11:41:36 | 000,237,056 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe PRC - [2010/07/19 18:31:56 | 000,976,192 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe PRC - [2010/06/26 02:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2010/06/22 21:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe PRC - [2010/04/30 11:32:00 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\ccSvcHst.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/10/30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009/09/22 12:51:56 | 000,339,968 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMProcess.exe PRC - [2009/09/22 12:45:58 | 000,391,168 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMCONFIG.exe PRC - [2009/09/16 22:14:48 | 000,153,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe PRC - [2009/08/31 23:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMWDSrv.exe PRC - [2009/07/14 03:14:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe PRC - [2009/02/10 17:54:02 | 000,485,376 | ---- | M] (Micro Application) -- C:\Program Files\Micro Application\LauncherMA.exe PRC - [2008/05/30 02:22:36 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\StartAutorun.exe PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe ========== Modules (No Company Name) ========== MOD - [2011/08/24 16:16:18 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bb04320c07e3c71ac2d18cb382d97f41\WindowsFormsIntegration.ni.dll MOD - [2011/08/24 16:15:23 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll MOD - [2011/08/24 16:14:58 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll MOD - [2011/08/24 16:14:58 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\4a63fb97b3c648a28b8047697869ee7d\UIAutomationProvider.ni.dll MOD - [2011/08/24 16:14:49 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll MOD - [2011/08/24 16:14:42 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll MOD - [2011/08/24 16:13:05 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll MOD - [2011/08/24 16:13:00 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\33b601c8e2cf4993e68d763389246197\System.Web.ni.dll MOD - [2011/08/24 15:53:45 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll MOD - [2011/08/24 15:53:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll MOD - [2011/08/24 15:53:34 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll MOD - [2011/08/24 15:53:29 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll MOD - [2011/08/24 15:53:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll MOD - [2011/08/24 15:53:25 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll MOD - [2011/08/24 15:53:20 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/04/19 22:16:28 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2010/11/13 01:35:38 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009/02/27 17:33:36 | 001,708,032 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annots.FRA MOD - [2008/06/16 10:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Keyboard Driver\MouseHook.dll MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2007/03/29 13:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Keyboard Driver\keydll.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart) SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2011/06/17 09:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011/04/20 04:04:06 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011/01/09 14:52:48 | 000,310,640 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/09/30 15:16:10 | 002,159,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector) SRV - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME) SRV - [2010/09/08 11:44:50 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC) SRV - [2010/09/08 11:41:36 | 000,237,056 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV - [2010/06/03 10:30:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/04/30 11:32:00 | 000,126,904 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\ccSvcHst.exe -- (NSL) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/08/31 23:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Keyboard Driver\KMWDSrv.exe -- (KMWDSERVICE) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Trufos.sys -- (Trufos) DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/04/30 14:00:18 | 000,039,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2011/04/30 14:00:06 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2011/04/20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2011/04/20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011/04/20 03:22:08 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011/03/30 20:46:36 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/19 11:34:14 | 000,141,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2010/11/19 11:34:12 | 000,062,208 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2010/09/23 11:11:28 | 000,316,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/03/18 11:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2010/03/09 12:21:26 | 000,107,024 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009/11/17 11:54:34 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009/09/16 17:55:00 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009/09/11 13:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2009/09/11 13:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2009/09/11 13:47:42 | 000,031,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2009/09/11 13:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009/09/11 13:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2009/08/26 13:45:10 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv) DRV - [2009/04/29 16:37:26 | 000,025,088 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86) DRV - [2009/02/13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2007/02/16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007/02/03 11:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007/02/03 11:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl) DRV - [2004/08/13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2002/09/16 19:07:24 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\PQNTDRV.sys -- (PQNTDrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 FD E4 15 63 67 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\cyril\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\cyril\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.0.60\coFFNST\ [2010/06/07 09:38:15 | 000,000,000 | ---D | M] [2010/09/26 22:41:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/06/03 10:39:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/21 10:33:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited) O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Disk SpeedUp] C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe (Glarysoft Ltd) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [KMCONFIG] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation) O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.) O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - Startup: C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk = C:\Program Files\Micro Application\LauncherMA.exe (Micro Application) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 4 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 4 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = msconfig.exe (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CECBD22-FEC5-4023-A6EE-773293212762}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88FFEBA4-1F0E-4452-8F1C-15EDA8CC6AFE}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{b61d46d0-0391-11e0-bf84-806e6f6e6963}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L) Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/09/05 22:21:52 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\cyril\Desktop\OTL.exe [2011/09/04 21:25:52 | 000,000,000 | ---D | C] -- C:\Program Files\DISKdata [2011/08/31 11:51:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011/08/31 10:03:22 | 000,000,000 | ---D | C] -- C:\Users\cyril\Documents\BlackMirrorIII [2011/08/31 09:12:58 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viva Media [2011/08/30 22:43:50 | 000,000,000 | ---D | C] -- C:\Users\cyril\DoctorWeb [2011/08/30 18:41:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis [2011/08/30 18:41:18 | 000,166,976 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\snapman.sys [2011/08/30 18:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis [2011/08/30 18:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis [2011/08/30 18:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis [2011/08/30 18:39:28 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Local\CrashDumps [2011/08/29 21:21:26 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Local\NPE [2011/08/29 21:12:54 | 000,309,320 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys [2011/08/29 19:24:06 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/08/29 17:34:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/08/29 17:34:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/08/29 17:34:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/08/29 17:34:49 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/08/29 17:33:53 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/08/28 23:32:48 | 000,000,000 | ---D | C] -- C:\Nouveau dossier [2011/08/26 22:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner [2011/08/24 23:26:39 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ad-Remover [2011/08/24 23:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2011/08/24 23:20:29 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Malwarebytes [2011/08/24 23:20:25 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/08/24 23:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/08/24 23:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/08/24 23:20:22 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/08/24 23:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/08/24 16:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2011/08/24 13:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011/08/24 13:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/08/24 11:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes [2011/08/24 09:54:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011/08/22 10:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/08/22 10:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/08/22 10:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/08/21 00:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue LCL [2011/08/21 00:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\e-Carte Bleue LCL [2011/08/20 22:29:12 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011/08/20 22:29:11 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011/08/20 22:29:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011/08/20 22:29:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011/08/20 22:29:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011/08/20 21:38:39 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011/08/20 21:38:38 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011/08/20 21:38:11 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2011/08/20 21:38:10 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011/08/20 21:38:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2011/08/20 21:38:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2011/08/20 21:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2011/08/20 21:38:07 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2011/08/20 21:38:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2011/08/20 21:38:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2011/08/20 21:38:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll [2011/08/20 21:38:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/09/05 22:25:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/09/05 22:21:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\cyril\Desktop\OTL.exe [2011/09/05 22:20:01 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/09/05 22:20:01 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/09/05 22:13:30 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011/09/05 22:13:27 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/09/05 22:12:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/09/05 22:12:43 | 2415,173,632 | -HS- | M] () -- C:\hiberfil.sys [2011/09/04 23:38:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-952067579-1566468737-2390835133-1000UA.job [2011/09/04 23:38:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/09/04 21:38:00 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-952067579-1566468737-2390835133-1000Core.job [2011/09/01 18:36:22 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/09/01 18:29:57 | 000,402,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/08/31 23:35:58 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys [2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\snapman.sys [2011/08/30 18:41:16 | 000,001,181 | ---- | M] () -- C:\Users\Public\Desktop\Acronis Disk Director 11 Home.lnk [2011/08/29 21:24:48 | 016,856,015 | ---- | M] () -- C:\Users\cyril\AppData\Roaming\SMRBackup210.dat [2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys [2011/08/29 19:24:07 | 000,000,466 | RHS- | M] () -- C:\boot.ini [2011/08/29 14:37:32 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/08/29 14:37:32 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/08/29 14:37:32 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/08/29 14:37:32 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/08/28 22:25:09 | 000,135,168 | -H-- | M] () -- C:\Users\cyril\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/24 23:26:39 | 000,001,802 | ---- | M] () -- C:\Users\cyril\Desktop\Ad-Remover.lnk [2011/08/24 23:22:15 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/08/24 22:57:04 | 000,008,212 | ---- | M] () -- C:\Users\cyril\Documents\cc_20110824_225657.reg [2011/08/24 16:27:44 | 000,000,126 | -HS- | M] () -- C:\ProgramData\.zreglib [2011/08/24 13:55:16 | 000,155,544 | ---- | M] () -- C:\Users\cyril\Documents\cc_20110824_135508.reg [2011/08/24 13:53:06 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/08/24 11:42:13 | 000,001,306 | ---- | M] () -- C:\Users\cyril\Desktop\téléchargements.lnk [2011/08/22 10:56:48 | 000,001,718 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/08/21 00:06:32 | 000,001,865 | ---- | M] () -- C:\Users\cyril\Application Data\Microsoft\Internet Explorer\Quick Launch\e-Carte Bleue LCL.lnk [2011/08/20 22:26:43 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/09/04 21:25:53 | 000,000,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DISKdata.lnk [2011/09/01 19:10:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/08/30 18:41:16 | 000,001,181 | ---- | C] () -- C:\Users\Public\Desktop\Acronis Disk Director 11 Home.lnk [2011/08/29 21:21:46 | 016,856,015 | ---- | C] () -- C:\Users\cyril\AppData\Roaming\SMRBackup210.dat [2011/08/29 19:24:06 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011/08/29 17:34:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011/08/29 17:34:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011/08/29 17:34:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/08/29 17:34:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/08/29 17:34:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/08/24 23:26:39 | 000,001,802 | ---- | C] () -- C:\Users\cyril\Desktop\Ad-Remover.lnk [2011/08/24 23:20:25 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/08/24 22:56:59 | 000,008,212 | ---- | C] () -- C:\Users\cyril\Documents\cc_20110824_225657.reg [2011/08/24 13:55:12 | 000,155,544 | ---- | C] () -- C:\Users\cyril\Documents\cc_20110824_135508.reg [2011/08/24 13:53:06 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/08/24 11:01:53 | 006,986,240 | ---- | C] () -- C:\Program Files\server.exe [2011/08/22 10:56:48 | 000,001,718 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/08/21 00:06:32 | 000,001,865 | ---- | C] () -- C:\Users\cyril\Application Data\Microsoft\Internet Explorer\Quick Launch\e-Carte Bleue LCL.lnk [2011/04/19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011/03/17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011/02/28 23:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011/01/12 19:21:37 | 000,026,073 | ---- | C] () -- C:\Users\cyril\AppData\Roaming\UserTile.png [2010/09/24 17:12:11 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib [2010/08/31 18:37:44 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010/08/31 18:37:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/08/31 18:37:41 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010/08/31 18:37:41 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010/08/31 18:37:41 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/07/10 22:37:23 | 000,135,168 | -H-- | C] () -- C:\Users\cyril\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/02/25 10:49:20 | 000,000,760 | -H-- | C] () -- C:\Users\cyril\AppData\Roaming\setup_ldm.iss [2010/01/12 18:09:32 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll [2009/11/17 11:35:59 | 001,669,120 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2009/11/17 11:35:59 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2009/11/17 11:35:59 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2009/11/17 11:35:59 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2009/11/17 11:35:59 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2009/11/17 10:36:29 | 000,007,605 | -H-- | C] () -- C:\Users\cyril\AppData\Local\resmon.resmoncfg [2009/11/16 11:20:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/07/14 10:39:49 | 000,704,242 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2009/07/14 10:39:49 | 000,130,548 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 06:33:53 | 000,402,768 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007/02/03 09:59:04 | 000,050,127 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2004/08/13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/08/24 23:43:37 | 000,008,161 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt [2008/12/18 22:51:40 | 000,027,822 | ---- | M] () -- C:\ASLog.txt [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010/03/11 10:45:56 | 000,078,559 | ---- | M] () -- C:\bookmarks.html [2010/05/26 16:10:31 | 000,000,350 | ---- | M] () -- C:\Boot.bak [2011/08/29 19:24:07 | 000,000,466 | RHS- | M] () -- C:\boot.ini [2009/11/16 11:17:48 | 000,000,350 | RHS- | M] () -- C:\Boot.ini.saved [2008/04/14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2009/11/16 11:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr [2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2008/12/10 23:41:32 | 000,000,117 | ---- | M] () -- C:\finfos.txt [2008/12/03 21:26:38 | 000,171,136 | RHS- | M] () -- C:\grldr [2011/09/05 22:12:43 | 2415,173,632 | -HS- | M] () -- C:\hiberfil.sys [2008/01/19 22:00:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/05/13 16:59:45 | 000,000,000 | ---- | M] () -- C:\itouch_config_crash_info.txt [2010/05/12 19:38:49 | 000,000,000 | ---- | M] () -- C:\itouch_crash_info.txt [2008/11/10 19:58:59 | 000,002,786 | ---- | M] () -- C:\LGSInst.Log [2008/12/10 23:40:42 | 000,001,611 | ---- | M] () -- C:\mkv.txt [2008/01/19 22:00:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/04/14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/04/14 14:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/09/05 22:12:48 | 3220,234,240 | -HS- | M] () -- C:\pagefile.sys [2011/09/05 22:25:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2009/05/21 19:46:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2009/07/22 11:26:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2009/10/07 10:24:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm [2009/11/16 11:12:55 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2009/05/21 19:46:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2009/07/22 11:26:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2009/10/07 10:24:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2009/11/16 11:12:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2011/08/29 21:12:24 | 000,072,232 | ---- | M] () -- C:\TDSSKiller.2.5.17.0_29.08.2011_21.11.35_log.txt [2003/03/12 13:50:11 | 000,000,052 | -H-- | M] () -- C:\WM800918.bin [2010/03/31 15:31:21 | 000,000,000 | ---- | M] () -- C:\________ < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011/04/20 04:05:08 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll [2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll [2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswFsBlk.sys [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswMonFlt.sys [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRdr.sys [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSnx.sys [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSP.sys [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswTdi.sys [2011/08/31 23:35:58 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\system32\drivers\LNonPnP.sys [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbam.sys [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys [2011/07/09 04:30:00 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb10.sys [2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) -- C:\Windows\system32\drivers\snapman.sys [2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tcpip.sys [2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\system32\drivers\Trufos.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-04 19:26:17 ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:4F3CA095B3EE28F3 < End of report >
  4. fiber
    Bonjour, J'ai bien suivi les instructions ,je l'ai lancè sur mon bureau du c: ..mais comme mon disque n'existe plus sur ce bureau là ,c'est peut être la cause de ce bug ? Je vais réessayer ce soir . Merci
  5. fiber
    voici le otl.txt OTL logfile created on: 01/09/2011 19:08:14 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = Z:\ Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,61% Memory free 6,00 Gb Paging File | 4,38 Gb Available in Paging File | 73,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 139,73 Gb Total Space | 29,73 Gb Free Space | 21,28% Space Free | Partition Type: NTFS Drive F: | 465,73 Gb Total Space | 22,64 Gb Free Space | 4,86% Space Free | Partition Type: NTFS Drive W: | 48,83 Gb Total Space | 12,99 Gb Free Space | 26,60% Space Free | Partition Type: NTFS Drive Z: | 547,33 Gb Total Space | 270,81 Gb Free Space | 49,48% Space Free | Partition Type: NTFS Computer Name: CYRIL-PC | User Name: cyril | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/09/01 19:06:46 | 000,581,120 | ---- | M] (OldTimer Tools) -- Z:\OTL.exe PRC - [2011/09/01 18:36:22 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2011/04/20 04:04:36 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011/04/20 04:04:06 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/09/30 15:16:10 | 002,159,352 | ---- | M] () -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe PRC - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe PRC - [2010/09/08 11:44:50 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe PRC - [2010/09/08 11:42:28 | 005,185,536 | ---- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe PRC - [2010/09/08 11:41:36 | 000,237,056 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe PRC - [2010/07/19 18:31:56 | 000,976,192 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe PRC - [2010/06/26 02:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2010/06/22 21:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe PRC - [2010/04/30 11:32:00 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\ccSvcHst.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/11/08 00:51:28 | 002,230,192 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe PRC - [2009/10/30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009/09/22 12:51:56 | 000,339,968 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMProcess.exe PRC - [2009/09/22 12:45:58 | 000,391,168 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMCONFIG.exe PRC - [2009/09/16 22:14:48 | 000,153,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe PRC - [2009/08/31 23:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMWDSrv.exe PRC - [2009/07/14 03:14:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe PRC - [2009/02/10 17:54:02 | 000,485,376 | ---- | M] (Micro Application) -- C:\Program Files\Micro Application\LauncherMA.exe PRC - [2008/05/30 02:22:36 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\StartAutorun.exe PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe ========== Modules (No Company Name) ========== MOD - [2011/08/24 16:16:18 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bb04320c07e3c71ac2d18cb382d97f41\WindowsFormsIntegration.ni.dll MOD - [2011/08/24 16:15:23 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll MOD - [2011/08/24 16:14:58 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll MOD - [2011/08/24 16:14:58 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\4a63fb97b3c648a28b8047697869ee7d\UIAutomationProvider.ni.dll MOD - [2011/08/24 16:14:49 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll MOD - [2011/08/24 16:14:42 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll MOD - [2011/08/24 16:13:05 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll MOD - [2011/08/24 16:13:00 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\33b601c8e2cf4993e68d763389246197\System.Web.ni.dll MOD - [2011/08/24 15:53:45 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll MOD - [2011/08/24 15:53:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll MOD - [2011/08/24 15:53:34 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll MOD - [2011/08/24 15:53:29 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll MOD - [2011/08/24 15:53:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll MOD - [2011/08/24 15:53:25 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll MOD - [2011/08/24 15:53:20 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/04/19 22:16:28 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2010/11/13 01:35:38 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/07/19 18:32:06 | 000,079,168 | ---- | M] () -- C:\Program Files\SFR\Kit\9unelevate.dll MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2008/06/16 10:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Keyboard Driver\MouseHook.dll MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2007/03/29 13:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Keyboard Driver\keydll.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart) SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2011/06/17 09:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011/04/20 04:04:06 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011/01/09 14:52:48 | 000,310,640 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/09/30 15:16:10 | 002,159,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector) SRV - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME) SRV - [2010/09/08 11:44:50 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC) SRV - [2010/09/08 11:41:36 | 000,237,056 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV - [2010/06/03 10:30:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/04/30 11:32:00 | 000,126,904 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\ccSvcHst.exe -- (NSL) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/08/31 23:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Keyboard Driver\KMWDSrv.exe -- (KMWDSERVICE) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Trufos.sys -- (Trufos) DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/04/30 14:00:18 | 000,039,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2011/04/30 14:00:06 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2011/04/20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2011/04/20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011/04/20 03:22:08 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011/03/30 20:46:36 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/19 11:34:14 | 000,141,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2010/11/19 11:34:12 | 000,062,208 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2010/09/23 11:11:28 | 000,316,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2010/03/18 11:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2010/03/09 12:21:26 | 000,107,024 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009/11/17 11:54:34 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009/09/16 17:55:00 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009/09/11 13:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2009/09/11 13:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2009/09/11 13:47:42 | 000,031,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2009/09/11 13:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009/09/11 13:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2009/08/26 13:45:10 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv) DRV - [2009/04/29 16:37:26 | 000,025,088 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86) DRV - [2009/02/13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2007/02/16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007/02/03 11:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007/02/03 11:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl) DRV - [2004/08/13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2002/09/16 19:07:24 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\PQNTDRV.sys -- (PQNTDrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 FD E4 15 63 67 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\cyril\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\cyril\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.0.60\coFFNST\ [2010/06/07 09:38:15 | 000,000,000 | ---D | M] [2010/09/26 22:41:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/06/03 10:39:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/21 10:33:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited) O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [Disk SpeedUp] C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe (Glarysoft Ltd) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [KMCONFIG] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation) O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.) O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - Startup: C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk = C:\Program Files\Micro Application\LauncherMA.exe (Micro Application) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 4 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 4 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = msconfig.exe (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CECBD22-FEC5-4023-A6EE-773293212762}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88FFEBA4-1F0E-4452-8F1C-15EDA8CC6AFE}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{b61d46d0-0391-11e0-bf84-806e6f6e6963}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L) Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/08/31 11:51:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011/08/31 10:03:22 | 000,000,000 | ---D | C] -- C:\Users\cyril\Documents\BlackMirrorIII [2011/08/31 09:12:58 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viva Media [2011/08/30 22:43:50 | 000,000,000 | ---D | C] -- C:\Users\cyril\DoctorWeb [2011/08/30 18:41:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis [2011/08/30 18:41:18 | 000,166,976 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\snapman.sys [2011/08/30 18:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis [2011/08/30 18:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis [2011/08/30 18:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis [2011/08/30 18:39:28 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Local\CrashDumps [2011/08/29 21:21:26 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Local\NPE [2011/08/29 21:12:54 | 000,309,320 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys [2011/08/29 19:24:06 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/08/29 17:34:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/08/29 17:34:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/08/29 17:34:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/08/29 17:34:49 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/08/29 17:33:53 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/08/28 23:32:48 | 000,000,000 | ---D | C] -- C:\Nouveau dossier [2011/08/26 22:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner [2011/08/24 23:26:39 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ad-Remover [2011/08/24 23:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2011/08/24 23:20:29 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Malwarebytes [2011/08/24 23:20:25 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/08/24 23:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/08/24 23:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/08/24 23:20:22 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/08/24 23:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/08/24 16:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2011/08/24 13:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011/08/24 13:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/08/24 11:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes [2011/08/24 09:54:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011/08/23 23:31:54 | 000,000,000 | ---D | C] -- C:\Users\cyril\Desktop\Maroc 2011 [2011/08/22 12:25:44 | 000,000,000 | ---D | C] -- C:\Users\cyril\Desktop\copie contacts iphone [2011/08/22 11:50:53 | 000,000,000 | ---D | C] -- C:\Users\cyril\Desktop\dernieres photos iphone [2011/08/22 10:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/08/22 10:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/08/22 10:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/08/21 00:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue LCL [2011/08/21 00:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\e-Carte Bleue LCL [2011/08/20 22:29:12 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011/08/20 22:29:11 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011/08/20 22:29:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011/08/20 22:29:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011/08/20 22:29:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011/08/20 21:38:39 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011/08/20 21:38:38 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011/08/20 21:38:11 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2011/08/20 21:38:10 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011/08/20 21:38:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2011/08/20 21:38:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2011/08/20 21:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2011/08/20 21:38:07 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2011/08/20 21:38:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2011/08/20 21:38:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2011/08/20 21:38:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll [2011/08/20 21:38:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/09/01 19:10:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/09/01 18:38:03 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/09/01 18:38:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-952067579-1566468737-2390835133-1000UA.job [2011/09/01 18:37:08 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/09/01 18:37:08 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/09/01 18:36:22 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/09/01 18:34:21 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011/09/01 18:34:20 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/09/01 18:29:57 | 000,402,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/09/01 18:29:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/09/01 18:29:47 | 2415,173,632 | -HS- | M] () -- C:\hiberfil.sys [2011/08/31 23:35:58 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys [2011/08/31 21:38:00 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-952067579-1566468737-2390835133-1000Core.job [2011/08/31 08:39:49 | 000,001,524 | ---- | M] () -- C:\Users\cyril\Desktop\DrWeb.csv [2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\snapman.sys [2011/08/30 18:41:16 | 000,001,181 | ---- | M] () -- C:\Users\Public\Desktop\Acronis Disk Director 11 Home.lnk [2011/08/29 21:24:48 | 016,856,015 | ---- | M] () -- C:\Users\cyril\AppData\Roaming\SMRBackup210.dat [2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys [2011/08/29 19:24:07 | 000,000,466 | RHS- | M] () -- C:\boot.ini [2011/08/29 14:37:32 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/08/29 14:37:32 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/08/29 14:37:32 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/08/29 14:37:32 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/08/28 22:25:09 | 000,135,168 | -H-- | M] () -- C:\Users\cyril\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/24 23:26:39 | 000,001,802 | ---- | M] () -- C:\Users\cyril\Desktop\Ad-Remover.lnk [2011/08/24 23:22:15 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/08/24 22:57:04 | 000,008,212 | ---- | M] () -- C:\Users\cyril\Documents\cc_20110824_225657.reg [2011/08/24 16:27:44 | 000,000,126 | -HS- | M] () -- C:\ProgramData\.zreglib [2011/08/24 13:55:16 | 000,155,544 | ---- | M] () -- C:\Users\cyril\Documents\cc_20110824_135508.reg [2011/08/24 13:53:06 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/08/24 11:42:13 | 000,001,306 | ---- | M] () -- C:\Users\cyril\Desktop\téléchargements.lnk [2011/08/22 10:56:48 | 000,001,718 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/08/21 00:06:32 | 000,001,865 | ---- | M] () -- C:\Users\cyril\Application Data\Microsoft\Internet Explorer\Quick Launch\e-Carte Bleue LCL.lnk [2011/08/20 22:26:43 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/09/01 19:10:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/08/31 08:39:49 | 000,001,524 | ---- | C] () -- C:\Users\cyril\Desktop\DrWeb.csv [2011/08/30 18:41:16 | 000,001,181 | ---- | C] () -- C:\Users\Public\Desktop\Acronis Disk Director 11 Home.lnk [2011/08/29 21:21:46 | 016,856,015 | ---- | C] () -- C:\Users\cyril\AppData\Roaming\SMRBackup210.dat [2011/08/29 19:24:06 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011/08/29 17:34:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011/08/29 17:34:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011/08/29 17:34:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/08/29 17:34:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/08/29 17:34:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/08/24 23:26:39 | 000,001,802 | ---- | C] () -- C:\Users\cyril\Desktop\Ad-Remover.lnk [2011/08/24 23:20:25 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/08/24 22:56:59 | 000,008,212 | ---- | C] () -- C:\Users\cyril\Documents\cc_20110824_225657.reg [2011/08/24 13:55:12 | 000,155,544 | ---- | C] () -- C:\Users\cyril\Documents\cc_20110824_135508.reg [2011/08/24 13:53:06 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/08/24 11:01:53 | 006,986,240 | ---- | C] () -- C:\Program Files\server.exe [2011/08/22 10:56:48 | 000,001,718 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/08/21 00:06:32 | 000,001,865 | ---- | C] () -- C:\Users\cyril\Application Data\Microsoft\Internet Explorer\Quick Launch\e-Carte Bleue LCL.lnk [2011/04/19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011/03/17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011/02/28 23:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011/01/12 19:21:37 | 000,026,073 | ---- | C] () -- C:\Users\cyril\AppData\Roaming\UserTile.png [2010/09/24 17:12:11 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib [2010/08/31 18:37:44 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010/08/31 18:37:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/08/31 18:37:41 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010/08/31 18:37:41 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010/08/31 18:37:41 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/07/10 22:37:23 | 000,135,168 | -H-- | C] () -- C:\Users\cyril\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/02/25 10:49:20 | 000,000,760 | -H-- | C] () -- C:\Users\cyril\AppData\Roaming\setup_ldm.iss [2010/01/12 18:09:32 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll [2009/11/17 11:35:59 | 001,669,120 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2009/11/17 11:35:59 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2009/11/17 11:35:59 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2009/11/17 11:35:59 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2009/11/17 11:35:59 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2009/11/17 10:36:29 | 000,007,605 | -H-- | C] () -- C:\Users\cyril\AppData\Local\resmon.resmoncfg [2009/11/16 11:20:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/07/14 10:39:49 | 000,704,242 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2009/07/14 10:39:49 | 000,130,548 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 06:33:53 | 000,402,768 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007/02/03 09:59:04 | 000,050,127 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2004/08/13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/08/24 23:43:37 | 000,008,161 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt [2008/12/18 22:51:40 | 000,027,822 | ---- | M] () -- C:\ASLog.txt [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010/03/11 10:45:56 | 000,078,559 | ---- | M] () -- C:\bookmarks.html [2010/05/26 16:10:31 | 000,000,350 | ---- | M] () -- C:\Boot.bak [2011/08/29 19:24:07 | 000,000,466 | RHS- | M] () -- C:\boot.ini [2009/11/16 11:17:48 | 000,000,350 | RHS- | M] () -- C:\Boot.ini.saved [2008/04/14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2009/11/16 11:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr [2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2008/12/10 23:41:32 | 000,000,117 | ---- | M] () -- C:\finfos.txt [2008/12/03 21:26:38 | 000,171,136 | RHS- | M] () -- C:\grldr [2011/09/01 18:29:47 | 2415,173,632 | -HS- | M] () -- C:\hiberfil.sys [2008/01/19 22:00:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/05/13 16:59:45 | 000,000,000 | ---- | M] () -- C:\itouch_config_crash_info.txt [2010/05/12 19:38:49 | 000,000,000 | ---- | M] () -- C:\itouch_crash_info.txt [2008/11/10 19:58:59 | 000,002,786 | ---- | M] () -- C:\LGSInst.Log [2008/12/10 23:40:42 | 000,001,611 | ---- | M] () -- C:\mkv.txt [2008/01/19 22:00:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/04/14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/04/14 14:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/09/01 18:29:49 | 3220,234,240 | -HS- | M] () -- C:\pagefile.sys [2011/09/01 19:10:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2009/05/21 19:46:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2009/07/22 11:26:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2009/10/07 10:24:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm [2009/11/16 11:12:55 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2009/05/21 19:46:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2009/07/22 11:26:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2009/10/07 10:24:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2009/11/16 11:12:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2011/08/29 21:12:24 | 000,072,232 | ---- | M] () -- C:\TDSSKiller.2.5.17.0_29.08.2011_21.11.35_log.txt [2003/03/12 13:50:11 | 000,000,052 | -H-- | M] () -- C:\WM800918.bin [2010/03/31 15:31:21 | 000,000,000 | ---- | M] () -- C:\________ < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011/04/20 04:05:08 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll [2011/05/01 19:09:24 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll [2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll [2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswFsBlk.sys [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswMonFlt.sys [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRdr.sys [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSnx.sys [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSP.sys [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswTdi.sys [2011/08/31 23:35:58 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\system32\drivers\LNonPnP.sys [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbam.sys [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys [2011/07/09 04:30:00 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb10.sys [2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) -- C:\Windows\system32\drivers\snapman.sys [2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tcpip.sys [2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\system32\drivers\Trufos.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-30 16:38:07 ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:4F3CA095B3EE28F3 < End of report > et extra.txt OTL Extras logfile created on: 01/09/2011 19:08:14 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = Z:\ Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,61% Memory free 6,00 Gb Paging File | 4,38 Gb Available in Paging File | 73,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 139,73 Gb Total Space | 29,73 Gb Free Space | 21,28% Space Free | Partition Type: NTFS Drive F: | 465,73 Gb Total Space | 22,64 Gb Free Space | 4,86% Space Free | Partition Type: NTFS Drive W: | 48,83 Gb Total Space | 12,99 Gb Free Space | 26,60% Space Free | Partition Type: NTFS Drive Z: | 547,33 Gb Total Space | 270,81 Gb Free Space | 49,48% Space Free | Partition Type: NTFS Computer Name: CYRIL-PC | User Name: cyril | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card "{06E34C00-0446-4176-81C8-A5DAFE53CA36}" = Acronis Disk Director 11 Home "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 26 "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D6B54EF-65E4-4624-8709-03A3BBE2C240}" = e-Carte Bleue LCL "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11 "{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2 "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001 "{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{589D0376-CF0C-3096-40E4-D2A15FE7987B}" = WMV9/VC-1 Video Playback "{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}" = IncrediMail "{5F577CD8-A997-2E11-83BC-4445DD2D4542}" = Catalyst Control Center "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr "{658DE1DF-D156-DD5A-800E-20C693806F65}" = Catalyst Control Center InstallProxy "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6844F85B-1AEE-093A-5FC9-235035B3A127}" = Catalyst Control Center Graphics Previews Common "{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71790311-0C42-B5BC-AF01-97BFFEF2A30B}" = ATI Catalyst Install Manager "{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari "{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77EC0035-AFBA-4A8C-814A-6A887224C1A1}" = DeskScapes "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed Hot Pursuit "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS "{8C3A3C74-0163-F062-08D6-C8AC7430669E}" = ccc-utility "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93665FB0-2A3D-47E1-AB9A-1925130924BB}" = Ma-Config.com "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-00AF-040C-0000-0000000FF1CE}" = Visionneuse Microsoft PowerPoint "{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse "{98D451C4-4ACA-4273-BB47-57CFE46B048E}" = WD SmartWare "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A81D3EB9-20E6-A6E3-2537-26964CE91417}" = AMD Drag and Drop Transcoding "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français "{ADFBA869-0359-4C24-8CEF-DB0FBE90B987}" = Mega Manager "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{B7749EE2-5318-D255-F0EE-14D5845B0925}" = CCC Help English "{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Les Sims™ 3 "{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}" = LauncherMA "{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support "{C4E1603B-E550-4A14-8F53-4E989849D1B4}" = Google SketchUp 8 "{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery "{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar "{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Logiciel Kodak EasyShare "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DC754D8F-1D06-4016-BF57-8D21F97E1F0A}" = JunkFilterPlus "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DFCDD1CE-6D49-49B8-BFB7-93391D22776B}" = Keyboard Driver "{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page "{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™ "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock "{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "avast" = avast! Free Antivirus "Bink and Smacker" = Bink and Smacker "Black Mirror 3" = Black Mirror 3 "CCleaner" = CCleaner "Cities XL" = Cities XL "CloneCD" = CloneCD "conduitEngine" = Conduit Engine "DeskScapes" = DeskScapes "Disk SpeedUp" = Disk SpeedUp 1.1.0.317 "Driver Cleaner Pro" = DH Driver Cleaner Professional Edition "Duplicate Cleaner_is1" = Duplicate Cleaner 1.4.3 "EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 4.1.1 Home Edition "F.E.A.R. 3_is1" = F.E.A.R. 3 "Fraps" = Fraps "Glary Utilities_is1" = Glary Utilities 2.35.0.1216 "IncrediMail" = IncrediMail 2.0 "IncrediMail_MediaBar_Francais_2 Toolbar" = IncrediMail MediaBar Francais 2 Toolbar "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 "InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver "InstallShield_{DFCDD1CE-6D49-49B8-BFB7-93391D22776B}" = Keyboard Driver "JDownloader" = JDownloader "JunkFilterPlus" = IncrediMail JunkFilter Plus "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800 "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "NST" = Norton Safe Web Lite "OpenAL" = OpenAL "PhotoMail" = PhotoMail Maker "Picasa 3" = Picasa 3 "RocketDock_is1" = RocketDock 1.3.5 "SFR_Kit" = SFR - Kit de connexion "SP6" = Logitech SetPoint 6.30 "VLC media player" = VLC media player 1.1.10 "WinLiveSuite" = Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Ad-Remover" = Ad-Remover "CopyTrans Suite" = CopyTrans Suite désinstallation uniquement "Google Chrome" = Google Chrome "XBMC" = XBMC ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 12/01/2010 11:47:06 | Computer Name = cyril-PC | Source = avast! | ID = 33554522 Description = Error - 03/06/2010 05:51:52 | Computer Name = cyril-PC | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 31/08/2011 05:07:46 | Computer Name = cyril-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Program Files\Common Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 31/08/2011 05:08:17 | Computer Name = cyril-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Program Files\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 31/08/2011 05:08:26 | Computer Name = cyril-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Program Files\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 31/08/2011 05:08:32 | Computer Name = cyril-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Program Files\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 31/08/2011 05:50:33 | Computer Name = cyril-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary DrWeb Protection. System Error: Le fichier spécifié est introuvable. . Error - 31/08/2011 09:37:56 | Computer Name = cyril-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16421, horodatage : 0x4d76255d Nom du module défaillant : aswWebRepIE.dll, version : 6.0.1203.0, horodatage : 0x4e11a754 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000151a3 ID du processus défaillant : 0x1b80 Heure de début de l’application défaillante : 0x01cc67e330557cb1 Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ID de rapport : 6e992951-d3d6-11e0-8ef3-00221505f1a3 Error - 31/08/2011 09:38:07 | Computer Name = cyril-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16421, horodatage : 0x4d76255d Nom du module défaillant : aswWebRepIE.dll, version : 6.0.1203.0, horodatage : 0x4e11a754 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000151a3 ID du processus défaillant : 0xa24 Heure de début de l’application défaillante : 0x01cc67e336fa2d28 Chemin d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe Chemin d’accès du module défaillant: C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ID de rapport : 750d0511-d3d6-11e0-8ef3-00221505f1a3 Error - 31/08/2011 15:51:52 | Computer Name = cyril-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567, horodatage : 0x4d6727a7 Nom du module défaillant : madFlac.ax, version : 1.8.0.0, horodatage : 0x2a425e19 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00001c19 ID du processus défaillant : 0x1ab0 Heure de début de l’application défaillante : 0x01cc67e2e599135d Chemin d’accès de l’application défaillante : C:\Windows\Explorer.EXE Chemin d’accès du module défaillant: C:\Program Files\K-Lite Codec Pack\Filters\madFlac.ax ID de rapport : abaf0807-d40a-11e0-8ef3-00221505f1a3 Error - 31/08/2011 17:41:43 | Computer Name = cyril-PC | Source = Application Hang | ID = 1002 Description = Le programme MSetup.exe version 2.17.0.4 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1f1c Heure de début : 01cc6825d8b9734e Heure de fin : 3 Chemin d’accès de l’application : C:\Users\fiber\AppData\Local\Temp\Logitech\SetPoint_1\MSetup.exe ID de rapport : Error - 01/09/2011 12:34:41 | Computer Name = cyril-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567, horodatage : 0x4d6727a7 Nom du module défaillant : deskscape.dll, version : 3.2.5.0, horodatage : 0x4cb9c613 Code d’exception : 0xc00000fd Décalage d’erreur : 0x0000ed1a ID du processus défaillant : 0xd10 Heure de début de l’application défaillante : 0x01cc68c5001dd5cc Chemin d’accès de l’application défaillante : C:\Windows\Explorer.EXE Chemin d’accès du module défaillant: C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscape.dll ID de rapport : 49f20ea2-d4b8-11e0-8998-00221505f1a3 [ Media Center Events ] Error - 12/02/2011 14:11:44 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 19:11:43 - Erreur de connexion à Internet. 19:11:43 - Impossible de contacter le service.. Error - 12/02/2011 15:11:49 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 20:11:49 - Erreur de connexion à Internet. 20:11:49 - Impossible de contacter le service.. Error - 12/02/2011 15:11:55 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 20:11:55 - Erreur de connexion à Internet. 20:11:55 - Impossible de contacter le service.. Error - 12/02/2011 17:38:19 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 22:38:19 - Erreur de connexion à Internet. 22:38:19 - Impossible de contacter le service.. Error - 12/02/2011 17:38:28 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 22:38:24 - Erreur de connexion à Internet. 22:38:24 - Impossible de contacter le service.. Error - 28/02/2011 16:05:06 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 21:05:06 - Erreur de connexion à Internet. 21:05:06 - Impossible de contacter le service.. Error - 28/02/2011 17:06:59 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 22:06:59 - Erreur de connexion à Internet. 22:06:59 - Impossible de contacter le service.. Error - 01/03/2011 17:15:20 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 22:15:19 - Erreur de connexion à Internet. 22:15:19 - Impossible de contacter le service.. Error - 01/03/2011 18:17:17 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 23:17:17 - Erreur de connexion à Internet. 23:17:17 - Impossible de contacter le service.. Error - 06/03/2011 04:49:13 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0 Description = 09:49:13 - Erreur de connexion à Internet. 09:49:13 - Impossible de contacter le service.. [ System Events ] Error - 30/08/2011 16:42:48 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 30/08/2011 16:42:48 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 30/08/2011 16:42:49 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 30/08/2011 16:42:49 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 30/08/2011 16:42:49 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 30/08/2011 16:42:49 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 30/08/2011 16:42:49 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 30/08/2011 16:42:49 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 30/08/2011 22:46:10 | Computer Name = cyril-PC | Source = DCOM | ID = 10005 Description = Error - 31/08/2011 17:57:00 | Computer Name = cyril-PC | Source = DCOM | ID = 10010 Description = < End of report >
  6. fiber
    Non pas compliqué à gérer je suis en multiboot au démarrage...il suffit juste de choisir le système d' exploitation. Au début j' avais installé les 2 systèmes car je n' avais pas confiance en windows "qui a l' habitude de sortir des produits non terminés avec des bugs et des incompatibilités" mon XP ,lui était très stable ensuite j'ai migré progressivement sur seven qui est plus agréable visuellement,mais j'ai toujours gardé mon XP au cas ou et je vois aujourd'hui que j'ai bien fait ! Facile de réparer W7 ...apparemment pas ,puisque je n'y arrive pas pour l' instant. oups pardon pour cette imprécision effectivement j'ai lancé en mode sans echec avec prise en charge réseau. Malheureusement je n' avais pas activé la sauvegarde du disque donc je n'ai pas pu restaurer,c'est d' ailleurs la première chose que j'ai essayé de faire . sinon j'ai une petite idée..J'ai crée un compte utilisateur avec tout les droits administrateur, je vais migrer les programmes et messagerie et ensuite supprimer le compte qui ne fonctionne plus Quand pense-tu ?
  7. fiber
    bonjour, j'ai 2 disques 1 avec windows seven mon C: et 1 avec windows XP mon W: "au cas ou seven planterait,ce qui est le cas" tous les logs ont été lancés avec W7 en mode sans echec Sous W xp le C: de seven est visible et disponible .. je pense à un bug de windows peut-etre suite à une mise à jour ?
  8. fiber
    voici le rapport. j'ai placé les fichiers en quarantaine mais rien n'a changé ! IncrediMail_Install.exe C:\Documents and Settings\cyril\AppData\Local\Application Data\IM\Runtime Adware.IncrediMail.5 Quarantaine. IncrediMail_Install.exe C:\Documents and Settings\cyril\AppData\Local\IM\Runtime Adware.IncrediMail.5 Chemin invalide pour le fichier CopyTransManager.exe C:\Documents and Settings\cyril\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications Probablement Trojan.Packed.191 Quarantaine. CopyTransManager.exe C:\Documents and Settings\cyril\Application Data\WindSolutions\CopyTransControlCenter\Applications Probablement Trojan.Packed.191 Chemin invalide pour le fichier IncrediMail_Install.exe C:\Users\cyril\AppData\Local\IM\Runtime Adware.IncrediMail.5 Chemin invalide pour le fichier CopyTransManager.exe C:\Users\cyril\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications Probablement Trojan.Packed.191 Chemin invalide pour le fichier IncrediMail_Install.exe W:\Documents and Settings\Administrateur\Local Settings\Application Data\IM\Runtime Adware.IncrediMail.5 Quarantaine. incredimail_install[1].exe W:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\AU7KR64X Adware.IncrediMail.5 Quarantaine. 2422684b.qua\data001 W:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\2422684b.qua Probablement Trojan.Packed.Based 2422684b.qua W:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED Conteneur comporte des objets infectés Quarantaine.
  9. fiber
    non unhide.exe n'a pas fonctionné .. blocage commande Ms dos..
  10. fiber
    Combien de temps faut-il laisser ComboFix ? Car, après plus de 2H, la fenêtre est toujours figée, impossible de fermer l'ordi ni d'annuler… Je pense qu'il ne fonctionne pas.
  11. fiber
    Oui, j'ai suivi les consignes… mode sans échec et clic droit, et il ne veut pas lancer le prog rkill. La commande CMD est bloquée, et tout programme l'utilisant ne fonctionne pas. Sinon, j'ai crée un compte utilisateur invité, et sur ce compte tout à l'air normal, mon disque est visible et je peux accéder aux dossiers… Peut-être que je peux essayer de lancer les progs sur ce compte ? Qu'en penses-tu ? Merci.
  12. fiber
    Bonjour, Merci pour les instructions, mais rkill ne veut pas se lancer car il bloque le CMD. Il m'ouvre une fenêtre indiquant "L'invite de commande a été désactivée par votre administrateur. Appuyer sur une touche pour continuer" Dois-je continuer quand même à installer les autres progs, unhide et combofix ? Merci.
  13. fiber
    Bonjour, Depuis quelques jours mon disque C: a disparu sous Windows Seven, et tous mes raccourcis de dossiers sur mon bureau ouvrent une fenêtre indiquant le message suivant "Cette opération a été annulée en raison de restrictions sur cet ordinateur. Contactez votre administrateur système." Il m'est impossible d'accéder à mes fichiers et dossiers sur mon disque C: Le même message apparaît en lançant regedit, CMD et même msconfig. Impossible aussi d'utiliser explorer. Pourtant je peux lancer des programmes installés dans mon C:, et il apparaît bien sous gestion des disques. En revanche je peux accéder à tous mes autres disques… bizarre. J'ai lancé, après avoir mis à jour Avast, une détection totale avant de démarrer Windows, j'ai lancé Malwarebytes, Spyboot, CCleaner, mais le problème persiste. Pensez-vous qu'il s'agisse d'un virus, ou simplement d'un bug suite à l'installation d'une mise à jour de Windows ? Avez-vous eu ce genre de problème ? Merci par avance.
×
×
  • Créer...