PUP DEALIO - 42 Infections (résolu)

[sylwya]

Voici le log TDSSKiller

 

2011/01/03 20:36:51.0451 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46

2011/01/03 20:36:51.0452 ================================================================================

2011/01/03 20:36:51.0452 SystemInfo:

2011/01/03 20:36:51.0452

2011/01/03 20:36:51.0452 OS Version: 6.0.6002 ServicePack: 2.0

2011/01/03 20:36:51.0452 Product type: Workstation

2011/01/03 20:36:51.0452 ComputerName: LAROUTEPOURTOUS

2011/01/03 20:36:51.0453 UserName: auchan

2011/01/03 20:36:51.0453 Windows directory: C:\Windows

2011/01/03 20:36:51.0453 System windows directory: C:\Windows

2011/01/03 20:36:51.0453 Processor architecture: Intel x86

2011/01/03 20:36:51.0453 Number of processors: 2

2011/01/03 20:36:51.0453 Page size: 0x1000

2011/01/03 20:36:51.0453 Boot type: Normal boot

2011/01/03 20:36:51.0454 ================================================================================

2011/01/03 20:36:52.0015 Initialize success

2011/01/03 20:38:46.0462 ================================================================================

2011/01/03 20:38:46.0462 Scan started

2011/01/03 20:38:46.0462 Mode: Manual;

2011/01/03 20:38:46.0462 ================================================================================

2011/01/03 20:38:47.0633 Accelerometer (3b10711ad8656c097e0d16a41b29c54c) C:\Windows\system32\DRIVERS\Accelerometer.sys

2011/01/03 20:38:47.0793 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

2011/01/03 20:38:47.0884 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

2011/01/03 20:38:47.0921 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

2011/01/03 20:38:47.0949 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

2011/01/03 20:38:47.0983 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

2011/01/03 20:38:48.0065 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

2011/01/03 20:38:48.0384 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

2011/01/03 20:38:48.0421 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2011/01/03 20:38:48.0467 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys

2011/01/03 20:38:48.0504 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

2011/01/03 20:38:48.0526 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys

2011/01/03 20:38:48.0564 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

2011/01/03 20:38:48.0615 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

2011/01/03 20:38:48.0707 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

2011/01/03 20:38:48.0775 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

2011/01/03 20:38:48.0839 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/01/03 20:38:48.0898 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

2011/01/03 20:38:48.0969 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys

2011/01/03 20:38:49.0128 atikmdag (5e80c91ca04c46a9ac6d4f39e1bce636) C:\Windows\system32\DRIVERS\atikmdag.sys

2011/01/03 20:38:49.0277 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys

2011/01/03 20:38:49.0347 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2011/01/03 20:38:49.0408 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

2011/01/03 20:38:49.0446 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2011/01/03 20:38:49.0497 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2011/01/03 20:38:49.0535 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2011/01/03 20:38:49.0597 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2011/01/03 20:38:49.0633 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2011/01/03 20:38:49.0672 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2011/01/03 20:38:49.0713 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2011/01/03 20:38:49.0774 BthEnum (cce53afc28347cc18ea139972e5b5e5a) C:\Windows\system32\DRIVERS\BthEnum.sys

2011/01/03 20:38:49.0842 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2011/01/03 20:38:49.0902 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

2011/01/03 20:38:49.0944 BTHPORT (ac8a1689d5efc4d214201155a78d8f4b) C:\Windows\system32\Drivers\BTHport.sys

2011/01/03 20:38:50.0039 BTHUSB (288c1f74e3e2eed6c7b54eb3aac70856) C:\Windows\system32\Drivers\BTHUSB.sys

2011/01/03 20:38:50.0171 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/01/03 20:38:50.0236 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

2011/01/03 20:38:50.0272 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

2011/01/03 20:38:50.0311 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

2011/01/03 20:38:50.0394 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/01/03 20:38:50.0429 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys

2011/01/03 20:38:50.0484 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2011/01/03 20:38:50.0526 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

2011/01/03 20:38:50.0558 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

2011/01/03 20:38:50.0627 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

2011/01/03 20:38:50.0690 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

2011/01/03 20:38:50.0779 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2011/01/03 20:38:50.0844 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

2011/01/03 20:38:50.0902 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

2011/01/03 20:38:50.0967 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

2011/01/03 20:38:51.0036 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

2011/01/03 20:38:51.0103 enecir (4cd6b056c5fd9e97c06fe74c81479517) C:\Windows\system32\DRIVERS\enecir.sys

2011/01/03 20:38:51.0142 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

2011/01/03 20:38:51.0229 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

2011/01/03 20:38:51.0323 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

2011/01/03 20:38:51.0364 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

2011/01/03 20:38:51.0426 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2011/01/03 20:38:51.0462 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2011/01/03 20:38:51.0489 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/01/03 20:38:51.0532 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

2011/01/03 20:38:51.0614 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2011/01/03 20:38:51.0649 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

2011/01/03 20:38:51.0734 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys

2011/01/03 20:38:51.0798 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/01/03 20:38:51.0860 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2011/01/03 20:38:51.0898 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

2011/01/03 20:38:51.0955 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

2011/01/03 20:38:52.0007 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

2011/01/03 20:38:52.0048 hpdskflt (24f3f496c18efc234777723a67a85f81) C:\Windows\system32\DRIVERS\hpdskflt.sys

2011/01/03 20:38:52.0092 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

2011/01/03 20:38:52.0162 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

2011/01/03 20:38:52.0232 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

2011/01/03 20:38:52.0277 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/01/03 20:38:52.0312 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

2011/01/03 20:38:52.0350 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2011/01/03 20:38:52.0393 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys

2011/01/03 20:38:52.0428 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2011/01/03 20:38:52.0477 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/01/03 20:38:52.0547 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

2011/01/03 20:38:52.0592 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2011/01/03 20:38:52.0622 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2011/01/03 20:38:52.0658 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

2011/01/03 20:38:52.0706 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/01/03 20:38:52.0735 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2011/01/03 20:38:52.0767 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2011/01/03 20:38:52.0821 JMCR (ed9103e5b70761ebc9809f4bd9673bb2) C:\Windows\system32\DRIVERS\jmcr.sys

2011/01/03 20:38:52.0856 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/01/03 20:38:52.0890 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/01/03 20:38:52.0955 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

2011/01/03 20:38:53.0052 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/01/03 20:38:53.0107 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

2011/01/03 20:38:53.0143 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

2011/01/03 20:38:53.0198 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

2011/01/03 20:38:53.0227 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2011/01/03 20:38:53.0366 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

2011/01/03 20:38:53.0419 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

2011/01/03 20:38:53.0464 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2011/01/03 20:38:53.0502 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2011/01/03 20:38:53.0538 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2011/01/03 20:38:53.0567 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2011/01/03 20:38:53.0590 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2011/01/03 20:38:53.0656 MpFilter (c98301ad8173a2235a9ab828955c32bb) C:\Windows\system32\DRIVERS\MpFilter.sys

2011/01/03 20:38:53.0690 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

2011/01/03 20:38:53.0715 MpNWMon (aeb186afff5d9cfed823c15d846aac3b) C:\Windows\system32\DRIVERS\MpNWMon.sys

2011/01/03 20:38:53.0748 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2011/01/03 20:38:53.0785 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2011/01/03 20:38:53.0816 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

2011/01/03 20:38:53.0850 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/01/03 20:38:53.0886 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/01/03 20:38:53.0912 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/01/03 20:38:53.0976 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys

2011/01/03 20:38:54.0014 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

2011/01/03 20:38:54.0060 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2011/01/03 20:38:54.0105 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2011/01/03 20:38:54.0163 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2011/01/03 20:38:54.0227 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/01/03 20:38:54.0268 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2011/01/03 20:38:54.0318 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

2011/01/03 20:38:54.0356 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/01/03 20:38:54.0384 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2011/01/03 20:38:54.0421 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

2011/01/03 20:38:54.0537 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

2011/01/03 20:38:54.0618 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

2011/01/03 20:38:54.0711 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/01/03 20:38:54.0752 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/01/03 20:38:54.0801 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/01/03 20:38:54.0830 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2011/01/03 20:38:54.0858 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2011/01/03 20:38:54.0894 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

2011/01/03 20:38:55.0030 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys

2011/01/03 20:38:55.0125 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2011/01/03 20:38:55.0178 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

2011/01/03 20:38:55.0228 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2011/01/03 20:38:55.0311 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

2011/01/03 20:38:55.0377 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2011/01/03 20:38:55.0399 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2011/01/03 20:38:55.0428 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

2011/01/03 20:38:55.0455 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

2011/01/03 20:38:55.0489 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

2011/01/03 20:38:55.0617 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/01/03 20:38:55.0681 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2011/01/03 20:38:55.0742 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

2011/01/03 20:38:55.0807 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2011/01/03 20:38:55.0858 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

2011/01/03 20:38:55.0917 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

2011/01/03 20:38:55.0979 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2011/01/03 20:38:56.0047 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2011/01/03 20:38:56.0210 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2011/01/03 20:38:56.0240 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys

2011/01/03 20:38:56.0299 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

2011/01/03 20:38:56.0397 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

2011/01/03 20:38:56.0470 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2011/01/03 20:38:56.0511 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2011/01/03 20:38:56.0536 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2011/01/03 20:38:56.0576 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/01/03 20:38:56.0618 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/01/03 20:38:56.0652 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

2011/01/03 20:38:56.0694 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

2011/01/03 20:38:56.0720 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/01/03 20:38:56.0770 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

2011/01/03 20:38:56.0796 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2011/01/03 20:38:56.0845 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

2011/01/03 20:38:56.0918 RFCOMM (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/01/03 20:38:57.0009 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2011/01/03 20:38:57.0073 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys

2011/01/03 20:38:57.0117 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2011/01/03 20:38:57.0175 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

2011/01/03 20:38:57.0220 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/01/03 20:38:57.0293 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2011/01/03 20:38:57.0336 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2011/01/03 20:38:57.0371 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2011/01/03 20:38:57.0431 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

2011/01/03 20:38:57.0462 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

2011/01/03 20:38:57.0495 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

2011/01/03 20:38:57.0541 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/01/03 20:38:57.0600 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

2011/01/03 20:38:57.0634 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

2011/01/03 20:38:57.0664 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

2011/01/03 20:38:57.0731 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

2011/01/03 20:38:57.0780 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2011/01/03 20:38:57.0875 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys

2011/01/03 20:38:57.0905 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys

2011/01/03 20:38:57.0943 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys

2011/01/03 20:38:58.0020 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys

2011/01/03 20:38:58.0095 STHDA (87a094ca41bc86ce430df0ed0c846dc8) C:\Windows\system32\DRIVERS\stwrt.sys

2011/01/03 20:38:58.0144 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2011/01/03 20:38:58.0202 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2011/01/03 20:38:58.0245 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2011/01/03 20:38:58.0268 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2011/01/03 20:38:58.0323 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys

2011/01/03 20:38:58.0461 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys

2011/01/03 20:38:58.0518 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys

2011/01/03 20:38:58.0599 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

2011/01/03 20:38:58.0645 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2011/01/03 20:38:58.0685 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2011/01/03 20:38:58.0742 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

2011/01/03 20:38:58.0786 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

2011/01/03 20:38:58.0866 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/01/03 20:38:58.0935 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2011/01/03 20:38:58.0991 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

2011/01/03 20:38:59.0055 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

2011/01/03 20:38:59.0115 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

2011/01/03 20:38:59.0179 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

2011/01/03 20:38:59.0227 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

2011/01/03 20:38:59.0253 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2011/01/03 20:38:59.0281 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2011/01/03 20:38:59.0320 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2011/01/03 20:38:59.0387 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/01/03 20:38:59.0426 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2011/01/03 20:38:59.0464 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

2011/01/03 20:38:59.0511 usbfilter (edca5124b54bcf04e5c0538aa397a9c1) C:\Windows\system32\DRIVERS\usbfilter.sys

2011/01/03 20:38:59.0544 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

2011/01/03 20:38:59.0575 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

2011/01/03 20:38:59.0616 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

2011/01/03 20:38:59.0657 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2011/01/03 20:38:59.0700 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/01/03 20:38:59.0741 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/01/03 20:38:59.0790 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

2011/01/03 20:38:59.0844 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/01/03 20:38:59.0882 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2011/01/03 20:38:59.0922 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

2011/01/03 20:38:59.0951 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

2011/01/03 20:38:59.0990 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys

2011/01/03 20:39:00.0019 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2011/01/03 20:39:00.0055 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

2011/01/03 20:39:00.0109 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

2011/01/03 20:39:00.0142 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

2011/01/03 20:39:00.0200 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2011/01/03 20:39:00.0236 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/03 20:39:00.0262 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/03 20:39:00.0323 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

2011/01/03 20:39:00.0369 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2011/01/03 20:39:00.0588 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/01/03 20:39:00.0719 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

2011/01/03 20:39:00.0771 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/01/03 20:39:00.0856 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/01/03 20:39:00.0932 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys

2011/01/03 20:39:01.0049 {55662437-DA8C-40c0-AADA-2C816A897A49} (bdfde977f5e88a539187aef24ded7c40) C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl

2011/01/03 20:39:01.0135 ================================================================================

2011/01/03 20:39:01.0135 Scan finished

2011/01/03 20:39:01.0135 ================================================================================

[sylwya]

Voici le log ESET, il est bien court !

 

C:\Users\auchan\Documents\fm Mozilla\Install MPD.exe probably a variant of Win32/Spy.Agent.LJHAMTI trojan deleted - quarantined

 

Merci

[lance_yien]

Bonjour,

 

- Les mises à jour sont en automatiques a une heure définie, mais même en voulant les effectuer en mode manuel, elles ne se font pas

Désolé d'insister mais j'ai besoin de plus d'infos. Quel est exactement le problème? lors du téléchargement? De l'installation? As-tu des message d'erreurs? Si oui, texte ou capture d'écran...?

 

- non pas de cd d'installation, le PC était déjà équipé lors de l'achat et pas de partition non plus

Très embêtant! C'est une version légale au moins?

Essaie cette commande(pour réparer les fichiers système):

Cliquer sur "Démarrer" => "Exécuter" et saisis (ou copier/coller) sfc /scannow (espace après sfc). Cliquer sur OK et laisser faire (ça peut être assez long). Quand la fenêtre disparait d'elle-même, redémarrer et tester (le mises à jour, désinstaller un programme...). Explique-moi ce que tu as eu pendant cette manip.

 

Une précision depuis les verifs de tout à l'heure, une icone "emodio" apparait dans la barre de tache en bas

Connais-tu ce "emodio" et/ou est-ce que tu l'as dans Ajout/ suppression de programme? Visiblement il fait référence à "Samsungmobiles".

--

 

Ensuite...

 

Pour supprimer les restes de Norton, cliquer ICI et télécharger ( sur le bureau) l'utilitaire pour "... Windows Vista/XP/2000".

Fermer toutes les fenêtres ouvertes y compris Internet et cliquer-droit sur le nouveau fichier "Norton_Removal_Tool.exe" => "Exécuter en tant qu'administrateur".

Redémarrer le PC quand vous serez invité à le faire.

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

 

Fermer tout et double-cliquer sur OTL.exe (Vista/ Windows7, clic-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

 

Rapports demandés:

• OTL.txt
• Extras.txt

[sylwya]

Bonjour

 

Je réponds dans un 1er temps aux questions

 

- C'est lors de l'installation que les mises à jour "merdouillent", voici les différents codes erreurs windows update rencontrées : 80070490 - 80070422 - 800f020b - 800f0826 - 800f0829

 

- C'est un PC tout ce qu'il y a de légal, le souci est que nous avons acheté celui d'expo dans une grande surface et tout était déjà installé, donc nous n'avons pu graver un CD. C'est dingue que les Cd d'installation ne soient plus fournis. De plus, c'est le PC de mon conjoint qui l'utilise à titre perso mais aussi pro (gestion de site, de plusieurs forum..... donc tout ce qui se trouve dans le PC est hyper important, et reformater semblerait irréalisable.

Le fonction "sfc /scannow" dans exécuter ne fonctionne pas, aucune fenêtre ne s'ouvre et le PC ne travaille pas......

 

- Emodio est dans le panneau de config Ajout et Supp et ce depuis 20/06/2009 ?? nous ne savons pas ce que c'est et c'est la 1ère fois que nous voyons cet icône.

 

Voilà, je m'attèle maintenant aux manipulations

 

A tout à l'heure et encore merci.

[sylwya]

OTL logfile created on: 04/01/2011 11:31:08 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\auchan\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18975)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 287,05 Gb Total Space | 185,99 Gb Free Space | 64,79% Space Free | Partition Type: NTFS

Drive D: | 11,04 Gb Total Space | 1,83 Gb Free Space | 16,56% Space Free | Partition Type: NTFS

 

Computer Name: LAROUTEPOURTOUS | User Name: auchan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe

PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe

PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

PRC - [2009/09/06 13:38:06 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2009/04/22 22:06:52 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe

PRC - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

PRC - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe

PRC - [2008/09/26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe

PRC - [2008/09/26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe

PRC - [2008/09/26 02:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe

PRC - [2008/09/25 18:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

PRC - [2008/09/17 11:36:04 | 000,484,880 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe

PRC - [2008/02/28 01:53:25 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdxcoms.exe

PRC - [2005/07/15 22:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe

MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)

SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/09/06 13:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)

SRV - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)

SRV - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)

SRV - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)

SRV - [2008/09/26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe -- (STacSV)

SRV - [2008/09/26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe -- (AESTFilters)

SRV - [2008/02/28 01:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdxcoms.exe -- (lxdx_device)

SRV - [2008/02/28 01:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)

SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)

SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\auchan\AppData\Local\Temp\catchme.sys -- (catchme)

DRV - [2010/03/25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)

DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2008/11/17 13:40:19 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2008/11/17 13:40:19 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2008/11/17 13:40:19 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2008/09/29 17:27:56 | 003,930,112 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2008/09/26 20:14:12 | 000,389,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)

DRV - [2008/09/26 02:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})

DRV - [2008/07/21 11:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)

DRV - [2008/05/28 17:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)

DRV - [2008/04/28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)

DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2008/03/27 12:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)

DRV - [2008/03/27 12:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)

DRV - [2008/02/14 15:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2008/01/24 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)

DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)

DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2008/01/21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®

DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2008/01/18 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)

DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006/11/02 08:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Hp-notebook | MSN.fr

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Webmail Free.fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

 

 

[2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions

[2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 

O1 HOSTS File: ([2011/01/03 17:24:01 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)

O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [sMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [uCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\auchan\Documents\patchwork\amis.JPG

O24 - Desktop BackupWallPaper: C:\Users\auchan\Documents\patchwork\amis.JPG

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/04 11:29:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe

[2011/01/03 17:35:47 | 000,000,000 | ---D | C] -- C:\Windows\TEMP

[2011/01/03 17:25:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2011/01/03 17:14:50 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2011/01/03 17:14:50 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2011/01/03 17:14:50 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2011/01/03 17:14:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2011/01/03 17:13:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2011/01/03 17:11:22 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/12/28 12:14:06 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\Gendarmerie

[2010/12/27 13:39:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010/12/27 13:39:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010/12/27 13:39:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010/12/16 11:23:54 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\CV Claudine Arotcaren

[2010/12/07 14:31:27 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\Téléthon

[2009/06/30 12:10:45 | 001,105,920 | ---- | C] ( ) -- C:\Windows\System32\lxdxserv.dll

[2009/06/30 12:10:45 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdxusb1.dll

[2009/06/30 12:10:45 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDXhcp.dll

[2009/06/30 12:10:45 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdxinpa.dll

[2009/06/30 12:10:45 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxiesc.dll

[2009/06/30 12:10:44 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdxpmui.dll

[2009/06/30 12:10:44 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdxlmpm.dll

[2009/06/30 12:10:44 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdxprox.dll

[2009/06/30 12:10:43 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdxhbn3.dll

[2009/06/30 12:10:42 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomc.dll

[2009/06/30 12:10:42 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomm.dll

[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[120 C:\Users\auchan\AppData\Roaming\*.tmp files -> C:\Users\auchan\AppData\Roaming\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/04 11:33:40 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0D088B3C-1A96-4B45-B34B-4CAA2112D607}.job

[2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe

[2011/01/04 10:50:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/04 10:08:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/04 10:08:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/04 08:13:12 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/01/04 08:13:12 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/01/04 08:13:12 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/01/04 08:13:12 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/01/04 08:08:53 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/04 08:08:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/04 08:08:32 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/04 00:26:26 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2011/01/03 20:38:36 | 000,002,865 | ---- | M] () -- C:\Users\auchan\AppData\Roaming\QuickZip45.ini

[2011/01/03 17:24:01 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010/12/25 11:07:00 | 000,010,104 | ---- | M] () -- C:\Users\auchan\Documents\sylvienoel.jpg

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/18 11:12:28 | 000,006,836 | ---- | M] () -- C:\Users\auchan\AppData\Local\d3d9caps.dat

[2010/12/07 14:25:01 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForauchan.job

[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[120 C:\Users\auchan\AppData\Roaming\*.tmp files -> C:\Users\auchan\AppData\Roaming\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/01/03 17:14:50 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2011/01/03 17:14:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2011/01/03 17:14:50 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2011/01/03 17:14:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2011/01/03 17:14:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010/12/25 11:00:19 | 000,010,104 | ---- | C] () -- C:\Users\auchan\Documents\sylvienoel.jpg

[2010/03/04 20:28:04 | 000,006,836 | ---- | C] () -- C:\Users\auchan\AppData\Local\d3d9caps.dat

[2009/12/06 15:05:29 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2009/12/02 09:24:55 | 000,012,588 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\UserTile.png

[2009/11/23 00:01:50 | 000,042,136 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpGALETS.0

[2009/11/23 00:01:50 | 000,025,579 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpGALETS.JPG

[2009/11/06 05:22:42 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll

[2009/11/02 09:04:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2009/11/02 09:04:23 | 000,000,000 | ---- | C] () -- C:\Windows\NSREX.INI

[2009/09/25 11:42:10 | 000,002,790 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpTROMBONEXI.JPG

[2009/09/25 11:42:10 | 000,002,656 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpTROMBONEXI.0

[2009/09/24 08:29:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/08/21 10:10:37 | 000,002,865 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\QuickZip45.ini

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/07/01 18:02:38 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll

[2009/06/30 12:21:51 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdxcoin.dll

[2009/06/30 12:21:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdxvs.dll

[2009/06/30 12:19:43 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdxdrs.dll

[2009/06/30 12:19:43 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdxcaps.dll

[2009/06/30 12:19:43 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdxcnv4.dll

[2009/06/30 12:18:59 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL

[2009/06/30 12:18:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL

[2009/06/30 12:18:39 | 000,053,248 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll

[2009/06/30 12:18:39 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL

[2009/06/30 12:16:12 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdxrwrd.ini

[2009/06/30 12:16:01 | 000,000,260 | ---- | C] () -- C:\ProgramData\lxdx.log

[2009/06/30 12:10:46 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDXinst.dll

[2009/06/30 12:10:43 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdxgrd.dll

[2009/03/21 16:45:34 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\wklnhst.dat

[2009/03/21 11:37:07 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\FnF4.txt

[2009/02/25 02:41:29 | 000,061,440 | ---- | C] () -- C:\Users\auchan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\QSwitch.txt

[2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\DSwitch.txt

[2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\AtStart.txt

[2009/01/14 18:59:06 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

[2009/01/14 18:58:53 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log

[2009/01/14 18:58:20 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log

[2009/01/14 18:57:40 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log

[2009/01/14 18:55:30 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log

[2009/01/14 17:59:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2008/11/17 06:53:19 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log

[2008/11/17 06:46:04 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

[2008/11/17 06:43:39 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

[2008/11/17 06:42:00 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

[2008/09/29 16:51:26 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2008/09/17 11:36:22 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll

[2008/09/17 11:36:20 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll

[2008/09/17 11:36:20 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll

[2008/09/17 11:36:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll

[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[1999/01/22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt

[2007/11/07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt

[2007/11/07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt

[2007/11/07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini

[2011/01/04 08:08:32 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys

[2007/11/07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini

[2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll

[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll

[2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll

[2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll

[2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll

[2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll

[2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll

[2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll

[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll

[2010/01/01 22:09:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/06/30 12:16:01 | 000,000,086 | ---- | M] () -- C:\lxdx.log

[2010/05/23 19:42:34 | 000,000,086 | ---- | M] () -- C:\lxdxjswx.log

[2010/01/01 22:09:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2011/01/04 08:08:30 | 3532,742,656 | -HS- | M] () -- C:\pagefile.sys

[2007/11/07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp

[2007/11/07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab

[2007/11/07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2008/09/29 16:52:50 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll

[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll

[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 

< %systemroot%\system32\drivers\*.sys /90 >

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

 

< >

 

< End of report >

 

OTL logfile created on: 04/01/2011 11:31:08 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\auchan\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18975)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 287,05 Gb Total Space | 185,99 Gb Free Space | 64,79% Space Free | Partition Type: NTFS

Drive D: | 11,04 Gb Total Space | 1,83 Gb Free Space | 16,56% Space Free | Partition Type: NTFS

 

Computer Name: LAROUTEPOURTOUS | User Name: auchan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe

PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe

PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

PRC - [2009/09/06 13:38:06 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2009/04/22 22:06:52 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe

PRC - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

PRC - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe

PRC - [2008/09/26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe

PRC - [2008/09/26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe

PRC - [2008/09/26 02:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe

PRC - [2008/09/25 18:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

PRC - [2008/09/17 11:36:04 | 000,484,880 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe

PRC - [2008/02/28 01:53:25 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdxcoms.exe

PRC - [2005/07/15 22:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe

MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)

SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/09/06 13:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)

SRV - [2009/04/22 21:53:22 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)

SRV - [2009/04/22 21:53:22 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)

SRV - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)

SRV - [2008/09/26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe -- (STacSV)

SRV - [2008/09/26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe -- (AESTFilters)

SRV - [2008/02/28 01:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdxcoms.exe -- (lxdx_device)

SRV - [2008/02/28 01:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)

SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)

SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\auchan\AppData\Local\Temp\catchme.sys -- (catchme)

DRV - [2010/03/25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)

DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2008/11/17 13:40:19 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2008/11/17 13:40:19 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2008/11/17 13:40:19 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2008/09/29 17:27:56 | 003,930,112 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2008/09/26 20:14:12 | 000,389,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)

DRV - [2008/09/26 02:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})

DRV - [2008/07/21 11:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)

DRV - [2008/05/28 17:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)

DRV - [2008/04/28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)

DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2008/03/27 12:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)

DRV - [2008/03/27 12:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)

DRV - [2008/02/14 15:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2008/01/24 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)

DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)

DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2008/01/21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®

DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2008/01/18 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)

DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006/11/02 08:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Hp-notebook | MSN.fr

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Webmail Free.fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

 

 

[2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions

[2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 

O1 HOSTS File: ([2011/01/03 17:24:01 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)

O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [sMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [uCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\auchan\Documents\patchwork\amis.JPG

O24 - Desktop BackupWallPaper: C:\Users\auchan\Documents\patchwork\amis.JPG

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/04 11:29:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe

[2011/01/03 17:35:47 | 000,000,000 | ---D | C] -- C:\Windows\TEMP

[2011/01/03 17:25:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2011/01/03 17:14:50 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2011/01/03 17:14:50 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2011/01/03 17:14:50 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2011/01/03 17:14:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2011/01/03 17:13:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2011/01/03 17:11:22 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/12/28 12:14:06 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\Gendarmerie

[2010/12/27 13:39:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010/12/27 13:39:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010/12/27 13:39:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010/12/16 11:23:54 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\CV Claudine Arotcaren

[2010/12/07 14:31:27 | 000,000,000 | ---D | C] -- C:\Users\auchan\Documents\Téléthon

[2009/06/30 12:10:45 | 001,105,920 | ---- | C] ( ) -- C:\Windows\System32\lxdxserv.dll

[2009/06/30 12:10:45 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdxusb1.dll

[2009/06/30 12:10:45 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDXhcp.dll

[2009/06/30 12:10:45 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdxinpa.dll

[2009/06/30 12:10:45 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxiesc.dll

[2009/06/30 12:10:44 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdxpmui.dll

[2009/06/30 12:10:44 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdxlmpm.dll

[2009/06/30 12:10:44 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdxprox.dll

[2009/06/30 12:10:43 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdxhbn3.dll

[2009/06/30 12:10:42 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomc.dll

[2009/06/30 12:10:42 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomm.dll

[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[120 C:\Users\auchan\AppData\Roaming\*.tmp files -> C:\Users\auchan\AppData\Roaming\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/04 11:33:40 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0D088B3C-1A96-4B45-B34B-4CAA2112D607}.job

[2011/01/04 11:30:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auchan\Desktop\OTL.exe

[2011/01/04 10:50:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/04 10:08:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/04 10:08:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/04 08:13:12 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/01/04 08:13:12 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/01/04 08:13:12 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/01/04 08:13:12 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/01/04 08:08:53 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/04 08:08:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/04 08:08:32 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/04 00:26:26 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2011/01/03 20:38:36 | 000,002,865 | ---- | M] () -- C:\Users\auchan\AppData\Roaming\QuickZip45.ini

[2011/01/03 17:24:01 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010/12/25 11:07:00 | 000,010,104 | ---- | M] () -- C:\Users\auchan\Documents\sylvienoel.jpg

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/18 11:12:28 | 000,006,836 | ---- | M] () -- C:\Users\auchan\AppData\Local\d3d9caps.dat

[2010/12/07 14:25:01 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForauchan.job

[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[120 C:\Users\auchan\AppData\Roaming\*.tmp files -> C:\Users\auchan\AppData\Roaming\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/01/03 17:14:50 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2011/01/03 17:14:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2011/01/03 17:14:50 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2011/01/03 17:14:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2011/01/03 17:14:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010/12/25 11:00:19 | 000,010,104 | ---- | C] () -- C:\Users\auchan\Documents\sylvienoel.jpg

[2010/03/04 20:28:04 | 000,006,836 | ---- | C] () -- C:\Users\auchan\AppData\Local\d3d9caps.dat

[2009/12/06 15:05:29 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2009/12/02 09:24:55 | 000,012,588 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\UserTile.png

[2009/11/23 00:01:50 | 000,042,136 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpGALETS.0

[2009/11/23 00:01:50 | 000,025,579 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpGALETS.JPG

[2009/11/06 05:22:42 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll

[2009/11/02 09:04:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2009/11/02 09:04:23 | 000,000,000 | ---- | C] () -- C:\Windows\NSREX.INI

[2009/09/25 11:42:10 | 000,002,790 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpTROMBONEXI.JPG

[2009/09/25 11:42:10 | 000,002,656 | ---- | C] () -- C:\Users\auchan\AppData\Local\tmpTROMBONEXI.0

[2009/09/24 08:29:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/08/21 10:10:37 | 000,002,865 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\QuickZip45.ini

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/07/01 18:02:38 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll

[2009/06/30 12:21:51 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdxcoin.dll

[2009/06/30 12:21:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdxvs.dll

[2009/06/30 12:19:43 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdxdrs.dll

[2009/06/30 12:19:43 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdxcaps.dll

[2009/06/30 12:19:43 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdxcnv4.dll

[2009/06/30 12:18:59 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL

[2009/06/30 12:18:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL

[2009/06/30 12:18:39 | 000,053,248 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll

[2009/06/30 12:18:39 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL

[2009/06/30 12:16:12 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdxrwrd.ini

[2009/06/30 12:16:01 | 000,000,260 | ---- | C] () -- C:\ProgramData\lxdx.log

[2009/06/30 12:10:46 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDXinst.dll

[2009/06/30 12:10:43 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdxgrd.dll

[2009/03/21 16:45:34 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Roaming\wklnhst.dat

[2009/03/21 11:37:07 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\FnF4.txt

[2009/02/25 02:41:29 | 000,061,440 | ---- | C] () -- C:\Users\auchan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\QSwitch.txt

[2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\DSwitch.txt

[2009/02/24 11:12:17 | 000,000,000 | ---- | C] () -- C:\Users\auchan\AppData\Local\AtStart.txt

[2009/01/14 18:59:06 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

[2009/01/14 18:58:53 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log

[2009/01/14 18:58:20 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log

[2009/01/14 18:57:40 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log

[2009/01/14 18:55:30 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log

[2009/01/14 17:59:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2008/11/17 06:53:19 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log

[2008/11/17 06:46:04 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

[2008/11/17 06:43:39 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

[2008/11/17 06:42:00 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

[2008/09/29 16:51:26 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2008/09/17 11:36:22 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll

[2008/09/17 11:36:20 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll

[2008/09/17 11:36:20 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll

[2008/09/17 11:36:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll

[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[1999/01/22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt

[2007/11/07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt

[2007/11/07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt

[2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt

[2007/11/07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini

[2011/01/04 08:08:32 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys

[2007/11/07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini

[2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll

[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll

[2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll

[2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll

[2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll

[2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll

[2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll

[2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll

[2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll

[2010/01/01 22:09:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/06/30 12:16:01 | 000,000,086 | ---- | M] () -- C:\lxdx.log

[2010/05/23 19:42:34 | 000,000,086 | ---- | M] () -- C:\lxdxjswx.log

[2010/01/01 22:09:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2011/01/04 08:08:30 | 3532,742,656 | -HS- | M] () -- C:\pagefile.sys

[2007/11/07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp

[2007/11/07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab

[2007/11/07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2008/09/29 16:52:50 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll

[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll

[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 

< %systemroot%\system32\drivers\*.sys /90 >

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

 

< >

 

< End of report >

 

OTL Extras logfile created on: 04/01/2011 11:31:08 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\auchan\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18975)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 287,05 Gb Total Space | 185,99 Gb Free Space | 64,79% Space Free | Partition Type: NTFS

Drive D: | 11,04 Gb Total Space | 1,83 Gb Free Space | 16,56% Space Free | Partition Type: NTFS

 

Computer Name: LAROUTEPOURTOUS | User Name: auchan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 1

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{AB61B6CC-DBFA-41CE-B42A-42C55C2326DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{E980F432-DE92-474F-9D6E-40D7464A5575}" = lport=2869 | protocol=6 | dir=in | app=system |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02613A23-1CED-451F-9E35-CEC66229E154}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe |

"{05864A93-983F-4060-92D7-FC7FBED55B40}" = protocol=6 | dir=in | app=c:\windows\system32\lxdxcfg.exe |

"{145D1B83-0E98-4095-BA58-96C631F160C4}" = protocol=6 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxamon.exe |

"{178CE79E-57D2-4C77-A7C8-A59122A6AB0E}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |

"{1956E7CB-DBCF-4725-8CAB-E74A2A924924}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |

"{1A81180B-1253-499C-96EA-C7B3982DAEEB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{1C1547B9-1A71-4299-9919-233482A3B044}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |

"{1D629D06-509D-4588-AD78-BBBE114AFE90}" = protocol=17 | dir=in | app=c:\program files\lexmark 3600-4600 series\frun.exe |

"{1F0CFDDB-CCE1-4E1C-9C08-D27A0748E686}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxjswx.exe |

"{20F437E8-36AD-4451-9518-4C4EE91CC43E}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |

"{21867B8D-8459-45AB-82A8-C90767EC1607}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |

"{22FC5876-79B0-41B7-9362-3AAC4FDB64B8}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |

"{279419D7-936B-430E-BAF5-C972CF392C33}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{2B64DA24-D4B2-4D36-A51C-5967C44DD308}" = protocol=17 | dir=in | app=c:\windows\system32\lxdxcfg.exe |

"{3782B7A2-4412-4A68-9B3C-4B317B617E99}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |

"{3C65D931-E620-4706-8A8F-51EABD3BB020}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |

"{44AF85DF-D186-4636-9167-BCE4D39226F7}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |

"{44EA5368-3D5C-4198-91B3-CEC7E17CBFF3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxtime.exe |

"{45BA5594-0AEB-475D-AF33-8E87872C489F}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxpswx.exe |

"{4813FE9B-91D6-49AA-8840-3251F206127B}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |

"{4A218011-F5E7-42E8-971D-A986CECC6A1B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |

"{4EA7EFC9-D9AF-4F22-907E-C4B379355E58}" = protocol=17 | dir=in | app=c:\windows\system32\lxdxcoms.exe |

"{5537F741-4E7D-417C-BA23-CF2DF25FFC7B}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |

"{59B102BD-E12F-4007-8BD5-C811DEBC47E1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{5B096746-AEBE-467C-AE46-E08D5C488659}" = protocol=6 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxmon.exe |

"{5B9DFDE7-7BA1-4023-B05C-6B0EE51B1546}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxjswx.exe |

"{5CEF256E-C63B-4873-BA52-54013537BF7C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{62CE6459-7380-4D23-BDE6-815713279EDA}" = protocol=6 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |

"{69CC44B2-F3D7-40A5-9775-15F14CF9F0BA}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxpswx.exe |

"{6C81BAB4-6A2C-4595-BD81-8FC5CE21364E}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe |

"{6FD501AB-A1A2-4AE9-8A68-C324382E3045}" = protocol=17 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |

"{71F62FE2-79A3-4A1A-87E4-B7E89673B79D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdxtime.exe |

"{8CFC8919-99F7-4BC5-A71C-DF372B7DB143}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{941C8351-F27A-45C5-8E14-010386F79E7D}" = protocol=6 | dir=in | app=c:\windows\system32\lxdxcoms.exe |

"{9E1D673F-5D80-435A-835C-21F6F45742B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{A9CAD971-39A8-4FB6-BF35-003EB3FC4054}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{B486AEBC-E032-43D3-95C6-CDAD874D8C9E}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{CC85D8F6-7038-47A2-ACE4-CD34A5F66B38}" = protocol=17 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxamon.exe |

"{D2E4B946-B8CF-4A21-8410-762C2EE337BA}" = protocol=6 | dir=in | app=c:\users\auchan\appdata\local\temp\7zsb84a.tmp\symnrt.exe |

"{D30CB295-0337-4C66-97AA-13E1ED46E39E}" = protocol=6 | dir=in | app=c:\users\auchan\appdata\local\temp\7zsfd52.tmp\symnrt.exe |

"{D4F7B15D-87B2-4DD4-9B7E-74789D420974}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe |

"{DB1326B0-05CB-4FC2-B5DC-78D40353CCED}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |

"{DB8210F7-F0DE-426D-B209-DCCC93859FFD}" = protocol=17 | dir=in | app=c:\users\auchan\appdata\local\temp\7zsfd52.tmp\symnrt.exe |

"{E2059F32-1EDB-41AD-8BC0-B2C4992EB37A}" = protocol=6 | dir=in | app=c:\program files\lexmark 3600-4600 series\frun.exe |

"{E6A79B84-11E6-40E5-A6D5-18E003B84327}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |

"{E79025A4-755C-4855-8B6E-FA77A74C64C5}" = protocol=17 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxmon.exe |

"{F2E107BF-64FB-4770-A35A-84D5E92A58D4}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |

"{F3B35046-D1AA-4786-AEA4-61B7CA90AB8E}" = protocol=17 | dir=in | app=c:\users\auchan\appdata\local\temp\7zsb84a.tmp\symnrt.exe |

"TCP Query User{0B0FA1F5-9824-4716-854C-EC002297C05B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{1E7733C9-2A4E-4CDB-A769-32FAE1675A1A}C:\program files\lexmark 3600-4600 series\lxdxmon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxmon.exe |

"TCP Query User{D74EF8A7-C965-4343-840E-BBFAC05C5F91}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{6894EDDC-2DC1-4B8B-9184-861D2D73949A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{6AECE442-1965-46F1-8EDA-CE5EBC27E283}C:\program files\lexmark 3600-4600 series\lxdxmon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 3600-4600 series\lxdxmon.exe |

"UDP Query User{EDA0830D-D72B-42A7-A736-6492AE9B9368}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support

"{0183F4E0-2B34-B591-5738-83FC76C87A14}" = Catalyst Control Center Localization Korean

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier

"{03F1CC67-5BD8-4C36-8394-76311B2AE69A}" = ArcSoft PhotoStudio 5

"{0701BF04-7B0E-7A8E-F26C-04323F3466D3}" = Catalyst Control Center Graphics Previews Common

"{07893099-BC83-FB66-EA99-DF5EC407E446}" = Catalyst Control Center Localization Finnish

"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer

"{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}" = Search Settings 1.2.1

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Barre d'outils

"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office

"{124716B7-62A0-566F-7D83-3CFFBA804283}" = CCC Help Chinese Standard

"{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129

"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor

"{15833C34-C1DB-AD8D-1450-F10A35332585}" = CCC Help Finnish

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{19CE6D7C-31FC-FA8C-CACD-829C34C9664F}" = Catalyst Control Center Localization Polish

"{1D7B2D4C-81C6-5487-16BE-04FF0A3D1ECE}" = CCC Help German

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"{20561C24-E5C2-3F82-754C-AA3AE9FA9616}" = ATI Catalyst Install Manager

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{209108CE-8F84-E0A8-B1B4-164236CF88CD}" = ccc-utility

"{20A089BF-5446-D7F9-F795-A4DD003A4D83}" = CCC Help Japanese

"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller

"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 23

"{2C593FF4-50CD-4790-8AAE-52E557B96AFA}" = CCC Help Spanish

"{30F25CDF-FCF1-907E-B7C9-962932163BA9}" = CCC Help Russian

"{3201EAFA-B950-EEF7-7EA9-60619D77E503}" = Catalyst Control Center Graphics Light

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{32621722-017F-7B1D-0DC3-EF1173FCF91D}" = Catalyst Control Center Localization Thai

"{348D10E8-5346-0285-D517-662E278B2EA0}" = Catalyst Control Center Localization Italian

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2

"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup

"{3825057D-0BA7-4A33-F30E-9337C2E236D0}" = Catalyst Control Center Graphics Previews Vista

"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista

"{3A55C011-4D00-8867-CBB6-1228B31789B5}" = Catalyst Control Center Localization Danish

"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module

"{41B80470-ED91-BA55-B261-022EAE1792B4}" = Catalyst Control Center Localization Chinese Standard

"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer

"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4BA62EA4-F90D-4B9F-9D77-864A8F74F4F4}" = Giration

"{4C2C6174-20E4-F973-DE93-371E0894417A}" = Catalyst Control Center Localization French

"{4C64F887-A1DB-E2AD-41EE-52A1E534C7AB}" = Catalyst Control Center Localization Greek

"{4D904393-7FBF-BD78-0978-D8502F9C4A00}" = Catalyst Control Center Localization Portuguese

"{4FD74810-817D-6E6C-03D8-CE5225C72348}" = Catalyst Control Center Localization Spanish

"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker

"{558FF444-F562-4E4C-98BD-7B20EE184D2E}" = Catalyst Control Center - Branding

"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements

"{5A4B3122-D87F-D5F5-D67C-94E1D93476AC}" = CCC Help English

"{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser

"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{61C8A2C7-A329-A37D-B3E5-F0F252455F1B}" = Catalyst Control Center Graphics Full Existing

"{61E70B7C-B2E8-67E0-4284-8E3CE5794CFB}" = CCC Help Hungarian

"{64530F96-CFAC-C452-7EE0-99AEE869DBA1}" = CCC Help Dutch

"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV

"{6F930A14-B2B8-3ABD-50F2-0F282D5F832C}" = Catalyst Control Center Graphics Full New

"{6FB0F078-126C-4C2F-014A-95647880F7BE}" = CCC Help Swedish

"{7148F0A8-6813-11D6-A77B-00B0D0142180}" = Java 2 Runtime Environment, SE v1.4.2_18

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{7C9018BB-12EB-CB69-E385-F86298711834}" = CCC Help Turkish

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call

"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module

"{87F6CE5C-5165-8AB6-9680-DC9F8E0439ED}" = Catalyst Control Center Localization Turkish

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8F38334E-1973-4AA3-9E94-957E717DB308}" = Ciel Auto-entrepreneur Facile 2.0

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{924B7593-B3F4-D47E-A72E-60B2EEB2C4E1}" = Catalyst Control Center Localization German

"{94BBD695-79CC-B3FF-33E9-58AE57EC578C}" = CCC Help Korean

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{985DAFC5-78D4-BB31-C349-FD2872FEB5EF}" = CCC Help Greek

"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant

"{9D615069-AA8F-4E89-AE9D-77AAE90F529F}" = ProtectSmart Hard Drive Protection

"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter

"{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}" = Microsoft Antimalware Service FR-FR Language Pack

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A578B344-70B8-9F08-45E7-FB8885A5B97F}" = CCC Help Polish

"{A601A126-664A-3199-3989-416106FA729B}" = Catalyst Control Center Localization Swedish

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder

"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter

"{AAFA9A30-E842-7B49-2BBE-05DF047CB424}" = Catalyst Control Center InstallProxy

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français

"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player

"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder

"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B2CB864F-CB12-7EF5-0B9A-315E3D578EE8}" = CCC Help Italian

"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0

"{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}" = LauncherMA

"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax

"{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}" = ArcSoft PhotoBase 3

"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio

"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C65A2C53-9173-8F8A-9BB0-CA30E60A3FFF}" = ccc-core-static

"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software

"{CDFF4D17-315B-B05E-0BA0-3BE53626EFCD}" = CCC Help Thai

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5

"{D225D111-25D0-36B3-0EFC-7787A9488875}" = Catalyst Control Center Localization Russian

"{D81D0AE5-7D12-4044-94D5-EB7A205D577A}" = FRANCE PROSPECT DECOUVERTE

"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal

"{DF9D968F-2473-A25F-6745-78AD0EB48A68}" = CCC Help Portuguese

"{E04B018C-D011-4F34-B179-1F93AC1C98F8}" = Micro Application - Assistant Etiquettes

"{E0766AD5-FE36-AFBC-359A-16DA8A59FC44}" = Catalyst Control Center Localization Japanese

"{E23B1CF4-87B0-8B1B-67C9-2ABFDD2991A8}" = Catalyst Control Center Localization Norwegian

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware

"{E965B25B-BAD9-4EB3-BB8F-E3B82C0749C9}" = CCC Help French

"{E9B21DFF-9E4C-98FC-9ADB-DCC4C07628CB}" = CCC Help Chinese Traditional

"{EA6A73CD-4107-34AA-812A-E2F3ED1318A8}" = Skins

"{EABC9B4F-6DA1-2E8B-CEDD-E67E427F2E67}" = CCC Help Danish

"{EC9A5560-9BF9-A22E-DE04-FE890547D130}" = Catalyst Control Center Localization Czech

"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition

"{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}" = HP MediaSmart SmartMenu

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F3A88294-F0C5-66FF-EF03-025D44C86184}" = CCC Help Czech

"{FA017B85-B68B-8BD6-60EE-7DD3A6A2A52F}" = Catalyst Control Center Core Implementation

"{FC974C09-8418-BD5B-ACCA-0F436E4D1D57}" = CCC Help Norwegian

"{FDE60234-1626-10F7-F547-FF97B5E76CDB}" = Catalyst Control Center Localization Hungarian

"{FF4D4CC0-858A-A446-567A-0FFB56D9EA92}" = Catalyst Control Center Localization Chinese Traditional

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"ALUpdate_is1" = ALTools Update

"AnyBizSoft PDF to Word (Build 2.0.0.12)_is1" = AnyBizSoft PDF to Word

"CCleaner" = CCleaner

"Code de la Route Deluxe" = Code de la Route Deluxe

"Defraggler" = Defraggler

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"EasyBits Magic Desktop" = Magic Desktop

"Ethylotest_ID_is1" = Ethylotest

"FileZilla Client" = FileZilla Client 3.3.5.1

"FotoMix" = Digital Photo Software FotoMix 6.1.1

"Free Video Converter_is1" = Free Video Converter V 2.9

"GIF Animator" = Microsoft GIF Animator

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV

"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series

"Lexmark Fax Solutions" = Solutions de télécopie Lexmark

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Microsoft Security Essentials" = Microsoft Security Essentials

"Nvu_is1" = Nvu 1.0

"PhotoFiltre" = PhotoFiltre

"Picasa 3" = Picasa 3

"PrintPratic" = PrintPratic

"Quick Zip_is1" = Quick Zip 4.60.019

"Sécu - Pack 2005 MPSRA" = Sécu - Pack 2005 MPSRA

"Sécu - Pack MPSRA 2006" = Sécu - Pack MPSRA 2006

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Web Creator Pro 5" = LMSOFT Web Creator Pro 5

"WildTangent hp Master Uninstall" = My HP Games

"WinLiveSuite_Wave3" = Installation Windows Live

"XHeader" = XHeader

"XHeader Bonus Download" = XHeader Bonus Download

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"ANNUCAPT" = ANNUCAPT

"EMA" = EMA

"WINLASSIE" = NEWLAS

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 25/03/2010 08:26:31 | Computer Name = PC-de-auchan | Source = EventSystem | ID = 4621

Description =

 

Error - 25/03/2010 11:16:31 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10

Description =

 

Error - 25/03/2010 14:21:25 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10

Description =

 

Error - 26/03/2010 00:13:41 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10

Description =

 

Error - 26/03/2010 00:31:58 | Computer Name = PC-de-auchan | Source = EventSystem | ID = 4621

Description =

 

Error - 26/03/2010 06:08:50 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10

Description =

 

Error - 26/03/2010 06:20:28 | Computer Name = PC-de-auchan | Source = EventSystem | ID = 4621

Description =

 

Error - 26/03/2010 10:36:56 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10

Description =

 

Error - 26/03/2010 14:18:48 | Computer Name = PC-de-auchan | Source = EventSystem | ID = 4621

Description =

 

Error - 26/03/2010 18:05:44 | Computer Name = PC-de-auchan | Source = WinMgmt | ID = 10

Description =

 

[ OSession Events ]

Error - 01/11/2009 05:28:27 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 14/01/2010 08:49:05 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 25/01/2010 05:46:58 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 01/03/2010 10:46:25 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 20/10/2010 05:22:06 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 04/11/2010 05:22:18 | Computer Name = PC-de-auchan | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 17/11/2010 09:51:00 | Computer Name = laroutepourtous | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application

Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 25321 seconds with 19320 seconds of active time. This session ended with

a crash.

 

Error - 30/11/2010 12:39:54 | Computer Name = laroutepourtous | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 14/12/2010 03:52:27 | Computer Name = laroutepourtous | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 15/12/2010 09:44:59 | Computer Name = laroutepourtous | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28

seconds with 0 seconds of active time. This session ended with a crash.

 

[ System Events ]

Error - 03/01/2011 13:18:41 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12

Description = Le périphérique 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0428)

a disparu du système sans que sa suppression ait tout d'abord été préparée.

 

Error - 03/01/2011 15:34:01 | Computer Name = laroutepourtous | Source = Print | ID = 6161

Description = Impossible d'imprimer le document http://forum.zebulon.fr/pup-dealio-42-infections-t182034.html&g

appartenant à auchan sur l'imprimante Lexmark 3600-4600 Series. Essayez de réimprimer

le document ou redémarrez le spouleur d'impression. Type de données : LEMF. Taille

du fichier spouleur en octets : 1101158. Nombre d'octets imprimés : 0. Nombre de

pages dans le document : 13. Nombre de pages imprimées : 2. Ordinateur client :

\\LAROUTEPOURTOUS. Code d'erreur Win32 retourné par le processeur d'impression :

0. Opération réussie.

 

Error - 04/01/2011 03:09:07 | Computer Name = laroutepourtous | Source = Service Control Manager | ID = 7000

Description =

 

Error - 04/01/2011 03:09:07 | Computer Name = laroutepourtous | Source = Service Control Manager | ID = 7009

Description =

 

Error - 04/01/2011 03:09:07 | Computer Name = laroutepourtous | Source = Service Control Manager | ID = 7000

Description =

 

Error - 04/01/2011 03:10:30 | Computer Name = laroutepourtous | Source = Service Control Manager | ID = 7022

Description =

 

Error - 04/01/2011 03:13:24 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12

Description = Le périphérique 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0128)

a disparu du système sans que sa suppression ait tout d'abord été préparée.

 

Error - 04/01/2011 03:13:24 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12

Description = Le périphérique 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0228)

a disparu du système sans que sa suppression ait tout d'abord été préparée.

 

Error - 04/01/2011 03:13:25 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12

Description = Le périphérique 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0328)

a disparu du système sans que sa suppression ait tout d'abord été préparée.

 

Error - 04/01/2011 03:13:25 | Computer Name = laroutepourtous | Source = PlugPlayManager | ID = 12

Description = Le périphérique 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0428)

a disparu du système sans que sa suppression ait tout d'abord été préparée.

 

 

< End of report >

[lance_yien]

...

- ... c'est le PC de mon conjoint qui l'utilise à titre perso mais aussi pro...

C'est du suicide que de travailler dans de telles conditions. Il y a des pannes irrémédiables, que faites-vous si ça vous arrive?

J'espère que tu as fait une sauvegarde comme recommandé dans mon 1er post.

 

Pour Modio, vous avez dû avoir un portable Samsung. On le désactive en 1er temps dans la manip suivant et voir plus tard quand ta machine est réparée.

 

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

PRC - [2008/09/17 11:36:04 | 000,484,880 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe

[2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions

[2010/06/29 14:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O4 - HKLM..\Run: [sMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

 

:Services

 

:Reg

 

:Files

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

Rapports demandés: OTL.txt

Un changement quelconque (mises à jour etc...)? On supprimera les outils de désinfection dans la prochaine étape

[sylwya]

Bonsoir

 

Nous connaissons le risque d'utiliser le même PC pour le privé et le pro, mais malheureusement pour l'instant nous ne pouvons investir dans un PC pour l'activité qui débute seulement. Et de plus, nous nous interrogeons sur prendre Microsoft ou MAC ? Car manque semble moins infecté mais voilà est-ce que tout est compatible avec (administration sites, forum, logiciels)? J'irai jeter un oeil sur le forum Zebulon dédié à cela.

 

Voici le log OTL. Merci

 

 

 

All processes killed

========== OTL ==========

No active process named SMSTray.exe was found!

C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} folder moved successfully.

C:\Users\auchan\AppData\Roaming\mozilla\Extensions folder moved successfully.

Folder C:\Users\auchan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ deleted successfully.

C:\Program Files\Lexmark Toolbar\toolband.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found.

File C:\Program Files\Lexmark Toolbar\toolband.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found.

File C:\Program Files\Lexmark Toolbar\toolband.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found.

File C:\Program Files\Lexmark Toolbar\toolband.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SMSTray deleted successfully.

C:\Program Files\Samsung\EmoDio\SMSTray.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut deleted successfully.

C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut deleted successfully.

C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdatePDIRShortCut deleted successfully.

C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdatePSTShortCut deleted successfully.

C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: auchan

->Temp folder emptied: 20497240 bytes

->Temporary Internet Files folder emptied: 21220818 bytes

->Java cache emptied: 38759772 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 1507 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

->Temp folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 533507 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 154842 bytes

 

Total Files Cleaned = 77,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: auchan

->Flash cache emptied: 0 bytes

 

User: Default

 

User: Default User

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.20.1 log created on 01042011_184622

 

Files\Folders moved on Reboot...

C:\Users\auchan\AppData\Local\Temp\ehmsas.txt moved successfully.

File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE307.tmp not found!

File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE30D.tmp not found!

File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE33C.tmp not found!

File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE342.tmp not found!

File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE75A.tmp not found!

File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE761.tmp not found!

File\Folder C:\Users\auchan\AppData\Local\Temp\~DFE9FC.tmp not found!

File\Folder C:\Users\auchan\AppData\Local\Temp\~DFEA02.tmp not found!

C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y99TIYCQ\afr[1].htm moved successfully.

C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y99TIYCQ\pup-dealio-42-infections-t182034[1].htm moved successfully.

C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X8TE1LYM\AP_ADV_728x90[1].htm moved successfully.

C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LJ5AGVZQ\AP_CPL_728x90[1].htm moved successfully.

C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\06XDVPVK\ban_home_728x90[1].htm moved successfully.

C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

C:\Users\auchan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.

File\Folder C:\Windows\temp\TMP000000034A22E56AA2D65FDB not found!

 

Registry entries deleted on Reboot...

[lance_yien]

Bonjour sylwya,

 

Désolé pour le choix entre Windows et Mac, je suis incapable de t'aider.

 

OK, maintenant que ta machine ne semble plus avoir de signe d'infection voici la suite

 

>>> Supprimer les utilitaires:

- Pour supprimer ComboFix, cliquer sur Démarrer => Exécuter et saisir (ou copier/ coller) ComboFix /Uninstall (espace entre "ComboFix" et "/Uninstall"). Cliquer sur OK.

Ce qui a pour effet de supprimer ComboFix ainsi que les dossiers/ fichiers qu'il a installé et ré-initialiser les points de restauration.

- Lancer OTL et cliquer sur Purge outils. Laisser faire et redémarrer le PC.

- Pour supprimer les autres utilitaires et leur rapports, cliquer-droit dessus => "Supprimer".

 

 

>>> Mises à jour: Aucun rapport ne montre un retard dans les mises à jour de Windows, alors j'ai pensé qu'il y a un problème d'ouverture de session qu'on peut vérifier comme ceci:

- Redémarrer le PC et se connecter comme Administrateur.

- Faire les mises à jour suivantes:

• Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32 ou 64 bits): Téléchargements Java pour tous les systèmes d'exploitation.
   
  
  

  
   
  Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
  Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".
  Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône .
  Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
  Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.
  

• Adobe Acrobat Reader n'est pas à jour. La désinstaller et télécharger la dernière version ici (Décocher la case Inclure dans votre téléchargement).

- Si ça fonctionne, essayer les Windows updates depuis "Démarrer" => "Tous les programmes".

- Si toujours OK, télécharger Avira et l'installer après avoir désinstallé MSE.

 

Tiens-moi au courant, la suite sera selon...

[sylwya]

Bonjour Lance_yien

 

Impossible de désinstaller Java 6 update 7 "erreur interne 2753 RegUtils"

Update 23 ok

Adobe OK

Impossible Windows Update : erreur 80070490

Impossible désinstaller MSE : erreur 0x80070643, pour MSE est-il possible que je le désactive de façon permanente et que j'installe et utilise Avira ?

OTL et ComboFix OK

 

Qu'entends-tu par "se connecter comme Administrateur" nous ne le sommes pas d'office ?

 

Merci

[lance_yien]

...

Qu'entends-tu par "se connecter comme Administrateur" nous ne le sommes pas d'office ?

 

Oui s'il n'y a qu'un seul utilisateur. Si c'est le cas laisse tomber.

Les erreurs semblent concerner des permissions, c'est pour cette raison que j'ai voulu faire les manips sous le compte Administrateur.

 

Oui il est possible de désactiver MSE etc mais l'idéal est d'arriver à réparer ce qui ne va pas. On essaie tout ce qu'on peut.

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau Zeb-Restore depuis ici et le dé-zipper (clic-droit => "Extraire ici").

Cliquer-droit sur Zeb-Restore.exe => "Exécuter en tant qu'Admin", cocher les cases suivantes:

- Panneau de config

- Ajout-Suppression...

- Policies

- Windows update

 

... et cliquer sur le bouton "Restaurer"

 

Redémarrer et vérifier ce que ça donne!