[RESOLU] HDD tourne et bloque l'ordi

[letitive]

Bonjour à tous,

 

@letitive,

 

---

Très Important!

 

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

 

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions,

• Lire la totalité du message.
  
• Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
  Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  
• Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  
• Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  
• NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.
  

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

---

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

• ComboFix© (par sUBs) depuis ici ou ici
• Security Check (par screen317) depuis ici ou ici.

 

>>> Utiliser ComboFix: Fermer toutes les applications et fenêtres ouvertes, désactiver antivirus/ pare-feu/ antispyware et cliquer ComboFix.exe. Suivre les instructions.

Accepter l'Agrément de la licence et l'installation de la Console de Récupération (proposée sous XP si pas installée).

NE PAS TOUCHER la machine avant la fin (même si les choses semblent ne pas avancer).

 

Quand c'est fini, un rapport (ComboFix.txt) s'affiche. Il est sauvegardé, automatiquement, à la racine de la partition système (généralement C:\)

Poster son contenu.

 

 

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

 

 

Rapports demandés:

• ComboFix.txt
• checkup.txt

Encore d'autres symptômes à vérifier?

 

 

 

Bonjour,

Merci de m'aider à résoudre mes problèmes.

 

1 - Sauvegarde de "mes documents" : fait

en faisant la sauvegarde sur D: j'ai découvert un répertoire "erUBK_Folder" que je n'avais pas vu avant. Vous savez ce que c'est ?

2 - Désactivation parefeu et antivirus de bit defender

 

3 - Combofix, redémarre ordi et sort son rapport : Cijoint.fr - Service gratuit de dépôt de fichiers

 

4 - SecurityCheck.exe, sort son rapport : Cijoint.fr - Service gratuit de dépôt de fichiers

 

5 - Activation parefeu et antivirus de bit defender

 

Que pensez-vous de ces rapports ?

 

Merci encore.

[lance_yien]

- Merci de coller directement les rapport ici comme demandé.

- Pour répondre, cliquer sur "Ajouter une réponse" et non sur l'autre bouton. Je n'ai pas besoin de relire mes messag.

Relis la note "Très Important!" dans mon 1er message.

 

>>> Analyse de fichier(s):

• Copier la 1ère ligne de la liste suivante et aller sur le site Jotti.
   
  c:\windows\system32\bda18.tmp
  c:\windows\system32\bdaB.tmp
  c:\windows\system32\SETB0.tmp
   
  
• Cliquer sur Parcourir....
  
• Dans la nouvelle fenêtre, cliquer-droit dans "Nom du fichier" => "Coller" puis cliquer sur "Ouvrir".
  
• Cliquer sur Envoyer et laisser faire l'analyse.
  
• A la fin cliquer-droit sur le bouton Votre lien permanent... => "Copier l'adresse du lien".
  Ouvrir le bloc-note et cliquer-droit => "Coller"
  
  

  
  

• Recommencer avec l'autre ligne de ma liste en cliquant sur le bouton "Prochain fichier" et coller l'adresse dans le bloc-note.
  

Copier le contenu du bloc-note et le coller dans la prochaine réponse.

 

Si Jotti est surchargé, aller sur Virustotal,

[letitive]

Bonsoir,

 

ok, excuse.

 

ci-dessous les 3 liens

 

bda18.tmp - Le scanner antivirus de Jotti

 

bdaB.tmp - Le scanner antivirus de Jotti

 

SETB0.tmp - Le scanner antivirus de Jotti

 

en synthèse rien trouvé.

 

Que fais-je maintenant ?

 

Merci

[lance_yien]

Bonjour,

 

En effet "Rien trouvé" et c'est tant mieux

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

>>> Ré-utiliser Malwarebytes' Anti-Malware exactement comme indiqué ci-dessous:

Fermer tout et relancer Malwarebytes' Anti-Malware depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

 

 

Patienter jusqu'à la fin (affichage du message ci-dessous)

 

 

Cliquer sur OK, pour fermer ce message.

 

- Cliquer sur "Afficher les résultats" puis sur "Supprimer la sélection".

 

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

 

 

>>> Analyse en ligne: Désactiver antivirus/ parefeu et antispyware et utiliser Internet Explorer pour aller ICI.

• Cliquer sur le bouton vert ESET Online Scanner, cocher la case "YES, I accept the Terms of Use" et cliquer sur Start.
  
• Accepter l'installation de l'ActiveX.
  
• Cocher "Scan archives", DEcocher "Remove found threats" et cliquer Start.
  
• Eset téléchargera la base de données et commencera le scan. Le laisser finir son scan.
  
• Ensuite, cliquer sur "List of found threats"
  
• Cliquer sur "Export to text file..." et sauvegarder les résultats sur le Bureau en le nommant "scan-results" pour les copier/coller ici.
  
• Cliquer sur et cocher la case Uninstall application on close pour supprimer ESET Online Scanner de la machine.

Cliquer sur et coller ici le rapport.

 

Rapports demandés:

• Malwarebytes Anti-Malware log
• scan-results

As-tu encore des soucis?

[letitive]

Bonsoir,

Ci-joint le scan :

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 5631

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

28/01/2011 19:14:17

mbam-log-2011-01-28 (19-14-17).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 153134

Temps écoulé: 8 minute(s), 33 seconde(s)

 

Processus mémoire infecté(s): 2

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 3

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 2

 

Processus mémoire infecté(s):

c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 332 -> Not selected for removal.

c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 2236 -> Not selected for removal.

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\FICHIERS COMMUNS\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal.

 

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal.

c:\program files\fichiers communs\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal.

 

 

 

Les "PUP.Dealio) -> Not selected for removal" posent-ils des problèmes ? Si je les efface, il se passe quoi ?

Par exemple Spigot (pdfcreator, je crois, je ne utilise jamais la tool bar )

 

 

Le scan result de Eset

 

C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP26\A0008195.old a variant of Win32/Casino application

C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP27\A0008352.exe a variant of Win32/Casino application

C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP31\A0008763.old a variant of Win32/Casino application

C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP32\A0008811.exe a variant of Win32/Casino application

C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016110.old a variant of Win32/Casino application

C:\System Volume Information\_restore{6B0DEB65-F561-4325-8DB5-D9E61AF012E1}\RP56\A0016129.exe a variant of Win32/Casino application

D:\Telechargement\everest\Everest Poker.fr.exe a variant of Win32/Casino application

 

 

Everest Poker.fr.exe est sans doute la source de ces lignes ... y-a-t-il un problème ?

 

Ce soir je n'ai pas remarque de blocage particulier.

 

Dois-je faire des actions supplémentaires suite à ces deux rapports ?

 

Merci.

Bonne journée.

[lance_yien]

Bonjour,

 

Les "PUP.Dealio" indiquent que ta machine est infectée.

Ce types de programmes (ici c'est Delio) sont classés comme indésirables parce que spyware ou tout autres malware. Relancer Malwarebytes' Anti-Malware, tout cocher ce qu'il affiche et cliquer sur Supprimer la sélection.

 

Les lignes commençant par "C:\System Volume Information..." sont des points de restauration que nous effaceront à la fin. Il ne sont pas nuisibles tant qu'on ne restaure pas le système.

 

Oui le dossier "everest" renferme un ou des éléments nocifs. Supprime le dossier complet (en gras): D:\Telechargement\everest

 

Ensuite...

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe.

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

Rapports demandés:

• OTL.txt
• Extras.txt

[letitive]

Bonjour,

 

 

Supprime le dossier complet (en gras): D:\Telechargement\everest : OK FAIT

 

Relancer Malwarebytes' Anti-Malware, tout cocher ce qu'il affiche et cliquer sur Supprimer la sélection. : OK FAIT

 

OTL.txt :

 

 

OTL logfile created on: 30/01/2011 14:11:21 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\yves\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71,33 Gb Total Space | 46,89 Gb Free Space | 65,73% Space Free | Partition Type: NTFS

Drive D: | 71,84 Gb Total Space | 49,17 Gb Free Space | 68,45% Space Free | Partition Type: FAT32

Drive F: | 124,47 Mb Total Space | 40,51 Mb Free Space | 32,55% Space Free | Partition Type: FAT

Drive G: | 981,80 Mb Total Space | 808,79 Mb Free Space | 82,38% Space Free | Partition Type: FAT32

 

Computer Name: ACER-564DF136B7 | User Name: yves | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe

PRC - [2011/01/26 15:17:16 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\yves\Local Settings\Temp\RtkBtMnt.exe

PRC - [2011/01/23 16:29:06 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe

PRC - [2011/01/23 16:29:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010/07/26 12:20:08 | 000,018,272 | ---- | M] (SFR) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe

PRC - [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

PRC - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe

PRC - [2010/03/18 16:25:08 | 001,123,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe

PRC - [2010/03/18 16:04:52 | 001,091,984 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe

PRC - [2010/01/11 14:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe

PRC - [2009/08/19 10:31:42 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\Office\OpenOffice.org 3\program\soffice.bin

PRC - [2009/08/19 10:31:40 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\Office\OpenOffice.org 3\program\soffice.exe

PRC - [2009/02/23 17:52:08 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/10/17 18:59:44 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe

PRC - [2007/07/12 11:36:40 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe

PRC - [2007/07/11 14:07:46 | 000,421,888 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe

PRC - [2007/07/04 11:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

PRC - [2007/06/13 20:55:52 | 000,166,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe

PRC - [2007/05/28 15:56:16 | 000,342,528 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe

PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2007/03/02 11:25:08 | 000,208,896 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe

PRC - [2007/03/01 18:21:52 | 000,024,576 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

PRC - [2007/01/17 11:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

PRC - [2005/01/27 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIABE.EXE

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe

MOD - [2011/01/06 16:00:42 | 000,249,864 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_74\midas32.dll

MOD - [2010/09/18 07:53:24 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll

MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2007/05/28 15:55:16 | 000,024,064 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\MSNChatHook.dll

MOD - [2007/05/28 15:54:22 | 000,077,824 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\ShowErrMsg.dll

MOD - [2007/05/28 15:54:18 | 000,167,936 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\sysenv.dll

MOD - [2007/01/04 15:04:52 | 000,199,168 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\CryptoAPI.dll

MOD - [2006/02/22 11:19:46 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc71u.dll

MOD - [2005/10/11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll

MOD - [2004/08/05 05:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - [2010/07/26 12:20:08 | 000,018,272 | ---- | M] (SFR) [Auto | Running] -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe -- (SFR.DashBoard.Service)

SRV - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)

SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/12 16:40:10 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)

SRV - [2010/01/11 14:02:46 | 000,308,552 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)

SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)

SRV - [2009/02/23 17:52:08 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)

SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)

SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®

SRV - [2007/03/01 18:21:52 | 000,024,576 | ---- | M] ( ) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)

SRV - [2007/01/17 11:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)

SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010/11/23 23:33:58 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)

DRV - [2010/11/23 23:33:58 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)

DRV - [2010/11/23 23:33:57 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)

DRV - [2010/11/23 23:33:57 | 000,111,312 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf)

DRV - [2010/07/22 15:55:48 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)

DRV - [2010/04/23 17:43:52 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)

DRV - [2010/02/22 14:58:40 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)

DRV - [2010/02/03 13:57:36 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)

DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)

DRV - [2008/04/13 19:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)

DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)

DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)

DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008/03/22 20:42:10 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)

DRV - [2007/12/10 17:59:36 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)

DRV - [2007/12/10 17:59:36 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)

DRV - [2007/12/10 17:59:34 | 000,014,120 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)

DRV - [2007/09/21 05:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2007/09/07 11:16:08 | 000,215,904 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)

DRV - [2007/06/05 23:48:58 | 005,761,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)

DRV - [2007/05/30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007/05/28 15:55:20 | 000,060,416 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdvdisk.sys -- (psdvdisk)

DRV - [2007/05/28 15:54:40 | 000,012,800 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdfilter.sys -- (psdfilter)

DRV - [2007/05/02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)

DRV - [2007/03/21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)

DRV - [2007/02/16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

DRV - [2006/12/22 19:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2006/12/22 19:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)

DRV - [2006/12/22 19:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2006/08/28 18:30:04 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)

DRV - [2006/01/20 22:42:38 | 000,017,408 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)

DRV - [2005/01/13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)

DRV - [2001/08/23 17:04:44 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)

DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)

DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)

DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)

DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)

DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)

DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)

DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)

DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)

DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)

DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)

DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)

DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)

DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 EA 94 55 65 5A CA 01 [binary data]

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97

FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p="

 

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/11/24 15:06:47 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/25 00:06:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/23 16:29:18 | 000,000,000 | ---D | M]

 

[2010/11/24 16:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Extensions

[2011/01/23 19:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions

[2010/11/26 14:12:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/01/23 16:13:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2011/01/23 19:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/11/24 23:52:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/22 19:40:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2010/11/24 15:06:47 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2010\BDAPHFFEXT

[2010/11/24 19:04:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2011/01/23 16:29:11 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2011/01/23 16:29:11 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011/01/23 16:29:11 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2011/01/23 16:29:12 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2011/01/23 16:29:12 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2011/01/26 15:16:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)

O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [bDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)

O4 - HKLM..\Run: [bitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)

O4 - HKLM..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()

O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)

O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()

O4 - HKLM..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [EPSON Stylus D88 Series BOX] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()

O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)

O4 - HKCU..\Run: [iSUSPM] C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)

O4 - Startup: C:\Documents and Settings\yves\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.1.lnk = C:\Program Files\Office\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\yves\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (17465059307421696)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/30 14:07:00 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe

[2011/01/30 13:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Menu Démarrer\Programmes\CyberLink PowerDVD

[2011/01/26 19:11:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2011/01/26 15:00:12 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011/01/26 14:58:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2011/01/26 14:58:14 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2011/01/26 14:58:14 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2011/01/26 14:58:14 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2011/01/26 14:58:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2011/01/26 14:57:57 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011/01/25 09:20:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Application Data\vlc

[2011/01/25 09:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN

[2011/01/25 09:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2011/01/24 19:34:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\yves\Mes documents\Mes vidéos

[2011/01/24 19:33:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Mes documents\Humour

[2011/01/24 11:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDFCreator

[2011/01/24 11:11:20 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX

[2011/01/24 11:11:17 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL

[2011/01/24 11:11:17 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL

[2011/01/24 11:11:17 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2FR.DLL

[2011/01/24 11:11:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL

[2011/01/24 11:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator

[2011/01/23 16:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp

[2011/01/23 14:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell

[2011/01/23 14:22:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm

[2011/01/23 14:22:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$

[2011/01/23 14:22:10 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll

[2011/01/23 14:19:35 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2011/01/23 14:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2

[2011/01/23 14:14:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF

[2011/01/23 13:56:00 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys

[2011/01/23 13:55:10 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe

[2011/01/22 22:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

[2011/01/22 22:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/01/22 19:40:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/01/22 19:40:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/01/22 19:40:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/01/21 18:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\Application Data\Malwarebytes

[2011/01/21 18:49:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/01/21 18:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware

[2011/01/21 18:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2011/01/21 18:49:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/01/21 18:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/01/19 21:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\yves\P5JavaClientSettings

[2011/01/03 18:53:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles

[2010/11/23 20:23:17 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll

[12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\Documents and Settings\yves\*.tmp files -> C:\Documents and Settings\yves\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/30 14:07:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\yves\Bureau\OTL.exe

[2011/01/30 13:57:31 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\yves\Application Dataprivacy.xml

[2011/01/30 13:57:16 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/01/30 13:56:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/01/30 13:56:35 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/30 01:11:16 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv

[2011/01/26 15:16:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2011/01/26 15:00:18 | 000,000,328 | RHS- | M] () -- C:\boot.ini

[2011/01/26 11:48:32 | 000,879,047 | ---- | M] () -- C:\Documents and Settings\yves\Bureau\SecurityCheck.exe

[2011/01/26 11:48:24 | 004,160,520 | R--- | M] () -- C:\Documents and Settings\yves\Bureau\ComboFix.exe

[2011/01/26 10:46:39 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk

[2011/01/25 21:40:59 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\Mes dossiers de partage.lnk

[2011/01/23 16:52:20 | 000,346,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/01/23 16:36:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011/01/23 16:30:28 | 000,536,079 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\à effecer.pdf

[2011/01/23 14:30:09 | 000,631,916 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2011/01/23 14:30:09 | 000,529,896 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/01/23 14:30:09 | 000,127,630 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2011/01/23 14:30:09 | 000,098,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/01/23 14:19:18 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2011/01/23 14:19:18 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2011/01/23 14:14:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2011/01/23 01:43:06 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System32\eDataSecurity.dat

[2011/01/20 21:58:04 | 000,016,817 | ---- | M] () -- C:\Documents and Settings\yves\Bureau\pok.odt

[2011/01/20 11:30:47 | 000,001,654 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Everest Poker.fr.lnk

[2011/01/19 15:18:13 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_1

[2011/01/19 12:45:35 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\D2Info0

[2011/01/18 00:41:22 | 000,018,034 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\emotiocne.odt

[2011/01/17 18:26:00 | 000,016,012 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\prix train.ods

[2011/01/17 10:48:09 | 000,023,527 | ---- | M] () -- C:\Documents and Settings\yves\Mes documents\valmond.odt

[2011/01/12 17:37:57 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_2

[2011/01/09 17:44:00 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_3

[2011/01/09 17:26:38 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_4

[2011/01/05 08:22:33 | 000,000,025 | ---- | M] () -- C:\Documents and Settings\yves\Application Data\bdfvconp.ini

[12 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\Documents and Settings\yves\*.tmp files -> C:\Documents and Settings\yves\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/01/26 15:00:18 | 000,000,212 | ---- | C] () -- C:\Boot.bak

[2011/01/26 15:00:15 | 000,263,488 | RHS- | C] () -- C:\cmldr

[2011/01/26 14:58:14 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011/01/26 14:58:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011/01/26 14:58:14 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011/01/26 14:58:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011/01/26 14:58:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011/01/26 11:48:32 | 000,879,047 | ---- | C] () -- C:\Documents and Settings\yves\Bureau\SecurityCheck.exe

[2011/01/26 11:48:15 | 004,160,520 | R--- | C] () -- C:\Documents and Settings\yves\Bureau\ComboFix.exe

[2011/01/23 16:30:25 | 000,536,079 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\à effecer.pdf

[2011/01/23 15:19:29 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk

[2011/01/23 15:19:29 | 000,001,738 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk

[2011/01/23 14:19:11 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\yves\Menu Démarrer\Programmes\Windows Media Player.lnk

[2011/01/23 14:14:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2011/01/23 01:43:06 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\eDataSecurity.dat

[2011/01/20 21:58:03 | 000,016,817 | ---- | C] () -- C:\Documents and Settings\yves\Bureau\pok.odt

[2011/01/18 00:41:22 | 000,018,034 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\emotiocne.odt

[2011/01/17 18:25:59 | 000,016,012 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\prix train.ods

[2011/01/16 20:14:50 | 000,023,527 | ---- | C] () -- C:\Documents and Settings\yves\Mes documents\valmond.odt

[2011/01/05 08:22:33 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\bdfvconp.ini

[2010/12/21 22:27:21 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_5

[2010/12/03 20:21:09 | 002,208,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2010/12/02 01:28:01 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_4

[2010/11/29 01:32:23 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/11/27 18:42:15 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_3

[2010/11/27 13:01:10 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_2

[2010/11/24 22:51:39 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\D2Info0

[2010/11/24 22:51:39 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\yves\Application Data\DofusAppId0_1

[2010/11/24 20:21:09 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2010/11/24 18:47:39 | 000,001,428 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\FASTWiz.html

[2010/11/24 18:42:09 | 000,075,861 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\FASTWiz.log

[2010/11/24 04:02:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini

[2010/11/23 20:26:42 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys

[2010/11/23 20:24:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NATTraversal.dll

[2010/11/23 20:23:17 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll

[2010/11/23 20:19:06 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\yves\Local Settings\Application Data\fusioncache.dat

[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll

[2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

[2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini

[2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini

[2008/03/22 23:58:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/03/22 20:42:40 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll

[2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll

[2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll

[2008/03/22 20:42:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll

[2007/06/05 16:24:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4837.dll

[2007/06/05 15:48:58 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll

[2007/05/28 15:56:14 | 001,411,584 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll

[2007/05/28 15:55:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll

[2007/05/28 15:54:32 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll

[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll

[2007/01/04 15:10:22 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys

[2006/08/28 18:30:04 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys

[2006/03/10 14:18:16 | 000,037,706 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2004/09/06 16:00:02 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/08/05 05:00:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2003/11/24 15:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll

[2003/11/24 15:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll

[2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll

[2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll

[2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll

[2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2011/01/28 19:48:02 | 000,024,140 | ---- | M] () -- C:\bdlog.txt

[2008/03/22 20:42:46 | 000,715,550 | ---- | M] () -- C:\bknowsetup.log

[2010/11/23 20:17:34 | 000,000,212 | ---- | M] () -- C:\Boot.bak

[2011/01/26 15:00:18 | 000,000,328 | RHS- | M] () -- C:\boot.ini

[2004/08/05 05:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2004/09/06 15:40:26 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS

[2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr

[2011/01/30 13:56:35 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys

[2004/09/06 16:00:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2004/09/06 16:00:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/05 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2010/11/23 22:24:13 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2011/01/30 13:56:34 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

[2008/04/09 21:09:28 | 000,006,326 | -HS- | M] () -- C:\Patch.rev

[2007/04/25 23:45:58 | 000,000,631 | ---- | M] () -- C:\PDVD.iss

[2008/03/23 08:05:28 | 000,000,073 | RHS- | M] () -- C:\preload.aaa

[2008/03/23 08:05:28 | 000,000,073 | RHS- | M] () -- C:\Preload.rev

[2008/03/22 20:42:04 | 000,000,595 | ---- | M] () -- C:\RHDSetup.log

[2008/03/22 20:42:46 | 000,000,032 | ---- | M] () -- C:\setup.log

[2008/03/22 20:17:44 | 000,000,004 | ---- | M] () -- C:\wps.dat

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[12 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2004/09/06 15:50:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2004/09/06 15:50:50 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2004/09/06 15:50:50 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

 

< %systemroot%\system32\drivers\*.sys /90 >

[2010/11/23 23:33:57 | 000,111,312 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\system32\drivers\bdfndisf.sys

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

[2010/11/02 16:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-28 15:09:50

 

< End of report >

 

 

Suite prochain message

[letitive]

Suite du précédent :

 

Extras.txt :

 

OTL Extras logfile created on: 30/01/2011 14:11:21 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\yves\Bureau

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71,33 Gb Total Space | 46,89 Gb Free Space | 65,73% Space Free | Partition Type: NTFS

Drive D: | 71,84 Gb Total Space | 49,17 Gb Free Space | 68,45% Space Free | Partition Type: FAT32

Drive F: | 124,47 Mb Total Space | 40,51 Mb Free Space | 32,55% Space Free | Partition Type: FAT

Drive G: | 981,80 Mb Total Space | 808,79 Mb Free Space | 82,38% Space Free | Partition Type: FAT32

 

Computer Name: ACER-564DF136B7 | User Name: yves | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DoNotAllowExceptions" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"5985:TCP" = 5985:TCP:*:Disabled:Gestion à distance de Windows

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA

"{0DFF6117-CBBC-4F5C-9C57-6936644F10D4}" = BitDefender Internet Security 2010

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1

"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807" = CanoScan LiDE 200 Scanner Driver

"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7

"{1F24E48F-7692-4E89-8784-68DD4D2712A0}" = Microsoft SQL Server Native Client

"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 23

"{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{3F900346-A316-BA88-B83C-2513F1260AD7}" = Reg (DOFUS Audio Subsystem)

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management

"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies

"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management

"{5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}" = Dofus

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2

"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack

"{A30179B7-997A-4D47-AA43-57AE59A9C78B}" = Microsoft SQL Server VSS Writer

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components

"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology

"{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X - Français

"{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}" = pdfforge Toolbar v4.1

"{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite

"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger

"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI

"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live

"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FC48747D-095F-4CF6-B54E-37D4F4738A15}_is1" = Gestionnaire de Connexion SFR 3.1

"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2

"CanonSolutionMenu" = Canon Utilities Solution Menu

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP

"Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Dofus

"EPSON Printer and Utilities" = EPSON Logiciel imprimante

"Everest Poker.fr" = Everest Poker.fr (Remove Only)

"GridVista" = Acer GridVista

"Guitar Pro 5_is1" = Guitar Pro 5.2

"HDMI" = Intel® Graphics Media Accelerator Driver

"ie8" = Windows Internet Explorer 8

"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7

"InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.4088

"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow

"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.

"LManager" = Launch Manager

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Microsoft SQL Server 2005" = Microsoft SQL Server 2005

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Pixia_is1" = Pixia 3.3b

"Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Reg (DOFUS Audio Subsystem)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"VLC media player" = VLC media player 1.1.6

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"Windows XP Service" = Windows XP Service Pack 3

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"ZHPDiag_is1" = ZHPDiag 1.27

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 23/01/2011 12:22:44 | Computer Name = ACER-564DF136B7 | Source = MsiInstaller | ID = 10005

Description = Product: Microsoft Office 2007 Primary Interop Assemblies -- Please

install Microsoft Office 2007 before installing this product.

 

Error - 23/01/2011 12:22:44 | Computer Name = ACER-564DF136B7 | Source = MsiInstaller | ID = 1024

Description = Produit : Microsoft Office 2007 Primary Interop Assemblies - La mise

à jour 'Security Update for Microsoft Office PowerPoint 2007 (KB982158)' n'a pas

pu être installée. Code d'erreur 1603. Windows Installer peut créer des journaux

pour faciliter la résolution des éventuelles erreurs d'installation des packages

logiciels. Utilisez le lien suivant pour afficher des instructions concernant l'activation

des journaux : How to enable Windows Installer logging

 

Error - 24/01/2011 07:22:07 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002

Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 24/01/2011 07:22:25 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001

Description = Détecteur d'erreurs -2138425584.

 

Error - 26/01/2011 05:21:48 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002

Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 26/01/2011 05:21:56 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001

Description = Détecteur d'erreurs -2138425584.

 

Error - 26/01/2011 05:24:49 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002

Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 26/01/2011 05:24:52 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001

Description = Détecteur d'erreurs -2138425584.

 

Error - 26/01/2011 07:12:49 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1002

Description = Application bloquée AcroRd32.exe, version 10.0.0.396, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 26/01/2011 07:12:57 | Computer Name = ACER-564DF136B7 | Source = Application Hang | ID = 1001

Description = Détecteur d'erreurs -2138425584.

 

[ System Events ]

Error - 23/01/2011 08:59:43 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service

Pack 3 (KB955706).

 

Error - 23/01/2011 09:20:04 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x80070643 : Microsoft .NET Framework 3.0 : Module linguistique

x86 (KB928416).

 

Error - 23/01/2011 11:36:56 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office

PowerPoint 2007 (KB957789).

 

Error - 23/01/2011 11:40:50 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service

Pack 3 (KB955706).

 

Error - 23/01/2011 12:13:05 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office

PowerPoint 2007 (KB957789).

 

Error - 23/01/2011 12:15:31 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service

Pack 3 (KB955706).

 

Error - 23/01/2011 12:22:48 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x80070643 : Microsoft SQL Server 2005 Express Edition Service

Pack 3 (KB955706).

 

Error - 23/01/2011 12:22:48 | Computer Name = ACER-564DF136B7 | Source = Windows Update Agent | ID = 20

Description = Échec de l'installation : l'installation de la mise à jour suivante

a échoué avec l'erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office

PowerPoint 2007 (KB982158).

 

Error - 26/01/2011 17:12:46 | Computer Name = ACER-564DF136B7 | Source = BROWSER | ID = 8032

Description = Le service Explorateur d'ordinateur a rencontré un nombre d'échecs

trop important en essayant de retrouver la copie de sauvegarde de la liste sur

le transport \Device\NetBT_Tcpip_{0060D964-370E-442D-A455-8544B9585D39}. L'explorateur

secondaire s'arrête.

 

Error - 29/01/2011 17:53:57 | Computer Name = ACER-564DF136B7 | Source = Service Control Manager | ID = 7034

Description = Le service Application Updater s'est terminé de façon inattendue pour

la 1ème fois.

 

 

< End of report >

 

 

 

 

Petits commentaires :

Je n'utilise pas la suite Microsoft Office (même pas installé sur mes PC), mais Open Office ... donc leurs mise à jour je m'en tape.

 

Il y a plusieurs key avec des erreurs : Error: Key error.

il y a plusieurs key avec des File not found.

 

Serait-ce la source de mes problèmes ou y a-t-il autres choses ?

 

Merci de ton aide.

 

Bonne Journée.

[lance_yien]

Bonjour,

 

Pour supprimer les restes de MS Office il faut utiliser leur utilitaire de désinstallation sur leur site sûrement (les autres outils ne voient pas tous les items).

 

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found

[2010/11/24 16:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Extensions

[2011/01/23 19:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions

[2011/01/23 16:13:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2011/01/23 19:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)

 

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}" = -

 

:Services

 

:Files

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

ATTENTION: Les lignes O6 et O7 (en bleu) sont des restrictions. Si c'est toi ou ton Admin qui avez mis ces restrictions ne le inclus pas quan tu colle le script.

 

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

>>> Il y a toujours des programmes qui se lancent INUTILEMENT en même temps que Windows. Télécharger sur le Bureau MBAM' StartUpLite depuis ici.

Double-cliquer sur StartUpLite.exe pour lancer le programme et laisser faire. Il affichera toutes les entrées inutiles en démarrage automatique.

Sélectionner TOUTES les entrées affichées et cliquer sur Continue.

S'il affiche "No unnecessary startups found!", c'est qu'il n'y a rien à faire.

 

 

Rapports demandés:

• OTL.txt

Autres symptômes à vérifier?

[letitive]

Bonjour,

 

ci-joint le rapport OTL :

All processes killed

========== OTL ==========

Service HidServ stopped successfully!

Service HidServ deleted successfully!

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.

C:\Documents and Settings\yves\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.

C:\Documents and Settings\yves\Application Data\Mozilla\Extensions folder moved successfully.

C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} folder moved successfully.

C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.

C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.

C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.

C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.

C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions folder moved successfully.

Folder C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jpors8w0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\ not found.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\locale folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome\content folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.

C:\Program Files\Mozilla Firefox\extensions folder moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.

Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}

C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}\ not found.

========== SERVICES/DRIVERS ==========

========== FILES ==========

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrateur

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 208896 bytes

->Temporary Internet Files folder emptied: 32768 bytes

->Flash cache emptied: 56502 bytes

 

User: LocalService

->Temp folder emptied: 65748 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: yves

->Temp folder emptied: 11767997 bytes

->Temporary Internet Files folder emptied: 116810116 bytes

->Java cache emptied: 7460293 bytes

->FireFox cache emptied: 101772583 bytes

->Flash cache emptied: 150859 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 19569 bytes

%systemroot%\System32 .tmp files removed: 22469890 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 360946 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 932494 bytes

 

Total Files Cleaned = 250,00 mb

 

 

[EMPTYFLASH]

 

User: Administrateur

 

User: All Users

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: LocalService

 

User: NetworkService

 

User: yves

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.20.6 log created on 02122011_142207

 

Files\Folders moved on Reboot...

C:\WINDOWS\temp\Perflib_Perfdata_ff8.dat moved successfully.

 

Registry entries deleted on Reboot...

 

 

 

****

 

Qu'y a-t-il d'autre à faire ?

 

Merci.