Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

"logiciel malveillant bloqué" par avast - RESOLU-


yugm

Messages recommandés

Bjr à "lance-yien"

voici donc le rapport Eset

 

Mon seul problème actuel est d'avoir 1 à 2 fois par jour à l'écran un avertissement du guard avira avec blocage pour ma sécurité de l'accès au fichier autorun du C: ou du D: ou F:........que je supprime à chaque fois

Merci et à +

 

C:\Program Files\LG Electronics\LG PC Suite III\USB Setup\Silent_Uninstall.exe une variante probable de Win32/Agent.GNAJRYT cheval de troie

C:\Program Files\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application

C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application

C:\Program Files\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application

C:\Program Files\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application

C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application

C:\ProgramData\ReviverSoft\RegistryReviver\InstallCache\{E31E4E05-4B6B-42A5-8623-EB530F8147F5}\RegistryReviver.msi une variante de Win32/SlowPCfighter application

C:\Users\All Users\ReviverSoft\RegistryReviver\InstallCache\{E31E4E05-4B6B-42A5-8623-EB530F8147F5}\RegistryReviver.msi une variante de Win32/SlowPCfighter application

Lien vers le commentaire
Partager sur d’autres sites

Bonjour,

 

Ces lecteurs (que tu sites): "... ou du D: ou F:........" n'apparaissent pas dans ton rapport. Tu les as bien insérés et allumé comme demandé?

On contrôle tout ça avec OTL,

 

Désinstaller (depuis "Ajout/ suppression de programmes") ces deux programmes considérés comme rogues: "RegistryBooster" et "RegistryReviver"

Supprimer leur dossiers (en gras) si toujours présents:

C:\Program Files\Uniblue

C:\ProgramData\ReviverSoft

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

 

Brancher et allumer tous les médias amovibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et cliquer-droit sur OTL.exe => "Exécuter en tant qu'Admin".

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

 

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Lien vers le commentaire
Partager sur d’autres sites

Bjr

Je te joins le 1er rapport

OTL logfile created on: 08/05/2011 12:05:05 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\guy\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19048)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 39,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 73,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111,44 Gb Total Space | 61,34 Gb Free Space | 55,04% Space Free | Partition Type: NTFS

Drive D: | 104,90 Gb Total Space | 76,98 Gb Free Space | 73,38% Space Free | Partition Type: NTFS

Drive F: | 465,76 Gb Total Space | 273,37 Gb Free Space | 58,69% Space Free | Partition Type: NTFS

Drive G: | 3,76 Gb Total Space | 3,76 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

 

Computer Name: PC-DE-GUY | User Name: YUG | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/05/08 12:03:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\guy\Desktop\OTL.exe

PRC - [2011/04/29 13:05:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2011/04/29 13:05:05 | 000,442,024 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe

PRC - [2011/04/07 09:00:03 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe

PRC - [2011/03/04 14:38:18 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2011/03/04 14:38:17 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/11/18 20:41:12 | 000,206,120 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

PRC - [2009/09/21 15:02:04 | 003,786,472 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

PRC - [2009/09/21 15:02:00 | 003,451,904 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe

PRC - [2009/09/21 15:01:50 | 003,488,768 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

PRC - [2009/09/21 15:01:41 | 003,673,600 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

PRC - [2009/09/21 14:58:44 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\guy\AppData\Local\Temp\RtkBtMnt.exe

PRC - [2009/05/20 20:18:32 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2008/04/28 13:18:26 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe

PRC - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe

PRC - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

PRC - [2008/03/11 11:53:54 | 005,296,128 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

PRC - [2008/03/07 04:36:12 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

PRC - [2008/03/05 11:56:30 | 001,216,512 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe

PRC - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

PRC - [2008/01/10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe

PRC - [2007/12/11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe

PRC - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe

PRC - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2007/10/03 14:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2007/03/27 12:00:32 | 000,196,608 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Acer VCM\acp2HID.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/05/08 12:03:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\guy\Desktop\OTL.exe

MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/04/29 13:05:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/03/04 14:38:18 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2010/06/14 14:39:26 | 001,053,424 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)

SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)

SRV - [2009/09/21 15:01:50 | 003,488,768 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)

SRV - [2009/05/20 20:18:32 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)

SRV - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)

SRV - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)

SRV - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)

SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2008/01/10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)

SRV - [2007/12/11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

SRV - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011/03/04 14:38:47 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009/12/24 16:19:56 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/04/01 12:12:30] [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})

DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009/09/21 15:01:45 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)

DRV - [2009/05/25 12:12:28 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)

DRV - [2009/05/25 12:12:28 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)

DRV - [2009/05/25 12:12:26 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)

DRV - [2008/07/08 14:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdm.sys -- (lgmdmdm)

DRV - [2008/07/08 14:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM)

DRV - [2008/07/08 14:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdobex.sys -- (lgmdobex)

DRV - [2008/07/08 14:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM)

DRV - [2008/07/08 14:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdfl.sys -- (lgmdmdfl)

DRV - [2008/05/08 19:01:44 | 003,552,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2008/04/27 22:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)

DRV - [2008/03/21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)

DRV - [2008/03/11 13:38:00 | 000,048,128 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)

DRV - [2008/02/29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2008/01/08 21:10:32 | 002,554,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel®

DRV - [2007/12/18 18:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)

DRV - [2007/12/16 17:57:20 | 000,075,776 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)

DRV - [2006/11/02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France

IE - HKLM\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 97 04 A8 DC 6A CA 01 [binary data]

IE - HKCU\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: [email protected]:1.7

FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2

 

 

[2011/02/28 19:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YUG\AppData\Roaming\mozilla\Extensions

[2011/02/28 19:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YUG\AppData\Roaming\mozilla\Extensions\[email protected]

[2010/12/18 18:47:43 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]

 

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Value error. File not found

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Value error. File not found

O3 - HKCU\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [avast5] File not found

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)

O4 - HKLM..\Run: [eRecoveryService] File not found

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)

O4 - HKCU..\Run: [orangeinside] C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (Orange)

O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKLM..\RunOnce: [] File not found

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html ()

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()

O8 - Extra context menu item: envoyer par sms - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html ()

O8 - Extra context menu item: envoyer un mail - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html ()

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)

O8 - Extra context menu item: orange.fr - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html ()

O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()

O8 - Extra context menu item: traduire la page - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html ()

O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()

O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()

O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011/04/14 22:23:37 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2011/04/14 22:24:01 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2011/04/14 22:24:02 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ]

O33 - MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Viewer.exe

O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.dvsd - pdvcodec.dll File not found

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/05/02 10:20:08 | 000,000,000 | ---D | C] -- C:\Users\YUG\AppData\Roaming\Malwarebytes

[2011/05/02 10:19:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/05/02 10:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/05/02 10:19:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/05/02 10:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/04/29 13:21:34 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2011/04/29 13:21:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2011/04/29 13:17:37 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011/04/15 12:22:43 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2011/04/15 12:22:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2011/04/15 12:22:37 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011/04/15 12:22:37 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2011/04/15 12:22:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011/04/15 12:22:37 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011/04/15 12:22:37 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011/04/15 12:22:37 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/04/15 12:22:36 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/04/15 12:22:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011/04/15 12:22:36 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011/04/15 12:22:36 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011/04/15 12:22:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011/04/15 12:22:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011/04/15 12:22:36 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011/04/15 12:22:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011/04/15 12:22:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011/04/15 12:22:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/04/15 12:22:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011/04/15 12:22:27 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll

[2011/04/15 12:22:26 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll

[2011/04/15 12:17:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2011/04/15 12:12:22 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011/04/15 12:12:15 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011/04/15 12:12:15 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011/04/15 00:06:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011/04/15 00:05:11 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2011/04/15 00:05:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/04/15 00:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/04/15 00:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/04/14 22:21:57 | 000,000,000 | ---D | C] -- C:\UsbFix

[2011/04/12 00:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2011/04/12 00:06:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2011/04/12 00:06:25 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2011/04/12 00:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2011/04/12 00:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/05/08 12:08:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/05/08 12:06:59 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{29B4A4A2-E71F-4BB3-91D7-16A36EE731FF}.job

[2011/05/08 12:03:52 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/05/08 12:03:52 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/05/08 12:03:52 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/05/08 12:03:52 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/05/08 12:02:12 | 000,000,398 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job

[2011/05/08 11:47:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/05/08 11:27:32 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/08 11:27:32 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/08 08:17:00 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat

[2011/05/07 20:00:00 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\Registry Winner Schedule.job

[2011/05/07 18:48:00 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/05/07 13:47:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/05/06 08:20:01 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-YUG-Startup.job

[2011/05/06 08:20:01 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\Registry_Doktor.job

[2011/05/06 08:00:07 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml

[2011/05/05 19:59:37 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2011/05/02 10:19:52 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/16 08:16:36 | 000,316,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/04/12 00:06:38 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011/04/11 21:25:51 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/05/08 12:08:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/05/02 10:19:52 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/15 00:07:12 | 000,000,428 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{29B4A4A2-E71F-4BB3-91D7-16A36EE731FF}.job

[2011/04/12 00:06:38 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011/04/08 21:21:13 | 000,000,398 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job

[2010/10/18 11:35:32 | 000,005,056 | ---- | C] () -- C:\ProgramData\drctchbl.xvi

[2010/10/18 11:35:32 | 000,004,110 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik

[2010/10/08 10:57:42 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010/06/02 02:42:42 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2010/04/29 16:12:32 | 000,000,031 | ---- | C] () -- C:\Windows\yesmessenger.ini

[2010/04/22 14:56:51 | 000,000,338 | ---- | C] () -- C:\Windows\yes_messenger.ini

[2009/10/22 00:57:28 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat

[2009/09/24 10:14:18 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat

[2009/09/24 10:14:18 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat

[2009/09/24 10:14:18 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat

[2009/09/24 10:14:18 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat

[2009/09/24 10:14:18 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat

[2009/09/24 10:14:18 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat

[2009/09/24 10:14:18 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat

[2009/09/24 10:14:18 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat

[2009/09/24 10:14:18 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat

[2009/09/24 10:14:18 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat

[2009/09/24 10:14:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat

[2009/09/24 10:14:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat

[2009/09/24 10:14:18 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat

[2009/09/24 10:14:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat

[2009/09/24 10:14:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat

[2009/09/24 10:14:18 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat

[2009/09/24 10:14:18 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat

[2009/09/24 10:14:18 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat

[2009/09/24 10:14:18 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini

[2009/09/24 10:09:09 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4000EFDG.ini

[2009/09/24 09:25:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/09/24 09:25:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009/09/21 17:12:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2009/09/21 15:47:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009/09/21 15:05:51 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll

[2009/09/21 15:05:51 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe

[2009/09/21 15:05:51 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini

[2009/09/21 15:02:13 | 001,548,099 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll

[2008/05/16 07:50:46 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat

[2008/05/16 07:50:46 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2008/05/16 07:50:44 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2008/05/16 07:50:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe

[2008/03/21 13:20:46 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll

[2008/03/21 13:20:46 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll

[2008/03/21 12:41:33 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll

[2008/03/21 12:37:44 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll

[2008/03/21 12:33:29 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini

[2008/03/21 12:33:29 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat

[2008/03/21 12:32:04 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat

[2008/01/21 10:40:50 | 000,679,042 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2008/01/21 10:40:50 | 000,126,626 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2007/11/14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll

[2007/04/24 18:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll

[2006/11/02 14:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 14:47:37 | 000,316,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2005/12/15 06:17:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL

[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2008/03/21 05:12:07 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2009/09/21 15:15:37 | 000,000,020 | ---- | M] () -- C:\Medion.ini

[2004/02/29 17:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp

[2011/05/06 07:59:25 | 3533,369,344 | -HS- | M] () -- C:\pagefile.sys

[2009/09/21 15:08:45 | 000,000,058 | ---- | M] () -- C:\Partition.txt

[2011/05/08 12:08:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2008/03/21 12:33:43 | 000,000,477 | ---- | M] () -- C:\RHDSetup.log

[2011/04/14 22:24:05 | 000,000,000 | ---- | M] () -- C:\UsbFix.txt

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

[2011/02/22 08:16:39 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll

[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2008/01/21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008/01/21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008/01/21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 

< %systemroot%\system32\drivers\*.sys /90 >

[2011/03/04 14:38:47 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2011/02/22 15:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys

[2011/02/22 15:23:59 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys

[2011/02/22 15:24:10 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys

[2011/02/22 15:24:02 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys

[2011/02/18 16:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys

[2011/02/18 16:03:10 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys

[2011/02/18 16:03:06 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-06 06:06:20

 

< >

 

< End of report >

Lien vers le commentaire
Partager sur d’autres sites

et le 2éme

Merci encore

OTL Extras logfile created on: 08/05/2011 12:05:06 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\guy\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19048)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 39,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 73,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111,44 Gb Total Space | 61,34 Gb Free Space | 55,04% Space Free | Partition Type: NTFS

Drive D: | 104,90 Gb Total Space | 76,98 Gb Free Space | 73,38% Space Free | Partition Type: NTFS

Drive F: | 465,76 Gb Total Space | 273,37 Gb Free Space | 58,69% Space Free | Partition Type: NTFS

Drive G: | 3,76 Gb Total Space | 3,76 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

 

Computer Name: PC-DE-GUY | User Name: YUG | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06291F09-D425-424F-AD68-0115C6175234}" = lport=10243 | protocol=6 | dir=in | app=system |

"{07F0F635-A5F7-42AA-BAEE-AEE194356750}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |

"{09077A62-5D1F-4535-84E9-F23F17D14F4E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{15C41F86-12B3-47DD-AA1C-70ECE54601A3}" = lport=445 | protocol=6 | dir=in | app=system |

"{160CB322-9922-44D9-99B2-07A2EC128EEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{1EACBE9B-4FCB-45C9-B524-805163347ABE}" = rport=139 | protocol=6 | dir=out | app=system |

"{1FCA295C-9058-4BAE-BEAC-EB279E4DFD4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |

"{22295743-653A-4C6A-A574-3950B73E15CE}" = rport=2869 | protocol=6 | dir=out | app=system |

"{226801C5-CF4C-467E-9C6E-4CE332353902}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |

"{2E666031-E16E-401F-8EB1-9CCA40B5C696}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2EEEA81E-6A1C-4096-8FAC-5E76E5C9B756}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |

"{33420BE6-7469-46E1-BA1C-23BF6557497E}" = lport=445 | protocol=6 | dir=in | app=system |

"{350D0667-E6A4-4A44-A683-E0CC186E4047}" = lport=2869 | protocol=6 | dir=in | app=system |

"{3A2DFB28-5786-4C1C-9963-F8944A6BE23D}" = rport=138 | protocol=17 | dir=out | app=system |

"{42160FD8-393F-4C08-B299-A8A6640E6298}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{45414DAC-67F8-49BB-89B6-BAF942390688}" = lport=3390 | protocol=6 | dir=in | app=system |

"{45C0E7D4-B839-442A-B872-B66D6AF52557}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |

"{47194D16-7474-49A4-9CCB-5854174B9A18}" = rport=10243 | protocol=6 | dir=out | app=system |

"{56D9CDF5-AEE7-41BE-B7BA-3FE0DD614B4B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{58160860-0702-41D3-A527-388226CABEF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{5D630B31-6414-4A20-98F4-C098B0CBD64F}" = lport=137 | protocol=17 | dir=in | app=system |

"{61FC7F18-37B0-4C22-8B17-57F0452C5720}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{65F169CD-41D6-407B-9BA0-432388EB07A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{6FF6A7FB-B43C-411F-8C8F-CCE9C1B98EE4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{786EB93B-F57E-4934-A1A2-70341D7B1D60}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{78BFDD3A-1FC3-41B4-9A32-8A8B165E38DB}" = rport=10244 | protocol=6 | dir=out | app=system |

"{7A4DD3C6-10AE-445F-90D7-AF0490CD9DDA}" = lport=138 | protocol=17 | dir=in | app=system |

"{7FC25EC1-80F3-498E-AEFB-615E2E04B70F}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe |

"{84975B36-9040-4290-ABFD-61A6D4345BAF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |

"{8B9D35F9-73A1-4B71-A5B8-F76E19D31B34}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{9010076C-2663-4562-BD9D-BD7F66D4A35A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |

"{92E1A326-E442-4199-BCDD-8A8A0323DC81}" = lport=139 | protocol=6 | dir=in | app=system |

"{93F5E78E-DA61-4C1E-8295-025C5F5FF366}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{94A14E1E-CADF-4FC0-8800-4970A5A780F4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{9F82DED6-2FD7-4218-92F2-AB8248E110EB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |

"{9FED5E8A-56CE-47E3-A4D4-4955887A8EF2}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |

"{A0CD45B5-5039-4453-B6DA-1E17C56525C9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{A4631AD5-C8C2-4552-B19F-9D704F961743}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |

"{A4AA5BCE-6580-44F3-AD57-6C38188337C0}" = rport=137 | protocol=17 | dir=out | app=system |

"{A9B35ECB-9E8D-41DA-BA70-AFC30103EC44}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |

"{AA5C105C-C542-4F5C-8A51-7DBC9A8AC022}" = lport=2869 | protocol=6 | dir=in | app=system |

"{AC0F92F3-2177-4679-89A4-12EA0A8C1946}" = lport=10244 | protocol=6 | dir=in | app=system |

"{AE1C84F5-EB32-4A87-8F1A-2BCEA0A439A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{B88FCAD9-BA68-4C6A-B2FD-C8F7510FF29C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{BFBE1358-1D0E-4522-B1BB-4541DFCB0E30}" = lport=445 | protocol=6 | dir=in | app=system |

"{C2FBC7DB-F52E-4D00-A6EE-3BC685C72B42}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe |

"{C7CF4DA9-8029-4695-9095-73A13FBEC617}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

"{C83DF4B2-EDC8-4FD1-84E4-E367A1FF04F7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |

"{CA6E7BD0-6985-41E5-8F73-47B6FED652BD}" = lport=5985 | protocol=6 | dir=in | app=system |

"{DBBC8AC2-EDF3-41AC-8CAE-665963E3E744}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |

"{E50A982D-0696-4CD8-8949-89F44793E7AC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{E5A5B9D1-A109-4B79-BD7E-D12EF7D84F42}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe |

"{E73E95B1-935A-4761-B297-DF8D378D0B09}" = rport=445 | protocol=6 | dir=out | app=system |

"{E772BAE5-7D6C-41D2-8D53-D5FC0F847E61}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{EAA90862-B5F6-4F7F-94D4-13F7802DA836}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |

"{F012488C-5D7D-48B8-8E54-9CE5321B0D85}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{F317F26B-B183-4F3D-B30D-5A5399A95A61}" = lport=80 | protocol=6 | dir=in | [email protected],-50 |

"{FBA5A2D9-020D-4693-8950-E7DA569501B0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{FC73AFF0-3005-45BD-A7BD-D97EBE165161}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe |

"{FD2A158A-F0B4-4FA7-904C-CD3C6A22415B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{FD47ACAD-686C-4308-91FB-501926699E47}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |

"{FE98DB72-C91F-4C1C-84CD-EDD390393199}" = lport=2869 | protocol=6 | dir=in | app=system |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0316ECE0-8979-471B-B681-8F812151A41A}" = protocol=6 | dir=out | app=system |

"{0532BA36-B605-4087-BEC0-7CABBAD9810F}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |

"{0561FF07-60F9-412E-9804-A89F454622AD}" = protocol=1 | dir=out | [email protected],-28544 |

"{06C2FCFC-DE5D-423D-A253-17F8F234A43A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |

"{0BDB4EFA-D7E1-4205-B95E-2094C77804F4}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |

"{0C44DDF6-5CBA-462B-980C-92EA32E88C16}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |

"{1285865A-F82F-47E8-AC5F-DFB1BF1A4F4E}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |

"{12D2DCD0-6D87-4AFE-A0A8-96C7090CB98E}" = protocol=6 | dir=in | app=c:\program files\orange\orangeupdate\service\oucore.exe |

"{169FAD64-6C6C-42C4-9B6F-2D1753F471DF}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |

"{17BB2075-0344-4064-8EC0-90F3D2BAACDA}" = protocol=6 | dir=out | app=system |

"{17CD2994-6FBC-4BA5-9036-42C9DDE86993}" = protocol=58 | dir=in | [email protected],-28545 |

"{19B74D63-7980-458C-B2F1-04E30F0DB515}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{1E886B77-0757-47A0-9AEB-B6671BC7E17A}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |

"{22CA5593-AA1A-4E4C-BD54-1EF276B23D2B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{237BEDA4-D306-4DFF-9CEB-D5FC2775ACEA}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{24398DC6-2730-49BF-9658-86FF293D787F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{281681F8-07D3-4362-A8BC-30A45B40D85B}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |

"{2894340D-95A6-4216-9561-E44710AF5772}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |

"{351D3FE6-4025-4B8B-BBD7-8C489F430654}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |

"{37F3F3FA-D7D5-4D15-9ED0-36003DFF4DC2}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe |

"{417C682D-E65A-4FE5-960B-7EE60ADC0C46}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |

"{47BF15BC-29DF-4BE5-A1D6-7D52783DBEE8}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{4954DC36-416E-416E-90D7-290BC6881B56}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{4EE59E44-DEF4-4DF4-B6D0-8F43AD2A7930}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |

"{508AA1EB-3DF5-489C-9C21-B84987DCC58D}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |

"{55628189-9484-4DA9-8DCB-C5E528FDE4EE}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe |

"{562161D5-6ADE-44C2-BF3F-E68B1BB48BB5}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{5E38C0A7-7502-4D39-B1CA-BC4B35A3AC38}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |

"{62B21C4E-EF6B-4839-93CF-F820AF071C44}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{6C3511D7-6B18-400B-A2DF-80AE98E7EC05}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{7761C3C4-D541-4278-BF2F-B7F17733E222}" = protocol=58 | dir=out | [email protected],-28546 |

"{79917CB4-A3DC-4145-9B30-B2EEFBCFA4B4}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |

"{7BD48571-1985-4162-804A-70344C44FE82}" = protocol=58 | dir=in | [email protected],-148 |

"{7BDD7D71-A30C-4688-B4E6-F0E820DDE2FA}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{8046314B-E16E-434A-9543-74D2569D908F}" = protocol=6 | dir=out | app=c:\windows\system32\msra.exe |

"{8DA87909-1116-4839-8426-963F226C5569}" = protocol=17 | dir=in | app=c:\program files\orange\orangeupdate\service\oucore.exe |

"{90333D8B-5613-4799-8711-0A6C6EE7D7BA}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |

"{95039699-F173-4BD4-8E0F-6EC17142C8B4}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |

"{A111E818-2932-45CF-9513-5F8E30BA71E0}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{A465919E-5CB5-4168-976A-BC2A1C89271A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{BDDE3185-4301-4BC7-84A3-E3F720F83226}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{BFD9C540-A9E9-41C3-8CBF-2DB2E6D7B843}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{D00D0839-8061-4669-889D-EA886FCEC735}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |

"{D02C830D-A5A3-42CA-AB0C-64574576A721}" = protocol=6 | dir=in | app=c:\program files\microsoft works\wksss.exe |

"{D6459749-6CF2-4A77-86C7-93C2A113CC75}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{DA51C2EB-E87D-49AA-A70B-EA1ABEA2048E}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{E1AC2556-362D-476A-954A-9D1A9ED428E1}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe |

"{E702CAD2-48EF-464C-8344-A624A885A95D}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |

"{E9EA1E12-86FE-4769-B649-C29C542E2737}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |

"{EDF0518D-9E51-442A-916B-51E85D5BE5CC}" = protocol=17 | dir=in | app=c:\program files\microsoft works\wksss.exe |

"{EE5CDDDD-2660-49AD-807E-17179F331E5A}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{EFE4943A-A44D-4155-9C86-0659C9066805}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe |

"{F00E00D7-6611-4B86-BA3E-352C76FD90D8}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{F36D27AD-D586-4554-8C09-1864607257EA}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |

"{FCCF3647-3FCB-44C8-BAE8-FF9F7D14C3E9}" = protocol=1 | dir=in | [email protected],-28543 |

"TCP Query User{13D7F936-6699-4059-BC56-8BADA2E4CC91}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

"TCP Query User{3DA929C9-52E5-4524-BD4F-F5B07396B472}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

"TCP Query User{646C4F52-3D95-4463-8751-8B67074FD9B0}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

"TCP Query User{E8EBBDC4-514F-405C-9F09-85F9E13BBA4B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{0E3551A1-C681-40F4-812C-9F9CE4004C79}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

"UDP Query User{2E1AA533-41E3-499A-8EFA-63F5AA2DADE4}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

"UDP Query User{4B745E1F-3EDF-43B3-91AC-F97776C2B390}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

"UDP Query User{D27D7894-AE05-4ACA-90A9-FB5AFE97864F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01C08A7D-4CCD-41F8-B020-4B4BB8C08C68}" = Catalyst Control Center - Branding

"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5000

"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM

"{0A1984C3-5036-5B5F-F18E-16453EF5A6E1}" = Catalyst Control Center Localization Swedish

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool

"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management

"{155BBB23-C7A5-223C-3B33-289089D6E0A2}" = Catalyst Control Center Localization Finnish

"{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19B4BDE9-0F2B-44FF-FDC4-987E1B33D03C}" = CCC Help English

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{24F149E4-D897-9046-48A5-87CD67F81865}" = CCC Help Polish

"{25C1AF96-1F59-A1CE-3135-B38AFAA5C614}" = CCC Help Czech

"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 24

"{26E2E4FB-F26A-549E-5496-14BAE4E2BA67}" = Catalyst Control Center Graphics Full Existing

"{27B7371A-7AA2-CC5B-6377-72161660F0BE}" = CCC Help Chinese Traditional

"{29F3D466-E05F-CBB6-63E9-01C85C083FCD}" = CCC Help French

"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant

"{2CB2E1AE-B62A-3F43-9DD0-EF73467977AC}" = Catalyst Control Center Localization Hungarian

"{30BDD0BE-6A51-6DDD-197D-EFCE3B0EF79D}" = CCC Help German

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0

"{358C26F2-5B99-A7E9-18CF-2AE6BC97289B}" = Catalyst Control Center Localization Czech

"{3C277F75-605E-BFFE-4F87-27709C92370C}" = Catalyst Control Center Localization Portuguese

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4BD4AA8B-3C63-26AB-1CA3-010475A9EA72}" = CCC Help Portuguese

"{5262BAD6-5AB7-1490-A65C-D06368F07FF1}" = Catalyst Control Center Localization Italian

"{53F44183-B716-8D7D-053E-CB8039B38E74}" = CCC Help Hungarian

"{5539EBB1-4BB9-21E5-921B-16E8886639D3}" = Catalyst Control Center Localization Chinese Traditional

"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software

"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management

"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management

"{59996900-0E6C-45B7-8C39-C64CB98462E4}" = Microsoft Web Platform Installer 2.0

"{5A89D38C-B9FE-ECFF-B90E-B9DEC8C8F2D8}" = Catalyst Control Center Localization Greek

"{5B1519C1-265C-C636-C414-F1E150B4F0AA}" = CCC Help Turkish

"{6184B5A4-1355-A8D6-CE24-8F7EE887CBF3}" = CCC Help Norwegian

"{650BDC60-79C7-383B-2E9C-B8FF3909A127}" = Catalyst Control Center Localization Spanish

"{653F6FEA-643C-457F-774A-64D4DAAE1028}" = Catalyst Control Center Graphics Previews Vista

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3

"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{790DA23A-126B-91A9-FAB7-13EF66724253}" = CCC Help Swedish

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{7DBDAAAB-8639-B59D-798A-32458B7380F9}" = Catalyst Control Center Localization Norwegian

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{7E96828D-B970-B1A9-3D9F-7EC3624785D0}" = Catalyst Control Center Localization German

"{7ECBF19A-78EC-1665-7E1C-B3E92B07F7CC}" = CCC Help Japanese

"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{80C1F369-F876-3D19-7816-B7800E7A6961}" = CCC Help Greek

"{827CFE4D-8687-9E1E-0A72-587BFF0B0D3A}" = CCC Help Thai

"{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1" = VSO Image Resizer 4.0.0.42

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer

"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.2

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9AF60AF6-B109-D3A4-4367-B3620CBA37A7}" = CCC Help Finnish

"{9ED61802-0F47-F846-FA23-67CE3E4BD427}" = CCC Help Italian

"{A047FE02-C91C-41CB-898C-4ED21B86025A}" = ToolbarFR

"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management

"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.5

"{A79CB508-2DD7-F717-8787-C6382C274082}" = Catalyst Control Center Graphics Light

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AACF5D06-EF3A-1941-3492-1E60589CA444}" = ccc-utility

"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.3 - Français

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{AE2C968B-8A14-ABA2-D742-14E575104BCD}" = Catalyst Control Center Localization Korean

"{B6988D5B-4325-F1F7-B0E5-C4CCCD01E6B8}" = Catalyst Control Center Localization Thai

"{B734B040-25BB-02CA-39BD-FD6D070EDDAB}" = Catalyst Control Center Localization Danish

"{B86EE516-7CB4-E4C3-8382-010D4F2807F5}" = CCC Help Korean

"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER

"{BB01F512-272A-3C70-DA60-884C8BBC39DD}" = Catalyst Control Center Localization Chinese Standard

"{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}" = EPSON Easy Photo Print

"{BCB0CE1E-7510-3948-4834-99BBA689CF62}" = Catalyst Control Center Core Implementation

"{BD5106DF-C061-5736-F1A5-F114BAA63759}" = CCC Help Russian

"{C03A43DF-CEE0-6D82-D2D3-781CCE1FC24E}" = Catalyst Control Center Localization Japanese

"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III

"{C2EBC2F1-B766-4AE3-A10C-6EBBC1EE3B02}" = Logiciel de Synchronisation Orange

"{C6754E95-9700-45AB-A6C5-668F5F449E27}" = LG Bluetooth Driver

"{C76DAFAE-5E59-44AB-2764-70BC79E0D4B2}" = Skins

"{C8256DAF-828E-7E91-FB83-D900AA8E3C86}" = CCC Help Danish

"{C9429012-1CBE-E0CA-0955-CC53E0F2115F}" = CCC Help Chinese Standard

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CB9B619A-EEA1-BFAB-6CA5-1FC655E2A0DA}" = Catalyst Control Center Localization Turkish

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{D013644E-F890-49A4-0DE9-8E4BBD18A406}" = ATI Catalyst Install Manager

"{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.2.0" = Orange Installeur version 1.2.2.0

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"{D7C49EC6-4DEA-7A7A-860D-78D613C68B8C}" = ccc-core-static

"{E08C03D7-AE05-0458-2D14-78F219316933}" = Catalyst Control Center Localization Dutch

"{E4FD0200-A7DB-2D5A-B5B1-DBC0A184C9B2}" = Catalyst Control Center Localization Russian

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager

"{E9BA4A79-BD4C-52E3-F34F-85B1CC62EE15}" = Catalyst Control Center Localization Polish

"{E9D20FA4-7CA6-F243-A503-CA961CCD2277}" = CCC Help Spanish

"{EF9E54C1-2D5F-DDA8-8E7B-0CD3EF89C8E4}" = Catalyst Control Center Localization French

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F5A630D4-3D7D-6EEC-5DAE-41835DC0A1DA}" = Catalyst Control Center Graphics Full New

"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers

"{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}" = Driver Mender

"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver

"{FD2B6E20-5344-07B4-C210-B57611E02906}" = CCC Help Dutch

"Acer Acer Bio Protection 6.0.00.13" = Acer Bio Protection

 

AAV 6.0.00.13

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Agere Systems Soft Modem" = Agere Systems HDA Modem

"Avanquest_FR Toolbar" = Avanquest FR Toolbar

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"CCleaner" = CCleaner

"conduitEngine" = Conduit Engine

"EPSON Printer and Utilities" = EPSON Logiciel imprimante

"EPSON Scanner" = EPSON Scan

"ESDX4000_4050_CX3900" = ESDX4000_4050_CX3900

"Google Chrome" = Google Chrome

"GridVista" = Acer GridVista

"HOMESTUDENTR" = Version d'évaluation de Microsoft Office Home and Student 2007

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"LManager" = Launch Manager

"MailNotifier" = Notification Mail

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"OrangeToolbar" = barre d'outils Orange

"OrangeUpdateManager" = Orange update

"Picasa 3" = Picasa 3

"TomTom HOME" = TomTom HOME 2.7.6.2056

"Usbfix" = UsbFix By TeamXscript

"VLC media player" = VLC media player 1.1.5

"Yahoo! Toolbar" = Yahoo! Toolbar

"YesMessenger_is1" = YesMessenger 2.4.14

"ZHPDiag_is1" = ZHPDiag 1.24

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Orange Inside" = Orange Inside

 

========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

Lien vers le commentaire
Partager sur d’autres sites

Bonjour,

 

Désinstaller "ConduitEngine" car installe des barres d'outils inutiles et des spyware.

 

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

IE - HKLM\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Value error. File not found

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Value error. File not found

O3 - HKCU\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [avast5] File not found

O4 - HKLM..\RunOnce: [] File not found

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)

O33 - MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Viewer.exe

[2011/05/07 20:00:00 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\Registry Winner Schedule.job

[2011/05/07 13:47:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/05/06 08:20:01 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-YUG-Startup.job

[2011/05/06 08:20:01 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\Registry_Doktor.job

 

:Services

 

:Reg

 

:Files

ipconfig /flushdns /c

C:\WINDOWS\tasks\*.job

C:\*.sqm

C:\Program Files\Avanquest_FR\prxtbAva0.dll

C:\Program Files\ConduitEngine

C:\Windows\tasks\Registry Winner Schedule.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\Registry Reviver-YUG-Startup.job

C:\Windows\tasks\Registry_Doktor.job

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

 

Rapports demandés:

  • OTL.txt

As-tu encore des soucis?

Lien vers le commentaire
Partager sur d’autres sites

Bonsoir lance_yien

Problèmes:en 1 suppression de conduitengine:vu en partie car impossible de le supprimer en F mon disque externe de sauvegarde

en 2-plantage au redémarrage après la correction faite (conseillé :avec démarrage système=arrêt après 2 à 3 mn sur 2 tentatives (grrrr)puis démarrage normal= ouf!ça marche)par contre je n'ai pas de rapport et j'hésite de reprendre le processus

Et j'ai tjrs par moment l'avertissement d'Avira :Autorun.inf bloqué pour sécurité soit sur C ou F.....

 

Merci de me donner la marche à suivre sans me planter

A +

Lien vers le commentaire
Partager sur d’autres sites

Bonjour,Bonjour,

 

Tu as utilisé "UsbFix" vers le 14 Avril d'où ma pensée que c'est la vaccination de tes disques.

 

S'assurer que tous les médias amovibles sont branchés aux mêmes emplacements que lors de l'analyse et sont allumés.

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

IE - HKLM\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Value error. File not found

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Value error. File not found

O3 - HKCU\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [avast5] File not found

O4 - HKLM..\RunOnce: [] File not found

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)

O32 - AutoRun File - [2011/04/14 22:23:37 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2011/04/14 22:24:01 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2011/04/14 22:24:02 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ]

O33 - MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Viewer.exe

[2011/05/07 20:00:00 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\Registry Winner Schedule.job

[2011/05/07 13:47:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/05/06 08:20:01 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-YUG-Startup.job

[2011/05/06 08:20:01 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\Registry_Doktor.job

 

:Services

 

:Reg

 

:Files

C:\WINDOWS\tasks\*.job

C:\*.sqm

C:\Program Files\Avanquest_FR\prxtbAva0.dll

C:\Program Files\ConduitEngine

C:\Windows\tasks\Registry Winner Schedule.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\Registry Reviver-YUG-Startup.job

C:\Windows\tasks\Registry_Doktor.job

C:\autorun.inf

D:\autorun.inf

F:\autorun.inf

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

 

Rapports demandés:

  • OTL.txt

Est-ce mieux?

Lien vers le commentaire
Partager sur d’autres sites

Encore moi,Bonjour

Cette fois ça marche ,mais j'ai encore eu l'avertissement d'Avira après le redémarrage

Pour le rapport ,en fait en ouvrant OTL ce matin il me donne un rapport du 8/05.Je te poste donc les 2 au cas ou...

Merci et A+

 

Rapport du8/05

 

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ deleted successfully.

C:\Program Files\Avanquest_FR\prxtbAva0.dll moved successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{AEEC3B59-CA98-4EBA-A140-57B94E283583} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEEC3B59-CA98-4EBA-A140-57B94E283583}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.

File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast5 deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\orange.fr\logicielsgratuits\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found.

File E:\Viewer.exe not found.

C:\Windows\Tasks\Registry Winner Schedule.job moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\Windows\Tasks\Registry Reviver-YUG-Startup.job moved successfully.

C:\Windows\Tasks\Registry_Doktor.job moved successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

C:\Users\guy\Desktop\cmd.bat deleted successfully.

C:\Users\guy\Desktop\cmd.txt deleted successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

C:\WINDOWS\tasks\SyncBack GUY.job moved successfully.

C:\WINDOWS\tasks\User_Feed_Synchronization-{29B4A4A2-E71F-4BB3-91D7-16A36EE731FF}.job moved successfully.

C:\WINDOWS\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job moved successfully.

File\Folder C:\*.sqm not found.

File\Folder C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

File\Folder C:\Program Files\ConduitEngine not found.

File\Folder C:\Windows\tasks\Registry Winner Schedule.job not found.

File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found.

File\Folder C:\Windows\tasks\Registry Reviver-YUG-Startup.job not found.

File\Folder C:\Windows\tasks\Registry_Doktor.job not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: admin

 

User: Administrator

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: guy

->Temp folder emptied: 2899966 bytes

->Temporary Internet Files folder emptied: 45739941 bytes

->Java cache emptied: 73183770 bytes

->Google Chrome cache emptied: 6116979 bytes

->Flash cache emptied: 9700 bytes

 

User: Public

 

User: YUG

->Temp folder emptied: 75461022 bytes

->Temporary Internet Files folder emptied: 24907649 bytes

->Java cache emptied: 73470106 bytes

->Flash cache emptied: 635 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 42652886 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 8393932 bytes

 

Total Files Cleaned = 337,00 mb

 

 

[EMPTYFLASH]

 

User: admin

 

User: Administrator

 

User: All Users

 

User: Default

 

User: Default User

 

User: guy

->Flash cache emptied: 0 bytes

 

User: Public

 

User: YUG

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.22.3 log created on 05082011_191952

 

Files\Folders moved on Reboot...

File\Folder C:\Users\guy\AppData\Local\Temp\~DF3FCB.tmp not found!

File\Folder C:\Users\guy\AppData\Local\Temp\~DF3FDB.tmp not found!

File\Folder C:\Users\guy\AppData\Local\Temp\~DFAD2F.tmp not found!

File\Folder C:\Users\guy\AppData\Local\Temp\~DFAD4A.tmp not found!

File\Folder C:\Users\guy\AppData\Local\Temp\~DFAD8A.tmp not found!

File\Folder C:\Users\guy\AppData\Local\Temp\~DFAE12.tmp not found!

File\Folder C:\Users\guy\AppData\Local\Temp\~DFB475.tmp not found!

File\Folder C:\Users\guy\AppData\Local\Temp\~DFB56F.tmp not found!

C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KVRUY0XL\read[1].html moved successfully.

C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KVRUY0XL\st[1] moved successfully.

C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G4TIYV7H\ban_home_728x90[1].htm moved successfully.

C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9VLK57V7\AP_ADV_728x90[1].htm moved successfully.

C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4H3SATYI\sendConfirmationReading_frame[1].html moved successfully.

C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\23VLMH18\read_unread_iframe[1].htm moved successfully.

File move failed. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\07GBO19P\=;var41;u=id=4TNIUGYJhkmWVL4VM_6uqg%7C1=5%7C2=1%7C3=86400%7C4=9%7C21=5%7C22=1%7C23=1%7C24=1%7C25=2%7C26=86078%7C8=0%7C9=0%7C10=0%7C%7C;;ord=7636669132966258[1].htm scheduled to be moved on reboot.

C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\07GBO19P\afr[3].htm moved successfully.

C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\07GBO19P\logiciel-malveillant-bloque-par-avast-t184609[1].htm moved successfully.

File move failed. C:\Users\guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

 

 

Rapport du 9/05

 

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{AEEC3B59-CA98-4EBA-A140-57B94E283583} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEEC3B59-CA98-4EBA-A140-57B94E283583}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}\ not found.

File C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast5 not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ not found.

Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\orange.fr\logicielsgratuits\ not found.

File not found.

File not found.

File not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60d8493a-a6b4-11de-9bf5-806e6f6e6963}\ not found.

File E:\Viewer.exe not found.

File C:\Windows\tasks\Registry Winner Schedule.job not found.

File C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found.

File C:\Windows\tasks\Registry Reviver-YUG-Startup.job not found.

File C:\Windows\tasks\Registry_Doktor.job not found.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

C:\WINDOWS\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job moved successfully.

File\Folder C:\*.sqm not found.

File\Folder C:\Program Files\Avanquest_FR\prxtbAva0.dll not found.

File\Folder C:\Program Files\ConduitEngine not found.

File\Folder C:\Windows\tasks\Registry Winner Schedule.job not found.

File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found.

File\Folder C:\Windows\tasks\Registry Reviver-YUG-Startup.job not found.

File\Folder C:\Windows\tasks\Registry_Doktor.job not found.

Folder move failed. C:\autorun.inf scheduled to be moved on reboot.

Folder move failed. D:\autorun.inf scheduled to be moved on reboot.

Folder move failed. F:\autorun.inf scheduled to be moved on reboot.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: admin

 

User: Administrator

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: guy

->Temp folder emptied: 911366 bytes

->Temporary Internet Files folder emptied: 21425924 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 750 bytes

 

User: Public

 

User: YUG

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 108 bytes

 

Total Files Cleaned = 21,00 mb

 

 

[EMPTYFLASH]

 

User: admin

 

User: Administrator

 

User: All Users

 

User: Default

 

User: Default User

 

User: guy

->Flash cache emptied: 0 bytes

 

User: Public

 

User: YUG

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.22.3 log created on 05092011_102054

Lien vers le commentaire
Partager sur d’autres sites

Normalement les 3 dossiers étaient programmés à être supprimés au redémarrage:

 

Folder move failed. C:\autorun.inf scheduled to be moved on reboot.

Folder move failed. D:\autorun.inf scheduled to be moved on reboot.

Folder move failed. F:\autorun.inf scheduled to be moved on reboot

 

A Vérifier après plusieurs redémarrages. Mais tu peux les chercher manuellement après avoir configurer l'options des dossiers cachés.

 

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC:

  • Ta version de Adobe Acrobat Reader n'est pas à jour. La désinstaller et télécharger la dernière version ici (Décocher la case Inclure dans votre téléchargement).

 

>>> Utiliser OTL: Pour un contrôle final, brancher et allumer tous les médias amovibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et lancer OTL.

Sans rien changer ni rien ajouter, cliquer sur le bouton bleu Analyse et laisser faire.

 

Copier/ Coller le contenu du rapport généré.

La prochaine étape sera la dernière.

Lien vers le commentaire
Partager sur d’autres sites

Bjr

A priori ,rien de changer. Vu pour Reader .Voici le rapport

Je reviendrai sans doute sur AV d'Avast en espérant mieux Merci quand même pour ta disponibilité

 

OTL logfile created on: 10/05/2011 12:11:59 - Run 2

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\guy\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19048)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111,44 Gb Total Space | 62,13 Gb Free Space | 55,75% Space Free | Partition Type: NTFS

Drive D: | 104,90 Gb Total Space | 76,34 Gb Free Space | 72,77% Space Free | Partition Type: NTFS

Drive F: | 465,76 Gb Total Space | 269,61 Gb Free Space | 57,89% Space Free | Partition Type: NTFS

Drive G: | 3,76 Gb Total Space | 3,76 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

 

Computer Name: PC-DE-GUY | User Name: YUG | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/05/09 10:24:56 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\guy\AppData\Local\Temp\RtkBtMnt.exe

PRC - [2011/05/08 12:03:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\guy\Desktop\OTL.exe

PRC - [2011/04/29 13:05:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2011/04/29 13:05:05 | 000,442,024 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe

PRC - [2011/04/07 09:00:03 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe

PRC - [2011/03/04 14:38:18 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2011/03/04 14:38:17 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/11/18 20:41:12 | 000,206,120 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

PRC - [2009/09/21 15:02:04 | 003,786,472 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

PRC - [2009/09/21 15:02:00 | 003,451,904 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe

PRC - [2009/09/21 15:01:50 | 003,488,768 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

PRC - [2009/09/21 15:01:41 | 003,673,600 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

PRC - [2009/05/20 20:18:32 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2008/04/28 13:18:26 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe

PRC - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe

PRC - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

PRC - [2008/03/11 11:53:54 | 005,296,128 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

PRC - [2008/03/07 04:36:12 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

PRC - [2008/03/05 11:56:30 | 001,216,512 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe

PRC - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

PRC - [2008/01/10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe

PRC - [2007/12/11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe

PRC - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe

PRC - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2007/10/03 14:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2007/03/27 12:00:32 | 000,196,608 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Acer VCM\acp2HID.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/05/08 12:03:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\guy\Desktop\OTL.exe

MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/04/29 13:05:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/03/29 15:41:46 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®

SRV - [2011/03/04 14:38:18 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2010/06/14 14:39:26 | 001,053,424 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)

SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)

SRV - [2009/09/21 15:01:50 | 003,488,768 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)

SRV - [2009/05/20 20:18:32 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)

SRV - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)

SRV - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)

SRV - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)

SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2008/01/10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)

SRV - [2007/12/11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

SRV - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011/03/04 14:38:47 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009/12/24 16:19:56 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/04/01 12:12:30] [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})

DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009/09/21 15:01:45 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)

DRV - [2009/05/25 12:12:28 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)

DRV - [2009/05/25 12:12:28 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)

DRV - [2009/05/25 12:12:26 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)

DRV - [2008/07/08 14:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdm.sys -- (lgmdmdm)

DRV - [2008/07/08 14:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM)

DRV - [2008/07/08 14:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdobex.sys -- (lgmdobex)

DRV - [2008/07/08 14:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM)

DRV - [2008/07/08 14:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdfl.sys -- (lgmdmdfl)

DRV - [2008/05/08 19:01:44 | 003,552,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2008/04/27 22:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)

DRV - [2008/03/21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)

DRV - [2008/03/11 13:38:00 | 000,048,128 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)

DRV - [2008/02/29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2008/01/08 21:10:32 | 002,554,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel®

DRV - [2007/12/18 18:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)

DRV - [2007/12/16 17:57:20 | 000,075,776 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)

DRV - [2006/11/02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 97 04 A8 DC 6A CA 01 [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: [email protected]:1.7

FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2

 

 

[2011/02/28 19:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YUG\AppData\Roaming\mozilla\Extensions

[2011/02/28 19:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YUG\AppData\Roaming\mozilla\Extensions\[email protected]

[2010/12/18 18:47:43 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]

 

O1 HOSTS File: ([2011/05/08 19:22:14 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found.

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)

O4 - HKLM..\Run: [eRecoveryService] File not found

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)

O4 - HKCU..\Run: [orangeinside] C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (Orange)

O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\RunOnce: [uninstall Adobe Download Manager] C:\Program Files\NOS\bin\getPlusUninst_Adobe.exe (NOS Microsystems Ltd.)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html ()

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()

O8 - Extra context menu item: envoyer par sms - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html ()

O8 - Extra context menu item: envoyer un mail - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html ()

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)

O8 - Extra context menu item: orange.fr - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html ()

O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()

O8 - Extra context menu item: traduire la page - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html ()

O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\YUG\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()

O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()

O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011/04/14 22:23:37 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2011/04/14 22:24:01 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2011/04/14 22:24:02 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/05/10 11:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2011/05/10 11:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS

[2011/05/10 11:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\NOS

[2011/05/08 19:19:52 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/05/02 10:20:08 | 000,000,000 | ---D | C] -- C:\Users\YUG\AppData\Roaming\Malwarebytes

[2011/05/02 10:19:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/05/02 10:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/05/02 10:19:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/05/02 10:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/04/29 13:21:34 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2011/04/29 13:21:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2011/04/29 13:17:37 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011/04/15 12:22:43 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2011/04/15 12:22:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2011/04/15 12:22:37 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011/04/15 12:22:37 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2011/04/15 12:22:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011/04/15 12:22:37 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011/04/15 12:22:37 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011/04/15 12:22:37 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/04/15 12:22:36 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/04/15 12:22:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011/04/15 12:22:36 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011/04/15 12:22:36 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011/04/15 12:22:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011/04/15 12:22:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011/04/15 12:22:36 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011/04/15 12:22:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011/04/15 12:22:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011/04/15 12:22:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/04/15 12:22:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011/04/15 12:22:27 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll

[2011/04/15 12:22:26 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll

[2011/04/15 12:17:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2011/04/15 12:12:22 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011/04/15 12:12:15 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011/04/15 12:12:15 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011/04/15 00:06:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011/04/15 00:05:11 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2011/04/15 00:05:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/04/15 00:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/04/15 00:05:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/04/14 22:21:57 | 000,000,000 | ---D | C] -- C:\UsbFix

[2011/04/12 00:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2011/04/12 00:06:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2011/04/12 00:06:25 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2011/04/12 00:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2011/04/12 00:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

 

========== Files - Modified Within 30 Days ==========

 

[2011/05/10 12:11:51 | 000,000,398 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job

[2011/05/10 12:09:55 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/05/10 12:09:55 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/05/10 12:09:55 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/05/10 12:09:55 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/05/10 12:09:11 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/10 12:09:11 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/10 11:16:43 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2011/05/10 08:09:28 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml

[2011/05/10 08:09:27 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics

[2011/05/10 08:09:09 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat

[2011/05/09 21:13:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2011/05/08 19:22:14 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts

[2011/05/08 12:08:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/05/07 18:48:00 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/05/02 10:19:52 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/16 08:16:36 | 000,316,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/04/12 00:06:38 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011/04/11 21:25:51 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

 

========== Files Created - No Company Name ==========

 

[2011/05/10 11:16:43 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2011/05/10 11:16:42 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2011/05/09 10:22:38 | 000,000,398 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6E841DC-A458-4EE4-8C13-43F9E7FCE5F6}.job

[2011/05/08 12:08:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/05/02 10:19:52 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/12 00:06:38 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2010/10/18 11:35:32 | 000,005,056 | ---- | C] () -- C:\ProgramData\drctchbl.xvi

[2010/10/18 11:35:32 | 000,004,110 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik

[2010/10/08 10:57:42 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010/06/02 02:42:42 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2010/04/29 16:12:32 | 000,000,031 | ---- | C] () -- C:\Windows\yesmessenger.ini

[2010/04/22 14:56:51 | 000,000,338 | ---- | C] () -- C:\Windows\yes_messenger.ini

[2009/10/22 00:57:28 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat

[2009/09/24 10:14:18 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat

[2009/09/24 10:14:18 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat

[2009/09/24 10:14:18 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat

[2009/09/24 10:14:18 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat

[2009/09/24 10:14:18 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat

[2009/09/24 10:14:18 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat

[2009/09/24 10:14:18 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat

[2009/09/24 10:14:18 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat

[2009/09/24 10:14:18 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat

[2009/09/24 10:14:18 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat

[2009/09/24 10:14:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat

[2009/09/24 10:14:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat

[2009/09/24 10:14:18 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat

[2009/09/24 10:14:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat

[2009/09/24 10:14:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat

[2009/09/24 10:14:18 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat

[2009/09/24 10:14:18 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat

[2009/09/24 10:14:18 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat

[2009/09/24 10:14:18 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini

[2009/09/24 10:09:09 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4000EFDG.ini

[2009/09/24 09:25:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/09/24 09:25:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009/09/21 17:12:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2009/09/21 15:47:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009/09/21 15:05:51 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll

[2009/09/21 15:05:51 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe

[2009/09/21 15:05:51 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini

[2009/09/21 15:02:13 | 001,548,099 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll

[2008/05/16 07:50:46 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat

[2008/05/16 07:50:46 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2008/05/16 07:50:44 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2008/05/16 07:50:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe

[2008/03/21 13:20:46 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll

[2008/03/21 13:20:46 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll

[2008/03/21 12:41:33 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll

[2008/03/21 12:37:44 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll

[2008/03/21 12:33:29 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini

[2008/03/21 12:33:29 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat

[2008/03/21 12:32:04 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat

[2008/01/21 10:40:50 | 000,679,042 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2008/01/21 10:40:50 | 000,126,626 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2007/11/14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll

[2007/04/24 18:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll

[2006/11/02 14:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 14:47:37 | 000,316,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2005/12/15 06:17:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL

[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

 

< End of report >

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...